Log message:
Pullup ticket #2787 - requested by adrianp
base: security update
Revisions pulled up:
- security/base/Makefile 1.24
- security/base/PLIST 1.9
- security/base/distinfo 1.11
- security/base/patches/patch-aa 1.3
---
Module Name: pkgsrc
Committed By: adrianp
Date: Sat Jun 6 11:26:19 UTC 2009
Modified Files:
pkgsrc/security/base: Makefile PLIST distinfo
pkgsrc/security/base/patches: patch-aa
Log message:
4/03/2009 1.4.2 (chandy)
- EmThreats_link opens now in separate browser window -- Juergen Leising
for Micah Gersten
- A new reference "[rule]" points now to base_local_rules.php,
which displays a particular rule for a given rules id (sid).
Prerequisite for this is that "local_rules_dir" in base_conf.php
points to an actually existing and readable/searchable directory which
contains the snort rules. Please note, that a web server
is usually NOT allowed to access any files outside of its
document root. Feature request by Chris Ryan, cf.
https://sourceforge.net/forum/message.php?msg_id=5310420
https://sourceforge.net/forum/message.php?msg_id=5311517
-- Juergen Leising
- Update of base.spec; works with fedora 10 -- Juergen Leising
- I have applied two patches submitted by asavenkov
with regard to the oci8 driver (oracle 10), cf.
https://sourceforge.net/forum/message.php?msg_id=5795641
https://sourceforge.net/forum/message.php?msg_id=5796556
-- Juergen Leising
- The "email-the-alerts"-variables were defined twice at different
locations in base_conf.php. Fixed this. -- Juergen Leising
- Emails from BASE containing one or more alerts include now a
"To:"-header, as well. Bug report no. 2234733 -- Juergen Leising
- $sort_order, once it has been chosen, survives now a possible "action",
even in base_stat_uaddr.php, base_stat_ports.php, base_stat_iplink.php,
base_stat_class.php and base_stat_sensor.php.
Bug no. 2234745. -- Juergen Leising
- The refresh-problem, when an "action" has been taken, is now fixed in
base_stat_uaddr.php, base_stat_ports.php, base_stat_iplink.php,
base_stat_class.php and base_stat_sensor.php, as well.
Bug no. 1681012. -- Juergen Leising
- I have corrected the way ICMP redirect messages are displayed
by BASE, inspired by Bruno G. San Alejo. -- Juergen Leising
- Several preprocessor events that did not get stored in the acid_event
table, so far, are now processed and displayed by BASE. This affects
all those preprocessors which have sig names that do NOT start with
a "spp_" prefix. -- Juergen Leising
- Fixed bug with archiving IP options. -- Juergen Leising
5/14/09 1.4.3 (gabi)
- XSS Flaws fixed in alert groups -- Kevin Johnson
- Possible SQL injection flaw fixed in AG -- Kevin Johnson
- XSS Flaws fixed in base_qry files -- Kevin Johnson
- Multiple XSS flaws fixed in citems -- Kevin Johnson
5/30/09 1.4.3.1 (zig)
- Multiple XSS flaws fixed in User and Role management -- Kevin Johnson
|