2021-10-26 13:18:07 by Nia Alarie | Files touched by this commit (605) |
Log message:
security: Replace RMD160 checksums with BLAKE2s checksums
All checksums have been double-checked against existing RMD160 and
SHA512 hashes
Unfetchable distfiles (fetched conditionally?):
./security/cyrus-sasl/distinfo \
cyrus-sasl-dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d.patch.v2
|
2021-10-07 16:54:50 by Nia Alarie | Files touched by this commit (606) |
Log message:
security: Remove SHA1 hashes for distfiles
|
2015-11-04 02:18:12 by Alistair G. Crooks | Files touched by this commit (434) |
Log message:
Add SHA512 digests for distfiles for security category
Problems found locating distfiles:
Package f-prot-antivirus6-fs-bin: missing distfile fp-NetBSD.x86.32-fs-6.2.3.tar.gz
Package f-prot-antivirus6-ws-bin: missing distfile fp-NetBSD.x86.32-ws-6.2.3.tar.gz
Package libidea: missing distfile libidea-0.8.2b.tar.gz
Package openssh: missing distfile openssh-7.1p1-hpn-20150822.diff.bz2
Package uvscan: missing distfile vlp4510e.tar.Z
Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden). All existing
SHA1 digests retained for now as an audit trail.
|
2013-09-09 08:42:45 by Alistair G. Crooks | Files touched by this commit (4) |
Log message:
Update security/ipv6-toolkit to version 1.4.1
Changes since previous version:
SI6 Networks' IPv6 Toolkit v1.4.1
* frag6: Fixed bug that prevented Ethernet header from being filled
A bug in the code caused Ethernet frames to go on te wire without any of
their header fields completed.
* All: Use of library to avoid code replication
An "libipv6" library was created, such that common functions do \
not need
to be replicated for each tool. ni6, ns6, rs6, and tcp6 now employ such
library.
pkgsrc changes:
* address6 and its man page are no longer installed
* extend the Makefile changes to include the correct linkage for rs6 and tcp6
i.e. include the libipv6 object mentioned above
|
2013-08-31 21:16:51 by Alistair G. Crooks | Files touched by this commit (1) |
Log message:
Remove patch that's no longer needed
|
2013-08-31 21:14:47 by Alistair G. Crooks | Files touched by this commit (2) | |
Log message:
update security/ipv6-toolkit to version 1.4nb1
code was added to fix the compiler uninitialised warning (thanks!),
but the distfile name didn't change since it was packaged originally,
so do the DIST_SUBDIR dance, and bump package version to nb1
|
2013-08-24 18:12:24 by Alistair G. Crooks | Files touched by this commit (4) |
Log message:
Update ipv6-toolkit to version 1.4 from 1.3.4
Pkgsrc changes:
+ quieten warnings from gcc 4.5.3 about uninitialised variables
Distribution changes:
SI6 Networks' IPv6 Toolkit v1.4 release
* frag6: Fixed the flooding option
Fixed the fragment size used when employing the flooding option. It was
prevously sending fragment sizes that where not a multiple of eight, and
hence these fragments were dropped.
* scan6: Added support for 64-bit encoding of IPv4 addresses
Option "--tgt-ipv4" was augmented to support both encodings (32 bit
and 64 bit) of embedded IPv4 addresses.
* tcp6: Fixed response to Neighbor Solicitations
tcp6 was not responding to incomming Neighbor Solicitations. Hence, when
packets were sent from spoofed addresses, tcp6 would never receive the
response packets, because the NSs sent by the local router or target node
would never be responded.
* tcp6: Added support for TCP Window-based attacks
tcp6 can now close the window after sending an app-layer command, and
also "modulate" the TCP window to circumvent trivial mitigations \
for these
attacks ("--window-mode" and "--win-modulate" options).
* tcp6: Support for multiple connection-establishment types
tcp6 can now cause e.g. TCP simultaneous opens (see the "--open-mode"
option).
* tcp6: Support for multiple connection-termination types
tcp6 can now perform multiple connection-termination types (see the
"--close-mode" option).
* tcp6: Support for sending application layer requests
tcp6 can now send application-layer requests with the "--data" option.
* Many improvements to the manual pages.
Fixed the troff encoding of many manual pages. Added ipv6toolkit(7), that
describes a general description of the toolkit.
* All: Fixed bug in link-layer destination address selection
Tools now try to find a local router or perform Neighbor Discovery only
when necessary (i.e., underlying link-layer is *not* loopback or tunnel,
destination address is *not* link-local, and a link-layer destination
address has *not* been specified).
* All: Fixed bug in option handling
Incorrect data type was used for the return value of getopt_long(), thus
leading to problems in some architectures.
* All: Fixed a number of issues with pcap_next_ex()
The timeout parameter of pcap_next_ex() is now based on the platform (the
previous constant value had different semantics in different platforms).
Additionally, handle the case where pcap_next_ex() returns no packets.
* All: General improvements and clean-up
The development process now includes building the toolkit with the clang
compiler (in addition to gcc), which has lead to the identification of a
number of issues.
* All: Improved support for building the toolkit.
The toolkit now contains one makefile for pmake, and another for GNU make.
Added support for the DESTDIR variable. Appropriate paths are selected
based on the value of a number of variables. Configuration file is
dynamically generated, with the right path to the oui.txt file.
|
2013-05-11 23:15:55 by Alistair G. Crooks | Files touched by this commit (2) |
Log message:
Allow this package to be cross-built too - take the compiler from
the environment if it's there.
|
2013-04-18 06:23:17 by Alistair G. Crooks | Files touched by this commit (4) |
Log message:
Update security/ipv6-toolkit from version 1.3.3 to 1.3.4
Changes from previous version:
* IPv6-host tracking support in the scan6 tool.
* A new tool, address6, to analyze IPv6 addresses
* Minor bug fixes
* PDF manual pages have been removed
* additional manual pages
pkgsrc changes:
* patch to avoid "uninitialised variable" warning from compiler
|
2013-03-12 21:32:00 by Alistair G. Crooks | Files touched by this commit (2) | |
Log message:
Update security/ipv6-toolkit to version 1.3.3
This minor update incorporates the "--tgt-known-iids" option, which
can be used to track systems across networks, even if they employ the
so-called "Privacy Address" (and yes, that includes Microsoft Windows
systems).
|