FreshPorts -- The Place For Ports If you buy from Amazon USA, please support us by using this link.
Follow us
Blog
Twitter

I am looking for an LTO tape library. Do you have one to spare?
Port details
pidgin-otr 4.0.0_3 security on this many watch lists=4 search for ports that depend on this port An older version of this port was marked as vulnerable.
Allows deniable private conversations using Pidgin
Maintained by: jgh@FreeBSD.org search for ports maintained by this maintainer
Port Added: 18 Jun 2007 10:55:35
Also Listed In: net-im net
License: GPLv2


Off-the-Record (OTR) Messaging allows you to have private 
conversations over instant messaging by providing:

* Encryption
       No one else can read your instant messages.
* Authentication
       You are assured the correspondent is who you think it is. 
* Deniability
       The messages you send do not have digital signatures that
       are checkable by a third party. Anyone can forge messages
       after a conversation to make them look like they came from
       you. However, during a conversation, your correspondent is
       assured the messages he sees are authentic and unmodified. 
* Perfect forward secrecy
       If you lose control of your private keys, no previous 
       conversation is compromised.

WWW: http://www.cypherpunks.ca/otr/
SVNWeb : Main Web Site : Distfiles Availability : PortsMon

NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.

Required To Build:
  1. net-im/pidgin
  2. devel/gmake
  3. devel/pkgconf
  4. textproc/intltool
Required Libraries:
  1. security/libotr
  2. security/libgcrypt
  3. net-im/libpurple
  4. devel/gettext
  5. accessibility/atk
  6. devel/glib20
  7. devel/pcre
  8. x11-toolkits/gtk20
  9. x11-toolkits/pango
There are no ports dependent upon this port

To install the port: cd /usr/ports/security/pidgin-otr/ && make install clean
To add the package: pkg install security/pidgin-otr


Configuration Options
     No options to configure

Master Sites:
  1. http://distcache.FreeBSD.org/ports-distfiles/
  2. http://www.cypherpunks.ca/otr/

Number of commits found: 42

Commit History - (may be incomplete: see SVNWeb link above for full details)
DateByDescription
30 Jul 2014 03:57:24
Original commit files touched by this commit  4.0.0_3
Revision:363436
pi search for other commits by this committer
security/libgcrypt: 1.5.3_3 -> 1.6.1

- Update to 1.6.1
- Remove some unneeded patches
- Fix pkg-plist
- report configure bug upstream
  https://bugs.g10code.com/gnupg/issue1668
- report API breakage downstream and find that MacPorts had the same issue
  https://rt.cpan.org/Ticket/Display.html?id=97201
- bump PORTREVISION for dependent ports (approx. 100 ports)
- Thanks to exp-run by antoine@ to find ports that break
- patch ports that would otherwise break
  security/shishi with PR 192164 is already committed
  [1] devel/ccrtp
  [2] editors/abiword
  [3] security/p5-Crypt-GCrypt

PR:		191256, 192162 [1], 192163 [2], 192166 [3]
Submitted by:	Carlos Jacobo Puga Medina <cjpugmed@gmail.com>
Approved by:	maintainer timeout, antoine (exp-run), portmgr (implicit)
17 May 2014 16:57:14
Original commit files touched by this commit  4.0.0_2
Revision:354341
tijl search for other commits by this committer
Convert net-im/libpurple (and slave ports net-im/finch and net-im/pidgin)
to "USES=libtool tar:bzip2".  Bump PORTREVISION on all dependent ports
and modernise them as well (USES, LIB_DEPENDS, staging).

audio/pidgin-musictracker:
- Replace LIBS with LDFLAGS.
- Disable static plugin.

net/online-desktop: Remove obsolete patches.

net-im/mbpurple:
- Drop pkgconf dependency.
- Replace post-patch with MAKE_ARGS.
- Use standard do-build.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
25 Feb 2014 02:48:56
Original commit files touched by this commit  4.0.0_1
Revision:345914
jgh search for other commits by this committer
- explicitly depend on libotr.so.5
- while here define license

PR:		186944
Submitted by:	amdmi3
02 Feb 2014 07:39:09
Original commit files touched by this commit  4.0.0_1
Revision:342246
jgh search for other commits by this committer
- support staging
20 Sep 2013 22:55:26
Original commit files touched by this commit  4.0.0_1
Revision:327769
bapt search for other commits by this committer
Add NO_STAGE all over the place in preparation for the staging support (cat:
security)
06 Sep 2013 22:12:02
Original commit files touched by this commit  4.0.0_1
Revision:326555
jgh search for other commits by this committer
- adopt USES for pkgconfig
- adopt new lib_depends format
14 Aug 2013 22:35:54
Refresh Original commit files touched by this commit
Revision:324744  Sanity Test Failure
ak search for other commits by this committer
- Remove MAKE_JOBS_SAFE variable

Approved by:	portmgr (bdrewery)
06 Jul 2013 01:22:57
Original commit files touched by this commit  4.0.0_1
Revision:322360
jgh search for other commits by this committer
- convert USE_GMAKE to USES=gmake
03 May 2013 16:36:41
Original commit files touched by this commit  4.0.0_1
Revision:317220
ehaupt search for other commits by this committer
Chase security/libgcrypt update
24 Apr 2013 18:10:32
Original commit files touched by this commit  4.0.0
Revision:316464
ak search for other commits by this committer
- Convert USE_GETTEXT to USES (part 3)

Approved by:	portmgr (bapt)
26 Feb 2013 23:11:52
Original commit files touched by this commit  4.0.0
Revision:313010
jgh search for other commits by this committer
- take maintainership and drop verify target
08 Oct 2012 10:38:48
Original commit files touched by this commit  4.0.0
Revision:305526
dougb search for other commits by this committer
Throw my ports back in the pool, and make my intentions clear for the
various ports that I've created.

I bid fond fare well
A chapter closes for me
What opens for you?
07 Oct 2012 07:54:18
Original commit files touched by this commit  4.0.0
Revision:305438
dougb search for other commits by this committer
Work around a problem on stable/[89] with libotr generating an
"undefined reference to `__stack_chk_fail_local'" error. None
of the usual remedies work (such as making sure that gcc is used
instead of ld for the linker) so on those releases we simply
disable that option.

pointyhat logs confirm that pidgin-otr (the only consumer of libotr
atm) is failing on 8 and 9 with the same configure error that I am
seeing on 8, so this patch should at least allow it to build on those
releases.

Bump PORTREVISION for libotr to err on the side of caution.

While I'm here, remove a now-spurious mod to the pidgin-otr configure.
08 Sep 2012 07:03:21
Original commit files touched by this commit  4.0.0
Revision:303872
dougb search for other commits by this committer
Update libotr and pidgin-otr to 4.0.0

The main new features in 4.0.0:

* Support v3 of the OTR protocol

* The plugin now supports multiple OTR conversations with the same buddy
  who is logged in at multiple locations. In this case, a new OTR menu
  will appear, which allows you to select which session an outgoing
  message is indended for. Note that concurrent SMP authentications with
  the same buddy who is logged in multiple times is not yet supported
  (starting a second authentication will end the first).

* During a private conversation with a buddy, an incoming unencrypted
  message will now trigger the regular incoming message notifications.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
29 Jul 2012 08:17:33
Original commit files touched by this commit  3.2.1
dougb search for other commits by this committer
Remove my personal web site from MASTER_SITES
26 Jul 2012 07:13:53
Original commit files touched by this commit  3.2.1
dougb search for other commits by this committer
Revert the unauthorized conversion of pkg-config from a proper build dep
to the new macro (r301539). Convert pkg-config to pkgconf.

Add a build dep on pkgconf to pidgin-otr to handle libotr's .pc files
16 May 2012 19:41:27
Original commit files touched by this commit  3.2.1
dougb search for other commits by this committer
Versions 3.2.0 and earlier of the pidgin-otr plugin contain
a format string security flaw. This flaw could potentially be
exploited by a remote attacker to cause arbitrary code to be
executed on the user's machine.

The flaw is in pidgin-otr, not in libotr. Other applications
that use libotr are not affected.
20 Jan 2012 13:07:17
Original commit files touched by this commit  3.2.0_7
 This port version is marked as vulnerable.
dougb search for other commits by this committer
Remove license info
23 Sep 2011 22:26:39
Original commit files touched by this commit  3.2.0_7
 This port version is marked as vulnerable.
amdmi3 search for other commits by this committer
- Add LDFLAGS to CONFIGURE_ENV and MAKE_ENV (as it was done with LDFLAGS)
- Fix all ports that add {CPP,LD}FLAGS to *_ENV to modify flags instead

PR:             157936
Submitted by:   myself
Exp-runs by:    pav
Approved by:    pav
04 Jul 2011 07:55:28
Original commit files touched by this commit  3.2.0_7
 This port version is marked as vulnerable.
dougb search for other commits by this committer
Indicate my preference against bumping PORTREVISION in these ports
without a good reason
03 Jul 2011 11:40:49
Original commit files touched by this commit  3.2.0_7
 This port version is marked as vulnerable.
swills search for other commits by this committer
- Chase the libgcrypt shared lib version
20 Mar 2011 19:42:33
Original commit files touched by this commit  3.2.0_6
 This port version is marked as vulnerable.
dougb search for other commits by this committer
Join the party, remove MD5 from the last of my ports
27 Jul 2010 01:25:20
Original commit files touched by this commit  3.2.0_6
 This port version is marked as vulnerable.
wxs search for other commits by this committer
Chase security/libgcrypt shlib bump.

PR:             ports/148755
Submitted by:   Hirohisa Yamaguchi <umq@ueo.co.jp>
14 Jun 2010 08:22:55
Original commit files touched by this commit  3.2.0_5
 This port version is marked as vulnerable.
dougb search for other commits by this committer
Add LICENSE information to my ports where the right answer is obvious
31 May 2010 02:01:56
Original commit files touched by this commit  3.2.0_5
 This port version is marked as vulnerable.
ade search for other commits by this committer
Bounce PORTREVISION for gettext-related ports.  Have fun, ya'll.
28 Mar 2010 06:47:48
Original commit files touched by this commit  3.2.0_4
 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- update to 1.4.1
Reviewed by:    exp8 run on pointyhat
Supported by:   miwi
05 Feb 2010 11:46:55
Original commit files touched by this commit  3.2.0_3
 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- update to jpeg-8
31 Jul 2009 13:57:52
Original commit files touched by this commit  3.2.0_2
 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- bump all port that indirectly depends on libjpeg and have not yet been bumped
or updated
Requested by:   edwin
24 Mar 2009 19:51:28
Original commit files touched by this commit  3.2.0_1
 This port version is marked as vulnerable.
dougb search for other commits by this committer
Where it matters, update regarding MAKE_JOBS_{UN}SAFE for my ports
06 Jan 2009 13:01:11
Original commit files touched by this commit  3.2.0_1
 This port version is marked as vulnerable.
rafan search for other commits by this committer
- Bump PORTREVISION due to share library version bump in security/libgcrypt

PR:              ports/127478
02 Jul 2008 06:00:05
Original commit files touched by this commit  3.2.0
 This port version is marked as vulnerable.
dougb search for other commits by this committer
Update to version 3.2.0, released June 15th. The configuration and
"OTR button" functionality have been moved to a menu. Also, "Buddy
authentication has been revamped, based on the user study published
in SOUPS 2008." The old authentication methods are still allowed.

This version adds locale files for ar, de, hu, and ru.

Drop the specific library version number for libpurple to
(hopefully) avoid churn down the road.

Assume maintainership, and add my website to MASTER_SITES.

Approved by:    Maintainer timeout
06 Jun 2008 14:01:07
Original commit files touched by this commit  3.1.0_5
 This port version is marked as vulnerable.
edwin search for other commits by this committer
Bump portrevision due to upgrade of devel/gettext.

The affected ports are the ones with gettext as a run-dependency
according to ports/INDEX-7 (5007 of them) and the ones with USE_GETTEXT
in Makefile (29 of them).

PR:             ports/124340
Submitted by:   edwin@
Approved by:    portmgr (pav)
19 Apr 2008 17:56:05
Original commit files touched by this commit  3.1.0_4
  Sanity Test Failure This port version is marked as vulnerable.
miwi search for other commits by this committer
- Remove unneeded dependency from gtk12/gtk20 [1]
- Remove USE_XLIB/USE_X_PREFIX/USE_XPM in favor of USE_XORG
- Remove X11BASE support in favor of LOCALBASE or PREFIX
- Use USE_LDCONFIG instead of INSTALLS_SHLIB
- Remove unneeded USE_GCC 3.4+

Thanks to all Helpers:
        Dmitry Marakasov, Chess Griffin, beech@, dinoex, rafan, gahr,
        ehaupt, nox, itetcu, flz, pav

PR:             116263
Tested on:      pointyhat
Approved by:    portmgr (pav)
02 Mar 2008 05:36:00
Original commit files touched by this commit  3.1.0_3
 This port version is marked as vulnerable.
marcus search for other commits by this committer
Chase the libpurple shared lib version.
13 Dec 2007 13:02:07
Original commit files touched by this commit  3.1.0_2
 This port version is marked as vulnerable.
pav search for other commits by this committer
- Chase libpurple shlib bump

Pointy hat to:  marcus
13 Dec 2007 04:20:54
Original commit files touched by this commit  3.1.0_2
 This port version is marked as vulnerable.
marcus search for other commits by this committer
Update pidgin to 2.3.1, and chase the shared lib version bump.  See
http://developer.pidgin.im/wiki/ChangeLog for the list of changes.
17 Sep 2007 19:48:18
Original commit files touched by this commit  3.1.0_1
 This port version is marked as vulnerable.
marcus search for other commits by this committer
Chase the libpurple shared lib version.
04 Sep 2007 22:35:34
Original commit files touched by this commit  3.1.0
 This port version is marked as vulnerable.
dougb search for other commits by this committer
Unbreak the build by adding an explicit dependency on intltool
23 Aug 2007 21:21:19
Original commit files touched by this commit  3.1.0
 This port version is marked as vulnerable.
dougb search for other commits by this committer
1. Update to 3.1.0
2. Update the MASTER_SITES
3. Add a verify target for the PGP signature, and download the signature
4. Add USE_GMAKE
5. Add an unconditional USE_GETTEXT since there is no way to disable it
6. Update pkg-plist with the *.mo files

Approved by:    maintainer timeout

PR:             ports/115664 (pkg-plist fix)
Submitted by:   Matthias Andree <matthias.andree@gmx.de>
04 Aug 2007 21:45:39
Original commit files touched by this commit  3.0.1_1
 This port version is marked as vulnerable.
marcus search for other commits by this committer
Chase the libpurple shared lib version.
18 Jun 2007 11:07:42
Original commit files touched by this commit  3.0.1
 This port version is marked as vulnerable.
miwi search for other commits by this committer
- Update to 3.0.1
- Update pkg-descr
- Update MASTER_SITES
- Connect to build

PR:             112651
Submitted by:   Mike Smith<perlfu@gmail.com>
18 Jun 2007 10:54:14
Original commit files touched by this commit  3.0.0_2
 This port version is marked as vulnerable.
miwi search for other commits by this committer
- Force commit for notes that's a repocopy.
- Project was renamed

Repocopied by:  marcus

Number of commits found: 42

Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD

This site
What is FreshPorts?
About the authors
FAQ
How big is it?
The latest upgrade!
Privacy
Forums
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
asterisk11Sep 18
squidSep 18
squid33Sep 18
dbusSep 17
nginxSep 16
nginx-develSep 16
phpmyadminSep 13
ossec-hids-clientSep 11
ossec-hids-localSep 11
ossec-hids-serverSep 11
chromiumSep 09
trafficserverSep 05
apache22*Sep 03
apache22-event-mpm*Sep 03
apache22-itk-mpm*Sep 03

8 vulnerabilities affecting 19 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds


Statistics
Graphs
NEW Graphs (Javascript)
Traffic

Calculated hourly:
Port count 24064
Broken 118
Deprecated 49
Ignore 370
Forbidden 4
Restricted 203
No CDROM 94
Vulnerable 21
Expired 1
Set to expire 44
Interactive 0
new 24 hours 8
new 48 hours13
new 7 days24
new fortnight73
new month238

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD
Valid HTML, CSS, and RSS.
Copyright © 2000-2014 Dan Langille. All rights reserved.