Number of commits found: 1825 (showing only 100 on this page)

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11  »  [Last Page]

[NEW PORT] security/dsvpn: Dead Simple VPN

  DSVPN is a Dead Simple VPN, designed to address the most common use case
  for using a VPN with a shared key. It works in 'server' or 'client' mode
  using TCP.

  WWW: https://github.com/jedisct1/dsvpn

New port: security/acmed: ACME client written in Rust

ACMEd is one of the many clients for the Automatic Certificate Management
Environment (ACME), an internet standard (RFC 8555) which allows to
automate X.509 certificates signing by a Certification Authority (CA).

PR:		239968
Submitted by:	Greg V <greg@unrelenting.technology>

Add new port "Bastillion".

Bastillion is an open-source web-based SSH console that centrally manages
administrative access to systems.

A bastion host for administrators with features that promote infrastructure
security, including key management and auditing.

Add rubygem-devise-two-factor30-rails5 3.0.3 (copied from
rubygem-devise-two-factor-rails5)

- Add PORTSCOUT

Remove expired ports:
2019-07-31 security/rubygem-googleauth06: Use security/rubygem-googleauth
instead
2019-07-31 devel/ddd: does not work with modern gdb
2019-07-31 devel/py-pip-tools2: Use devel/py-pip-tools instead
2019-07-31 lang/cint: Abandonware; superseded by lang/cling

Add new port security/lego

Lego is a new let's encrypt client write in Go with
support for number of ACME challenges and no external
dependencies.

PR:		237349
Submitted by:	Matthew Horan <matt@matthoran.com>

[NEW] security/py-muacrypt: Support tool and API for Autocrypt mail agents

  muacrypt is a support tool for implementing Autocrypt Level 1 compliant
  mail agents.

  Autocrypt state is kept in one or more accounts which process and produce
  autocrypt headers from respective incoming and outgoing e-mail. Each
  account is tied to a set of e-mail addresses, specified as a regular
  expression.

  Functionality is exposed through a command line tool muacrypt and a
  Python API obtained through import muacrypt.

  WWW: https://pypi.org/project/muacrypt/

New port: security/cloak

A command line OTP (One Time Password) Authenticator application
written in Rust that generates time-based and counter-based OTP
codes.

WWW: https://github.com/evansmurithi/cloak

New Port: security/modsecurity-nginx

The ModSecurity-nginx connector is the connection point between Nginx and
libmodsecurity
(ModSecurity v3). Said another way, this project provides a communication
channel between Nginx
and libmodsecurity. This connector is required to use LibModSecurity with Nginx.

The ModSecurity-nginx connector takes the form of an Nginx module.
The module simply serves as a layer of communication between Nginx and
ModSecurity.

Notice that this project depends on libmodsecurity rather than ModSecurity
(version 2.9 or less).

WWW: https://github.com/SpiderLabs/ModSecurity-nginx

Sponsored by:	Netzkommune GmbH

Remove expired port:
2019-07-15 security/snortreport: Abandonware

Remove expired ports:
2019-06-30 sysutils/cfengine33: No longer supported upstream
2019-06-30 sysutils/cfengine-masterfiles38: No longer supported upstream
2019-06-30 sysutils/cfengine39: No longer supported upstream
2019-06-30 sysutils/cfengine-masterfiles37: NO longer supported upstream
2019-06-30 sysutils/cfengine37: No longer supported upstream
2019-06-30 net/morebalance: Abandonware and depends on expiring games/libggz
2019-06-30 sysutils/cfengine36: No longer supported upstream
2019-06-30 sysutils/cfengine-masterfiles36: No longer supported upstream
2019-06-30 sysutils/cfengine34: No longer supported upstream
2019-06-30 sysutils/cfengine35: No longer supported upstream
2019-06-30 sysutils/cfengine-masterfiles39: No longer supported upstream
2019-06-30 devel/py-typed-ast12: Use devel/py-typed-ast instead
2019-06-30 devel/rubygem-devise-rails50: Use devel/rubygem-devise (depends on
Rails 5.0) instead
2019-06-30 security/rubygem-devise-two-factor-rails50: Use
security/rubygem-devise-two-factor (depends on Rails 5.0) instead

(Only the first 15 lines of the commit message are shown above )

Add py-pysodium 0.7.2

This is a very simple wrapper around libsodium masquerading as NaCl.

WWW: https://github.com/stef/pysodium

New port: security/afl++

American fuzzy lop is a fuzzer that employs a novel type of compile-time
instrumentation and genetic algorithms to automatically discover clean,
interesting test cases that trigger new internal states in the targeted
binary. This substantially improves the functional coverage for the
fuzzed code.

afl++ is a fork of afl that incorporates all community patches into
a single source distribution.

WWW: https://github.com/vanhauser-thc/AFLplusplus

Changes:	https://github.com/vanhauser-thc/AFLplusplus/blob/2.52c/docs/ChangeLog

Remove expired port:
2019-06-23 security/easy-rsa2: Use easy-rsa 3 instead.

new port: security/openfortivpn

This is a client for PPP+SSL VPN tunnel services.
It works with Fortinet VPN.

security/py-bro-pkg: Rename to security/py-zkg and update to 2.0.0

The project name of upstream has changed from "Bro" to "Zeek". This also
affects the repositories and offered packages.

* Rename the port to security/py-zkg
* Adapt the text references in COMMENT and pkg-{descr,message} accordingly.
* Update to 2.0.0

Changelog:

https://github.com/zeek/package-manager/blob/v2.0.0/CHANGES

PR:		237634
Submitted by:	Shirkdog <mshirk@daemon-security.com> (maintainer)
Reviewed by:	koobs

This is the core component of the python-social-auth
ecosystem, it implements the common interface to
define new authentication backends to third parties
services, implement integrations with web frameworks
and storage solutions.

WWW: https://github.com/python-social-auth/social-core

[NEW] security/py-argon2-cffi: Secure Argon2 password hashing algorithm

Argon2 won the Password Hashing Competition and argon2_cffi is the simplest
way to use it in Python and PyPy:

passlib 1.7.0 and later offers Argon2 support using this library too.

WWW: https://argon2-cffi.readthedocs.io/

Add rubygem-acme-client 2.0.3

acme-client is a client implementation of the ACMEv2 protocol in Ruby.

WWW: https://github.com/unixcharles/acme-client

Remove expired ports:
2019-05-31 multimedia/gmerlin-avdecoder: unused in the ports tree and depends on
vulnerable multimedia/ffmpeg0
2019-05-31 security/racoon2-legacy: No longer supported upstream, use
security/racoon2
2019-05-31 www/pivotx: inactive upstream and does not work with PHP 7
2019-05-31 dns/bind912: Support ends, please move to dns/bind914.
2019-05-31 multimedia/vdr-plugin-softhddevice: unmaintained and depends on
vulnerable multimedia/ffmpeg0

security/p5-Unix-setuid: create port

This module is inspired by File::chdir and File::umask, using a tied
scalar variable to get/set stuffs. One benefit of this is being able to
use Perl's "local" with it, effectively setting something locally.

WWW: https://metacpan.org/release/Unix-setuid

PR:		235732
Submitted by:	Zane C. Bowers-Hadley <vvelox@vvelox.net>

New port: security/picosha2: C++ header-only SHA256 hash generator

security/ismtp: create port

SMTP user enumeration (RCPT TO and VRFY), internal spoofing, and open relay. A
tool that tested for all three and with great flexibility. iSMTP does just
that, making it much easier to knock that process out of the way.

WWW: https://github.com/altjx/ipwn/tree/master/iSMTP

PR:		231920
Submitted by:	Rihaz Jerrin <rihaz.jerrin@gmail.com>

Remove bogus PORTREVISION from security/Makefile

security/acme-client: Remove port

 - the Portable acme-client is no longer maintained upstream

See: https://kristaps.bsd.lv/acme-client/

PR:		238073

security/titan: Rename security/titan -> security/ylva; Update to 1.5

Project renamed by the developer

Reported by:	Niko Rosvall <niko@byteptr.com> (developer)

Lua-bcrypt is a library providing OpenBSD's bcrypt hash function for the Lua
programming language.

WWW: https://github.com/mikejsavage/lua-bcrypt/

PR:		237606
Submitted by:	Manuel Wiesinger <mdw@FreeBSD.org>

New port: security/ridl: Tool to check whether the system is affected by various
attacks

[NEW PORT] security/py-securesystemslib: Cryptographic and general-purpose
routines

securesystemslib supports public-key and general-purpose cryptography,
such as ECDSA, Ed25519, RSA, SHA256, SHA512, etc. Most of the
cryptographic operations are performed by the cryptography and PyNaCl
libraries, but verification of Ed25519 signatures can be done in pure
Python.

WWW: https://github.com/secure-systems-lab/securesystemslib

[1] https://github.com/secure-systems-lab/securesystemslib/issues/166
[2] https://github.com/secure-systems-lab/securesystemslib/issues/167

Remove expired ports:
2019-05-08 databases/ruby-odbc: Broken for more than 6 months
2019-05-08 databases/rubygem-dbd-odbc: Broken for more than 6 months
2019-05-08 devel/dlangui: Broken for more than 6 months
2019-05-08 editors/dlangide: Broken for more than 6 months
2019-05-08 emulators/desmume: Broken for more than 6 months
2019-05-08 emulators/yabause: Broken for more than 6 months
2019-05-08 emulators/yape: Broken for more than 6 months
2019-05-08 games/armagetron: Broken for more than 6 months
2019-05-08 games/boswars: Broken for more than 6 months
2019-05-08 games/ceferino: Broken for more than 6 months
2019-05-08 games/chanta: Broken for more than 6 months
2019-05-08 games/d2x-xl: Broken for more than 6 months
2019-05-08 games/drcreep: Broken for more than 6 months
2019-05-08 games/frobtads: Broken for more than 6 months

(Only the first 15 lines of the commit message are shown above )

Remove expired ports of Haskell libraries.

Approved by:	tcberner (mentor)

2019-04-14 math/hs-integer-logarithms: Haskell libraries are getting pushed out
of the ports tree. If you are using this port for development, consider
switching to cabal sandboxes (old way), cabal new-build (new way), or use
devel/stack. If you believe this port shouldn't be removed, contact
haskell@FreeBSD.org
2019-04-14 math/hs-data-lens-template: Haskell libraries are getting pushed out
of the ports tree. If you are using this port for development, consider
switching to cabal sandboxes (old way), cabal new-build (new way), or use
devel/stack. If you believe this port shouldn't be removed, contact
haskell@FreeBSD.org
2019-04-14 math/hs-half: Haskell libraries are getting pushed out of the ports
tree. If you are using this port for development, consider switching to cabal
sandboxes (old way), cabal new-build (new way), or use devel/stack. If you
believe this port shouldn't be removed, contact haskell@FreeBSD.org
2019-04-14 math/hs-kan-extensions: Haskell libraries are getting pushed out of
the ports tree. If you are using this port for development, consider switching
to cabal sandboxes (old way), cabal new-build (new way), or use devel/stack. If
you believe this port shouldn't be removed, contact haskell@FreeBSD.org
2019-04-14 math/hs-semigroupoids: Haskell libraries are getting pushed out of
the ports tree. If you are using this port for development, consider switching
to cabal sandboxes (old way), cabal new-build (new way), or use devel/stack. If
you believe this port shouldn't be removed, contact haskell@FreeBSD.org
2019-04-14 math/hs-Agda-stdlib: Haskell libraries are getting pushed out of the
ports tree. If you are using this port for development, consider switching to
cabal sandboxes (old way), cabal new-build (new way), or use devel/stack. If you
believe this port shouldn't be removed, contact haskell@FreeBSD.org
2019-04-14 math/hs-semigroups: Haskell libraries are getting pushed out of the
ports tree. If you are using this port for development, consider switching to
cabal sandboxes (old way), cabal new-build (new way), or use devel/stack. If you
believe this port shouldn't be removed, contact haskell@FreeBSD.org
2019-04-14 math/hs-vector-space: Haskell libraries are getting pushed out of the
ports tree. If you are using this port for development, consider switching to
cabal sandboxes (old way), cabal new-build (new way), or use devel/stack. If you
believe this port shouldn't be removed, contact haskell@FreeBSD.org
2019-04-14 math/hs-comonad: Haskell libraries are getting pushed out of the
ports tree. If you are using this port for development, consider switching to
cabal sandboxes (old way), cabal new-build (new way), or use devel/stack. If you
believe this port shouldn't be removed, contact haskell@FreeBSD.org
2019-04-14 math/hs-pointed: Haskell libraries are getting pushed out of the
ports tree. If you are using this port for development, consider switching to
cabal sandboxes (old way), cabal new-build (new way), or use devel/stack. If you
believe this port shouldn't be removed, contact haskell@FreeBSD.org
2019-04-14 math/hs-ieee754: Haskell libraries are getting pushed out of the
ports tree. If you are using this port for development, consider switching to
cabal sandboxes (old way), cabal new-build (new way), or use devel/stack. If you
believe this port shouldn't be removed, contact haskell@FreeBSD.org

(Only the first 15 lines of the commit message are shown above )

New Port: security/modsecurity3-apache

The ModSecurity-apache connector is the connection point between Apache and
libmodsecurity (ModSecurity v3).
Said another way, this project provides a communication channel between Apache
and libmodsecurity.
This connector is required to use LibModSecurity with Apache.

The ModSecurity-apache connector takes the form of an Apache module.
The module simply serves as a layer of communication between Apache and
ModSecurity.

https://github.com/SpiderLabs/ModSecurity-apache

Sponsored by:	Netzkommune GmbH

Obsolete, please use security/rubygem-rack-oauth2 instead.

New port: security/gost-engine

OpenSSL 1.0.2 had built-in implementation of Russian cryptography standards
(GOST) as additional engine, but since then that implementation
moved to distinct repository at Github.

This port presents loadable engine for OpenSSL 1.1.1+ and algorithms:

GOST R 34.10-2001
GOST R 34.10-2012
GOST R 34.11-94
GOST R 34.11-2012
GOST 28147-89
GOST R 34.132015

security/py-xmlsec: Unbreak and resurrect

- Update version 0.3.0=>1.3.6 from fork

New port: security/cowrie: Cowrie SSH/Telnet honeypot

Remove expired ports:
2019-03-31 archivers/go-compress: Go libraries should not be packaged
2019-03-31 textproc/go.text: Go libraries should not be packaged
2019-03-31 devel/go-hashicorp-logutils: Go libraries should not be packaged
2019-03-31 devel/go-cpuid: Go libraries should not be packaged
2019-03-31 devel/go-nuid: Go libraries should not be packaged
2019-03-31 devel/go-yaml: Go libraries should not be packaged
2019-03-31 devel/go-raw: Go libraries should not be packaged
2019-03-31 devel/go-go.uuid: Go libraries should not be packaged
2019-03-31 devel/go-goregen: Go libraries should not be packaged
2019-03-31 devel/go-runewidth: Go libraries should not be packaged
2019-03-31 devel/go-cobra: Go libraries should not be packaged
2019-03-31 devel/go-pflag: Go libraries should not be packaged
2019-03-31 devel/go-slices: Go libraries should not be packaged
2019-03-31 devel/go-form: Go libraries should not be packaged

(Only the first 15 lines of the commit message are shown above )

Remove expired security/rubygem-sshkey1

Remove expired security/kbfs

You wrote a cool network client or server. It encrypts connections
using TLS. Your test suite needs to make TLS connections to itself.

Uh oh. Your test suite probably doesn't have a valid TLS certificate.
Now what?

trustme is a tiny Python package that does one thing: it gives you
a fake certificate authority (CA) that you can use to generate fake
TLS certs to use in your tests. Well, technically they're real
certs, they're just signed by your CA, which nobody trusts. But you
can trust it. Trust me.

WWW: https://github.com/python-trio/trustme

New ports security/olm and net-im/mtxclient

These are support libraries for Matrix clients; Nheko in particular.
Until I wrap-up Nheko, they aren't used by anything.

Add py-cryptography-vectors 2.6.1

cryptography-vectors provides test vectors for the cryptography package.

WWW: https://github.com/pyca/cryptography/tree/master/vectors

Qt4 deprecation

security/pinentry-qt4: Has expired: Qt4 has been EOL since december 2015

Approved by:	portmgr (implicit)

Qt4 deprecation:

security/yubikey-piv-manager: Has expired: Qt4 has been EOL since december 2015

Approved by:	portmgr (implicit)

Qt4 deprecation: Remove Qt4 and its consumes.

2019-03-15 accessibility/qt4-accessible: Qt4 has been EOL since december 2015
2019-03-15 astro/qlandkartegt: Qt4 has been EOL since december 2015
2019-03-15 astro/stellarium-qt4: Qt4 has been EOL since december 2015
2019-03-15 astro/xglobe: Qt4 has been EOL since december 2015
2019-03-15 audio/acoustid-fingerprinter: Qt4 has been EOL since december 2015
2019-03-15 audio/cueplayer: Qt4 has been EOL since december 2015
2019-03-15 audio/esperanza: Qt4 has been EOL since december 2015
2019-03-15 audio/lastfm-desktop: Qt4 has been EOL since december 2015
2019-03-15 audio/minitunes: Qt4 has been EOL since december 2015
2019-03-15 audio/mixxx20: Qt4 has been EOL since december 2015
2019-03-15 audio/mumble: Qt4 has been EOL since december 2015
2019-03-15 audio/murmur: Qt4 has been EOL since december 2015
2019-03-15 audio/puddletag: Qt4 has been EOL since december 2015

(Only the first 15 lines of the commit message are shown above )

security/qtkeychain: remove flavors (Qt4 deprecation)

Approved by:	portmgr (implicit)

New port: security/mkp224o: Vanity address generator for tor onion v3 (ed25519)
hidden services

Add ruby-bitwarden to the build

Remove expired ports:
2019-03-05 devel/elixir-lager_logger: Broken for more than 6 months
2019-03-05 devel/gpsim: Broken for more than 6 months
2019-03-05 devel/hgview: Broken for more than 6 months
2019-03-05 games/mudmagic: Broken for more than 6 months
2019-03-05 math/mumps-mpich: Broken for more than 6 months
2019-03-05 math/sdpara: Broken for more than 6 months
2019-03-05 net/tn5250j: Broken for more than 6 months
2019-03-05 net-im/pidgin-skype: Broken for more than 6 months
2019-03-05 net-im/skype: Broken for more than 6 months
2019-03-05 net-im/skype-devel: Broken for more than 6 months
2019-03-05 science/dft_tools: Broken for more than 6 months
2019-03-05 science/triqs: Broken for more than 6 months
2019-03-05 security/hamachi: Broken for more than 6 months
2019-03-05 textproc/elixir-ex_doc: Broken for more than 6 months
2019-03-05 x11/altyo: Broken for more than 6 months
2019-03-05 x11/pantheon-terminal: Broken for more than 6 months
2019-03-05 x11-wm/e-module-everything-websearch: Broken for more than 6 months

[NEW] security/sslproxy: Transparent and scalable SSL/TLS interception

SSLproxy is a proxy for SSL/TLS encrypted network connections. It is intended to
be used for decrypting and diverting network traffic to other programs, such as
UTM services, for deep SSL inspection.

SSLproxy is designed to transparently terminate connections that are redirected
to it using a network address translation engine. SSLproxy then terminates
SSL/TLS and initiates a new SSL/TLS connection to the original destination
address. Packets received on the client side are decrypted and sent to the
program listening on a port given in the proxy specification. SSLproxy inserts
in the first packet the address and port it is expecting to receive the packets
back from the program. Upon receiving the packets back, SSLproxy re-encrypts and
sends them to their original destination. The return traffic follows the same
path back to the client in reverse order.

WWW: https://github.com/sonertari/SSLproxy

Please note that the sslproxy deleted and sslproxy created are not the same
application.

Remove expired ports:
2019-02-28 devel/uboot-mkimage: Use sysutils/u-boot-tools
2019-02-28 graphics/clutter-gtk: 0.10.x is unmaintained upstream and unused in
the ports tree
2019-02-28 databases/puppetdb4: Puppet 4 has reached EOL
2019-02-28 sysutils/puppet4: Puppet 4 has reached EOL
2019-02-28 sysutils/puppetserver: Puppet 4 has reached EOL
2019-02-28 www/qupzilla-qt5: Project continues as www/falkon
2019-02-28 databases/puppetdb-terminus4: Puppet 4 has reached EOL
2019-03-01 sysutils/bacula-client: Unsupported. Please migrate to bacula9-server
2019-03-01 net-mgmt/nagios-check_bacula: Unsupported. Please migrate to
bacula9-server
2019-03-01 security/kc: Versions 2.4.x use incompatible database format
2019-03-01 sysutils/bacula-server: Unsupported. Please migrate to bacula9-server
2019-03-01 sysutils/bacula-docs: Unsupported. Please migrate to bacula9-docs
2019-03-01 sysutils/bacula-client-static: Unsupported. Please migrate to
bacula9-server
2019-03-01 sysutils/bacula-bat: Unsupported. Please migrate to bacula9-server

Add libfido2 0.4.0

libfido2 provides library functionality and command-line tools to communicate
with a FIDO device over USB, and to verify attestation and assertion signatures.

libfido2 supports the FIDO U2F (CTAP 1) and FIDO 2.0 (CTAP 2) protocols.

WWW: https://developers.yubico.com/libfido2/
WWW: https://github.com/Yubico/libfido2

[NEW PORT] security/ssllabs-scan: Command-line tool to use the SSL Labs API

  A command-line reference-implementation client for SSL Labs API, designed
  for automated and/or bulk testing.

  SSL Labs API expose the complete SSL/TLS server testing functionality in
  a programmatic fashion, allowing for scheduled and bulk assessment. They
  are making their API available to encourage site operators to regularly
  test servers configurations.

  WWW: https://www.ssllabs.com/projects/ssllabs-apis/

Approved by:	rene (mentor)
Differential Revision:	https://reviews.freebsd.org/D19120

New port: security/softether5: SoftEther VPN 5 (Developer Edition)

SoftEther VPN ("SoftEther" means "Software Ethernet") is an
open-source cross-platform multi-protocol VPN program, created as an
academic project in the University of Tsukuba.  Its protocol is very
fast and it can be used in very restricted environments, as it's able
to transfer packets over DNS and ICMP.  A NAT-Traversal function is
also available, very useful in case the required ports cannot be
opened on the firewall.  The supported third party protocols are
OpenVPN, L2TP/IPSec and SSTP.

This port is a bleeding-edge developer version of SoftEther, not for
production use.  If you're looking for a solid and stable version,
use security/softether (RTM version) or security/softether-devel
(stable version) instead.  This version is available also on other
other than i386/amd64 processors. Users who want to use SoftEther on
single board computers such as Raspberry Pi, BeagleBoard or other
embedded devices, try this port.

WWW: https://www.softether.org

New port: security/hockeypuck

Hockeypuck implements the HKP draft protocol specification,
as well as several extensions to the protocol supported by SKS.

Public key material conforming to RFC 4880 is supported by the keyserver,
as are RFC 6637 ECC keys.
As-of-yet unsupported key material, such as recent Ed25519 signing keys,
may be distributed by Hockeypuck, however Hockeypuck is not able to
validate them yet.

WWW: https://hockeypuck.github.io

PR:		235904
Submitted by:	Michiel van Baak <michiel@vanbaak.eu>

New port: security/py-taxii2-client

This port provides a minimal client implementation for the TAXII 2.0 server.
It supports the following TAXII 2.0 API services:
- Server Discovery
- Get API Root Information
- Get Status
- Get Collections
- Get a Collection
- Get Objects
- Add Objects
- Get an Object
- Get Object Manifests

WWW: https://github.com/oasis-open/cti-taxii-client

Add rubygem-sshkey1 1.9.0 (copied from rubygem-sshkey)

- Add PORTSCOUT

Remove security/tmux-cssh: upstream has disappeared

Remove expired ports:
2019-02-15 dns/p5-pgeodns: Uses legacy GeoIP 1 format which no longer works;
switch to GeoIP 2 where possible
2019-02-15 ftp/proftpd-mod_geoip: Uses legacy GeoIP 1 format which no longer
works; switch to GeoIP 2 where possible
2019-02-15 net/go-geoip: Uses legacy GeoIP 1 format which no longer works;
switch to GeoIP 2 where possible
2019-02-15 net/py-GeoIP: Uses legacy GeoIP 1 format which no longer works;
switch to GeoIP 2 where possible
2019-02-15 net/pecl-geoip: Uses legacy GeoIP 1 format which no longer works;
switch to GeoIP 2 where possible
2019-02-15 net/pen: Uses legacy GeoIP 1 format which no longer works; switch to
GeoIP 2 where possible
2019-02-15 net/subnetcalc: Uses legacy GeoIP 1 format which no longer works;
switch to GeoIP 2 where possible
2019-02-15 net/p5-Geo-IP: Uses legacy GeoIP 1 format which no longer works;
switch to GeoIP 2 where possible
2019-02-15 net/rubygem-geoip: Uses legacy GeoIP 1 format which no longer works;
switch to GeoIP 2 where possible
2019-02-15 security/sguil: Uses legacy GeoIP 1 format which no longer works;
switch to GeoIP 2 where possible
2019-02-15 devel/go-sql-driver: Go source should not be packaged
2019-02-15 devel/geoip-java: Uses legacy GeoIP 1 format which no longer works;
switch to GeoIP 2 where possible
2019-02-15 dns/go-geodns: Uses legacy GeoIP 1 format which no longer works;
switch to GeoIP 2 where possible

[NEW PORT] security/py-pass-audit: Extension to audit your password-store
password repository

pass audit is a password-store extension for auditing your password repository.
Passwords will be checked against the Python implementation of Dropbox' zxcvbn
algorithm and Troy Hunt's Have I Been Pwned Service. It supports safe breached
password detection from haveibeenpwned.com using a K-anonymity method.

Using this method, you do not need to (fully) trust the server that stores the
breached password. You should read the security consideration section for more
information.

PR:		235454
Submitted by:	Tobias Rehbein <tobias.rehbein@web.de>

Add py-keepkey 6.0.2, library for communicating with KeepKey Hardware
Wallet.

Add py-ckcc-protocol 0.7.2, coldcard CLI and python interface library.

security/py-python-pam: create port

Python PAM module

WWW: https://github.com/FirefighterBlu3/python-pam

PR:		235212
Submitted by:	Charlie Li <ml+freebsd@vishwin.info>
Reviewed by:	koobs
Differential Revision:	 https://reviews.freebsd.org/D18979

New port: security/gonepass

A GTK+ reader for 1Password password management vault files.

WWW: https://github.com/jbreams/gonepass

PR:		226706
Submitted by:	greg@unrelenting.technology
Reviewed by:	lwhsu (earlier version)

Python port of libaxolotl-android

WWW: https://github.com/tgalal/python-axolotl

PR:		233823
Submitted by:	 Goran Mekic <meka@tilda.center>

Python wrapper for curve25519 library with ed25519 signatures.

WWW: https://github.com/tgalal/python-axolotl-curve25519

PR:		233822
Submitted by:	meka@tilda.center

New port: security/caesarcipher

caesarcipher is an implementation of the traditional Caesar cipher
encryption algorithm with an extension to all printable ASCII
characters.  It can be run as an interactive tool on the command
line or process input- and outputfiles that are passed to the
ultility.

WWW: http://www.olivermahmoudi.com/programming/caesarcipher

PR:		222760
Submitted by:	Oliver Mahmoudi <fbsd@olivermahmoudi.com>

security/git-secret: New Port.

git-secret is a tool which stores private data inside a git repo.

General information:

git-secret encrypts tracked files with public keys for users whom you trust
using gpg, allowing permitted users to access encrypted data using their secret
keys.

PR:		235056
Submitted by:	joshr-freebsd@joshr.com

Welcome the new KRB5 1.17 (krb5-117).

Major changes in 1.17 (2019-01-08)
==================================

Administrator experience:

* A new Kerberos database module using the Lightning Memory-Mapped
  Database library (LMDB) has been added.  The LMDB KDB module should
  be more performant and more robust than the DB2 module, and may
  become the default module for new databases in a future release.

* "kdb5_util dump" will no longer dump policy entries when specific
  principal names are requested.

(Only the first 15 lines of the commit message are shown above )

Remove expired php56- ports:
2019-01-01 net/php56-soap: Security Support ends on 31 Dec 2018
2019-01-01 net/php56-ldap: Security Support ends on 31 Dec 2018
2019-01-01 net/php56-xmlrpc: Security Support ends on 31 Dec 2018
2019-01-01 net/php56-sockets: Security Support ends on 31 Dec 2018
2019-01-01 textproc/php56-ctype: Security Support ends on 31 Dec 2018
2019-01-01 textproc/php56-xmlwriter: Security Support ends on 31 Dec 2018
2019-01-01 textproc/php56-xmlreader: Security Support ends on 31 Dec 2018
2019-01-01 textproc/php56-pspell: Security Support ends on 31 Dec 2018
2019-01-01 textproc/php56-dom: Security Support ends on 31 Dec 2018
2019-01-01 textproc/php56-xsl: Security Support ends on 31 Dec 2018
2019-01-01 textproc/php56-simplexml: Security Support ends on 31 Dec 2018
2019-01-01 textproc/php56-enchant: Security Support ends on 31 Dec 2018
2019-01-01 textproc/php56-wddx: Security Support ends on 31 Dec 2018
2019-01-01 textproc/php56-xml: Security Support ends on 31 Dec 2018

(Only the first 15 lines of the commit message are shown above )

Remove expired ports:
2018-12-30 textproc/pecl-xdiff: Works only with EOL php 5.6
2019-01-01 www/mod_http2-devel: Use the module that is shipped with Apache 2.4
2019-01-01 www/varnish5: Varnish 5 is Retired
2018-12-30 security/pecl-ssh2-0: Works only with EOL php 5.6
2019-01-01 security/bitwarden-ruby: Expects very specific rubygem versions for
new updates. Please follow instructions in git repo.
2018-12-30 devel/pecl-intl: Works only with EOL php 5.6
2018-12-30 devel/pecl-APCu4: Works only with EOL php 5.6
2018-12-30 databases/pecl-memcache: Works only with EOL php 5.6
2018-12-30 databases/pecl-memcached2: Works only with EOL php 5.6
2018-12-30 math/pecl-bitset2: Works only with EOL php 5.6
2019-01-01 multimedia/zoneminder-h264: h264 feature was commited to main branch,
please upgrade to www/zoneminder
2019-01-01 lang/php56: Security Support ends on 31 Dec 2018

Remove KDE4, part 5
2018-12-31 korean/kde4-l10n: KDE4 is EOL upstream
2018-12-31 net/kget-kde4: KDE4 is EOL upstream
2018-12-31 net/kdenetwork-strigi-analyzers-kde4: KDE4 is EOL upstream
2018-12-31 net/zeroconf-ioslave-kde4: KDE4 is EOL upstream
2018-12-31 net/libkfbapi: Qt4 has been EOL since december 2015
2018-12-31 net/kdenetwork-kde4: KDE4 is EOL upstream
2018-12-31 net/kwooty: Qt4 has been EOL since december 2015
2018-12-31 net/kdenetwork-filesharing-kde4: KDE4 is EOL upstream
2018-12-31 net/libmediawiki-kde4: KDE4 is EOL upstream
2018-12-31 net/kio-upnp-ms: Qt4 has been EOL since december 2015
2018-12-31 net/libkvkontakte-kde4: KDE4 is EOL upstream
2018-12-31 net/krfb-kde4: KDE4 is EOL upstream
2018-12-31 net/smb4k-kde4: Qt4 has been EOL since december 2015
2018-12-31 net/krdc-kde4: KDE4 is EOL upstream

(Only the first 15 lines of the commit message are shown above )

Remove expired ports:
2018-12-31 net/libsrtp: Superseded by libsrtp2
2018-12-31 x11-toolkits/wlc: Deprecated upstream
2018-12-31 japanese/spamassassin: does not build
2018-12-31 www/spdylay: SPDY is deprecated, use HTTP/2 instead
2018-12-31 www/moodle33: Upstream no longer maintained
2018-12-31 security/krb5-114: EOL twelve months after release of krb5-1.16
2018-12-31 databases/mongodb32: EOL upstream since September 2018
2018-12-31 databases/mongodb32-tools: EOL upstream since September 2018
2018-12-31 audio/creox: Qt4 has been EOL since december 2015
2018-12-31 audio/terminatorx: Unmaintained, broken too often
2018-12-31 audio/shoutcast: Upstream vendor no longer provides releases
2018-12-31 dns/powerdns-recursor40: FreeBSD 10.3 has reached EoL since
2018-04-30; users should upgrade and use dns/powerdns-recursor instead
2018-12-31 sysutils/ataidle: obsoleted by camcontrol(8)
2018-12-31 sysutils/syslog-ng37: No longer officially supported by Balabit, does
not support openssl111
2018-12-31 sysutils/cfengine22: No longeer supported by cfengine.com
2018-12-31 sysutils/syslog-ng36: No longer officially supported by Balabit, does
not support openssl111

Remove expired ports:
2018-12-30 net/pecl-mosquitto: Works only with EOL php 5.6
2018-12-30 net/pecl-ip2location: Works only with EOL php 5.6
2018-12-30 net/pecl-yp: Works only with EOL php 5.6
2018-12-30 net/pecl-oauth: Works only with EOL php 5.6
2018-12-30 net/pecl-apn: Works only with EOL php 5.6
2018-12-30 textproc/pecl-doublemetaphone: Works only with EOL php 5.6
2018-12-30 textproc/pecl-ctemplate: Works only with EOL php 5.6
2018-12-30 textproc/pecl-xslcache: Works only with EOL php 5.6
2018-12-30 textproc/libmrss-php: Works only with EOL php 5.6
2018-12-30 textproc/pecl-stem: Works only with EOL php 5.6
2018-12-30 textproc/pecl-wbxml: Works only with EOL php 5.6
2018-12-30 textproc/pecl-syck: Works only with EOL php 5.6
2018-12-30 textproc/pecl-yaml1: Works only with EOL php 5.6
2018-12-30 deskutils/surrealtodo: Works only with EOL php 5.6

(Only the first 15 lines of the commit message are shown above )

security/yubikey-manager-qt: new port, application for configuring any YubiKey
over all USB interfaces.

Submitted by:	Daniel Shafer <daniel@shafer.cc>
Differential Revision:	https://reviews.freebsd.org/D18406

New port: security/peda: Python-based GDB extension for exploit development and
debugging

PEDA (Python Exploit Development Assistance for GDB) is a plugin for GDB.
It extends GDB with a colorful text-based UI making it easier to work with
the debugger.

Note that PEDA requires that GDB is compiled with Python support.

Its key features are:

- Enhance the display of GDB: colorize and display disassembly codes,
  registers, memory information during debugging.
- Add commands to support debugging and exploit development.

WWW: http://ropshell.com/peda/

Reviewed by:	mat
Approved by:	mat (mentor)
Differential Revision:	https://reviews.freebsd.org/D18433

security/yubioath-desktop: Yubico Authenticator for Desktop [moved from
security/py-yubioath-desktop]

- no longer using python, rename.

Submitted by:	Daniel Shafer <daniel@shafer.cc>
Differential Revision:	https://reviews.freebsd.org/D18405

Remove expired ports:
2018-12-19 net/py-libstorj: Broken for more than 6 months
2018-12-20 net/xferstats: Uses obsolete glib12
2018-12-20 net/wmlj: Uses obsolete glib12
2018-12-20 net/ipsorc: Uses obsolete glib12
2018-12-20 net/bsdproxy: Uses obsolete glib12
2018-12-20 net/gini: Uses obsolete glib12
2018-12-21 net/netatalk: Outdated branch of netatalk; use net/netatalk3 instead
2018-12-20 net/nocatsplash: Uses obsolete glib12
2018-12-20 net/jags: Uses obsolete glib12
2018-12-19 net/scribe: Broken for more than 6 months
2018-12-20 net/libnetdude: Uses obsolete glib12
2018-12-20 net/nepim: Uses obsolete glib12
2018-12-20 emulators/generator: Uses obsolete glib12
2018-12-19 emulators/py-nova: Broken for more than 6 months

(Only the first 15 lines of the commit message are shown above )

Remove reference to non existing port

Pointy hat:	cy@

Resurrect the old racoon2 port as racoon2-legacy. Christos' fork only
works with OpenSSL 1.1.1 and newer. This port should be retired when
FreeBSD 11 is EOL. A subsequent commit will ensure this.

New port: security/py-ospd: Base for scanner wrappers for OSP (Open Scanner
Protocol)

New port: security/py-msoffcrypto-tool

msoffcrypto-tool (formerly ms-offcrypto-tool) is a Python tool and library for
decrypting encrypted MS Office files with password, intermediate key, or
private key which generated its escrow key.

WWW: https://github.com/nolze/msoffcrypto-tool

Remove expired ports:
2018-12-10 net/g2ipmsg: GNOME 2 application
2018-12-10 net/grdesktop: GNOME 2 application
2018-12-10 textproc/gnome-spell: GNOME 2 application
2018-12-10 textproc/sagasu: GNOME 2 application
2018-12-10 deskutils/planner: GNOME 2 application
2018-12-10 deskutils/multisync: GNOME 2 application
2018-12-10 deskutils/drivel: GNOME 2 application
2018-12-10 deskutils/notecase: GNOME 2 application
2018-12-10 deskutils/gtodo: GNOME 2 application
2018-12-10 deskutils/gtweakui: GNOME 2 application
2018-12-10 deskutils/gnotime: GNOME 2 application
2018-12-10 deskutils/gruler: GNOME 2 application
2018-12-10 japanese/gjiten: GNOME 2 application
2018-12-10 graphics/truevision: GNOME 2 application

(Only the first 15 lines of the commit message are shown above )

Remove expired ports:
2018-12-04 archivers/php70-bz2: Security Support ends on 3 Dec 2018
2018-12-04 archivers/php70-phar: Security Support ends on 3 Dec 2018
2018-12-04 archivers/php70-zip: Security Support ends on 3 Dec 2018
2018-12-04 archivers/php70-zlib: Security Support ends on 3 Dec 2018
2018-12-04 converters/php70-iconv: Security Support ends on 3 Dec 2018
2018-12-04 converters/php70-mbstring: Security Support ends on 3 Dec 2018
2018-12-04 converters/php70-recode: Security Support ends on 3 Dec 2018
2018-12-04 databases/php70-dba: Security Support ends on 3 Dec 2018
2018-12-04 databases/php70-interbase: Security Support ends on 3 Dec 2018
2018-12-04 databases/php70-mysqli: Security Support ends on 3 Dec 2018
2018-12-04 databases/php70-odbc: Security Support ends on 3 Dec 2018
2018-12-04 databases/php70-pdo: Security Support ends on 3 Dec 2018
2018-12-04 databases/php70-pdo_dblib: Security Support ends on 3 Dec 2018
2018-12-04 databases/php70-pdo_firebird: Security Support ends on 3 Dec 2018

(Only the first 15 lines of the commit message are shown above )

Add seal, Microsoft Simple Encrypted Arithmetic Library

Rename www/mod_security3 to security/modsecurity3.  It is not an Apache
module, and the upstream name is ModSecurity in a single word.

PR:		233351
Submitted by:	Marie Helene Kvello-Aune, Marius Halden (maintainer)
Differential Revision:	https://reviews.freebsd.org/D18353

Add rubygem-googleauth06 (copied from rubygem-googleauth)

New port: security/py-stix2

Python APIs for serializing and de-serializing STIX 2 JSON content, along with
higher-level APIs for common tasks, including data markings, versioning, and for
resolving STIX IDs across multiple data sources.

WWW: https://github.com/oasis-open/cti-python-stix2

New port: security/py-stix2-patterns

The STIX 2 Pattern Validator is a software tool for checking the syntax of the
Cyber Threat Intelligence (CTI) STIX Pattern expressions, which are used within
STIX to express conditions (prepresented with the Cyber Observable data model)
that indicate particular cyber threat activity.  The repository contains source
code, an ANTLR grammar, automated tests and associated documentation for the
tool.  The validator can be used as a command-line tool or as a Python library
which can be included in other applications.

WWW: https://github.com/oasis-open/cti-pattern-validator

Add pear-Auth_SASL2 0.2.0 (copied from pear-Auth_SASL)

Provides code to generate responses to common SASL mechanisms, including:
- Digest-MD5
- Cram-MD5
- Plain
- Anonymous
- Login (Pseudo mechanism)
- SCRAM

WWW: https://pear.php.net/package/Auth_SASL2

Remove pear-Auth_SASL2

Add pear-Auth_SASL2 0.2.0

Provides code to generate responses to common SASL mechanisms, including:
- Digest-MD5
- Cram-MD5
- Plain
- Anonymous
- Login (Pseudo mechanism)
- SCRAM

WWW: https://pear.php.net/package/Auth_SASL2

security/ossec-hids-server: update from 2.8.3 to 3.1.0

PR:		232794
Submitted by:	Dominik Lisiak <dominik.lisiak@bemsoft.pl> (maintainer)

Maltrail is a malicious traffic detection system, utilizing publicly
available (black)lists containing malicious and/or generally suspicious
trails, along with static trails compiled from various AV reports and
custom user defined lists, where trail can be anything from domain name
(e.g. zvpprsensinaix.com for Banjori malware),
URL (e.g. http://109.162.38.120/harsh02.exe for known malicious executable),
IP address (e.g. 185.130.5.231 for known attacker) or HTTP User-Agent header
value (e.g. sqlmap for automatic SQL injection and database takeover tool).
Also, it uses (optional) advanced heuristic mechanisms that can help in
discovery of unknown threats (e.g. new malware).

WWW: https://github.com/stamparm/maltrail

PR:		233074
Submitted by:	Michael Muenz <m.muenz@gmail.com>

Add security/linux-c6-audit-libs and security/linux-c6-pam ports.

Reviewed by:	mat, tcberner
Approved by:	tcberner (mentor)
Differential Revision:	https://reviews.freebsd.org/D17561

security/openssl-devel: Remove port

 - OpenSSL 1.1.1 is ABI compatible
 - Aligns with FreeBSD 12

Reviewed by:	bapt, rene
Differential Revision: https://reviews.freebsd.org/D17136

Remove expired ports:
2018-10-22 devel/hs-enumerator: Doesn't build with recent GHC version
2018-10-22 net-im/hs-haskell-xmpp: Doesn't build with recent GHC version
2018-10-22 security/hs-certificate: Doesn't build with recent GHC version
2018-10-22 textproc/hs-attoparsec-enumerator: Doesn't build with recent GHC
version
2018-10-22 textproc/hs-HaXml: Doesn't build with recent GHC version
2018-10-22 www/hs-happstack: Doesn't build with recent GHC version
2018-10-22 x11-toolkits/hs-wxc: Doesn't build with recent GHC version
2018-10-22 x11-toolkits/hs-wx: Doesn't build with recent GHC version
2018-10-22 archivers/hs-zlib-enum: Doesn't build with recent GHC version
2018-10-22 x11-toolkits/hs-wxcore: Doesn't build with recent GHC version
2018-10-22 devel/hs-TypeCompose: Doesn't build with recent GHC version
2018-10-22 devel/hs-PSQueue: Doesn't build with recent GHC version
2018-10-22 devel/hs-blaze-builder-enumerator: Doesn't build with recent GHC
version

New port: security/py-bro-pkg: Bro NSM package manager

The Bro Package Manager makes it easy for Bro users to install
and manage third party scripts as well as plugins for Bro and
BroControl. The command-line tool is preconfigured scripts as
well as plugins for Bro and BroControl. The command-line tool
is preconfigured to download packages from the Bro package source,
a GitHub repository that has been setup such that any developer
can request their Bro package be included. See the README file
of that repository for information regarding the package submission
process. NOTE: It's left up to users to decide for themselves
via code review, GitHub comments/stars, or other metrics whether
any given package is trustworthy as there is no implied guarantees
that it's secure just because it's been accepted into the default
package source. See the package manager documentation for further

(Only the first 15 lines of the commit message are shown above )

Connect all the PHP 7.3 ports

New port: security/cargo-audit

Audit Cargo.lock for crates with security vulnerabilities reported
to the RustSec Advisory Database.

This is a PoC implementation of the closed RFC 1752:
https://github.com/rust-lang/rfcs/pull/1752

WWW: https://rustsec.org/

Number of commits found: 1825 (showing only 100 on this page)

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11  »  [Last Page]

12 vulnerabilities affecting 34 ports have been reported in the past 14 days

^* - modified, not new

All vulnerabilities

Last updated:
2019-10-11 18:37:07