02:36 lx 

Add NaCl, a high speed cryptography library.

02:52 sunpoet 

- Add p5-App-Genpass 2.10

If you've ever needed to create 10 (or even 10,000) passwords on the fly with
varying preferences (lowercase, uppercase, no confusing characters, special
characters, minimum length, etc.), you know it can become a pretty pesky task.

This module makes it possible to create flexible and secure passwords, quickly
and easily.

WWW: http://search.cpan.org/dist/App-Genpass/

05:21 cs 

This Python package is a high-level wrapper for Kerberos (GSSAPI) operations.
The goal is to avoid having to build a module that wraps the entire
Kerberos.framework, and instead offer a limited set of functions that do what
is needed for client/server Kerberos authentication based on
<http://www.ietf.org/rfc/rfc4559.txt>.

PR:             ports/156791
Submitted by:   Roland van Laar <roland@micite.net>
Approved by:    wen@ (co-mentor)

09:12 dougb 

As previously advertised, delete ports that have
vulnerabilities listed in portaudit, and those
that depend on them - part 1

math/mupad
        Relies on xpm, vulnerable since 2004-09-15
net-p2p/torrentflux
        Vulnerable since 2006-10-07
net/tptest
        Vulnerable since 2009-12-17
security/pgp6
        Vulnerable since 2005-07-31
www/p5-RTx-RightsMatrix
        Only works with www/rt36, which is FORBIDDEN
www/p5-RTx-Shredder
        Only works with www/rt36, which is FORBIDDEN
www/p5-RTx-Statistics
        Only works with www/rt36, which is FORBIDDEN
www/plone
        Vulnerable since 2011-02-10
www/pyblosxom
        Vulnerable since 2009-02-11
www/rt36
        Vulnerable since 2009-12-09
www/zope-archetypes
        Depends on www/plone, which is FORBIDDEN
www/zope-calendaring
        Depends on www/plone, which is FORBIDDEN
www/zope-coreblog2
        Depends on www/plone, which is FORBIDDEN
www/zope-i18nlayer
        Depends on www/plone, which is FORBIDDEN
www/zope-plonelanguagetool
        Depends on www/plone, which is FORBIDDEN
www/zope-simpleblog
        Depends on www/plone, which is FORBIDDEN

18:14 bsam 

Add linux-f10-gnutls 2.4.2, GNU Transport Layer Security library.

Changes over original shar file at the PR:
. change the maintainer to emulation@ (since it's an infrastructure linux port);
. use the latest version of the package (2.4.2-5.fc10);
. fix pkg-plist.

PR:             ports/159007
Submitted by:   Stas Timokhin <devel@stasyan.com>

17:38 bsam 

Add linux-f10-libgpg-error 1.6, common error values for all GnuPG
components.

Changes over original shar file at the PR:
. change the maintainer to emulation@ (since it's an infrastructure linux port);
. add BRANDELF_FILES;
. fix pkg-plist.

PR:             ports/159007
Submitted by:   Stas Timokhin <devel@stasyan.com>

17:14 bsam 

Add linux-f10-libgcrypt 1.4.4, general purpose crypto library based on
code used in GnuPG.

Changes over original shar file at the PR:
. change the maintainer to emulation@ (since it's an infrastructure linux port);
. use the latest version of the package (1.4.4-1.fc10);
. use PLIST_FILES, PLIST_DIRSTRY and post-install target instead of pkg-plist.

Notes: the port uses ${PREFIX}/etc/gcrypt directory for configuration files
(i.e. /compat/linux/etc/gcrypt). We usually try to use FreeBSD directories.
But there is no [/usr/local/]/etc/gcrypt directory.
I'm open to ideas on what to do here.

PR:             ports/159007
Submitted by:   Stas Timokhin <devel@stasyan.com>

16:38 bsam 

Add linux-f10-libtasn1 1.5, ASN.1 structure parser library.

Changes over original shar file at the PR:
 . change the maintainer to emulation@ (since it's an infrastructure linux
port);
 . remove commented out lines;
 . use PLIST_FILES, DOCSDIR_REL and PORTDOCS instead of pkg-plist.

PR:             ports/159007
Submitted by:   Stas Timokhin <devel@stasyan.com>

13:25 bapt 

2011-09-23 devel/libnotifymm: Doesn't build and isn't used by anything.
2011-09-11 games/abuse: BROKEN after games/abuse_sdl update
2011-09-01 security/donkey: No more public distfiles
2011-09-01 graphics/moth: No more public distfiles
2011-09-01 net-mgmt/aguri: No more public distfiles
2011-09-01 games/senso: No more public distfiles
2011-09-01 net-im/jabber-users-agent: No more public distfiles
2011-09-01 games/cchess: No more public distfiles

06:26 bapt 

2012-09-20 www/ruby-http-access: Deprecated upstream, please use
www/rubygem-httpclient
2011-09-01 sysutils/wots: No more public distfiles
2011-09-15 sysutils/gpart: Upstream disappeared
2011-09-01 sysutils/plod: No more public distfiles
2011-09-01 sysutils/checkservice: BROKEN for more than 6 month
2011-09-01 security/nsm-console: BROKEN for more than 6 month
2011-09-01 security/fressh: No more public distfiles
2011-09-01 palm/pose: No more public distfiles
2011-09-01 palm/isilo: No more public distfiles
2011-09-01 news/ija: BROKEN for more than 6 month
2011-09-01 news/PicMonger: Abandonware

21:47 pawel 

An ncurses based password database client that is compatible
with KeePass 1.x format databases.

WWW:    http://ckpass.sourceforge.net/

PR:             ports/160676
Submitted by:   Gvozdikov Veniamin <g.veniamin@googlemail.com>
Approved by:    miwi, wen (mentors implicit)

21:29 pawel 

Libkpass is a from-scratch C implementation of reading and writing
KeePass 1.x format password databases.

WWW:    http://libkpass.sourceforge.net/

PR:             ports/160675
Submitted by:   Gvozdikov Veniamin <g.veniamin@googlemail.com>
Approved by:    miwi, wen (mentors implicit)

19:31 eadler 

Massh makes it possible to perform the following on hundreds, or even
thousands of hosts in a parallelized fashion:

    * Run Remote Commands
    * Push and Execute Pre-Written Scripts
    * Push Files
    * Pull Files

WWW: http://m.a.tt/er/massh/
PR:             ports/159770
Submitted by:   Sascha Klauder <sklauder@trimind.de>
Approved by:    bapt (mentor)

13:05 tota 

- Add a new port: security/R-cran-ROAuth

  This package provides an interface to the OAuth 1.0 specification,
  allowing users to authenticate via OAuth to the server of their
  choice.

  WWW:  http://cran.r-project.org/web/packages/ROAuth/

13:01 tota 

- Add a new port: security/R-cran-digest

  The digest package provides a function 'digest' for the creation
  of hash digests of arbitrary R objects (using the md5, sha-1, sha-256
  and crc32 algorithms) permitting easy comparison of R language
  objects, as well as a function hmac() to create hash-based message
  authentication code. The md5 algorithm by Ron Rivest is specified
  in RFC 1321, the SHA-1 and SHA-256 algorithms are specified in
  FIPS-180-1 and FIPS-180-2, and the crc32 algorithm is described in
  ftp://ftp.rocksoft.com/cliens/rocksoft/papers/crc_v3.txt. For md5,
  sha-1 and sha-256, this packages uses small standalone implementations
  that were provided by Christophe Devine. For crc32, code from the
  zlib library is used. Please note that this package is not meant
  to be deployed for cryptographic purposes for which more comprehensive
  (and widely tested) libraries such as OpenSSL should be used.

  WWW:  http://cran.r-project.org/web/packages/digest/

20:21 sunpoet 

- Add p5-Crypt-OpenSSL-CA 0.21

Crypt-OpenSSL-CA - Model of an X509v3 Certification Authority

This package performs the cryptographic operations necessary to issue
X509 certificates and certificate revocation lists (CRLs).  It is
implemented as a Perl wrapper around the popular OpenSSL library.  All
certificate and CRL extensions supported by OpenSSL are available, and
then some.

WWW: http://search.cpan.org/dist/Crypt-OpenSSL-CA/

PR:             ports/160167
Submitted by:   Rodrigo Mosconi <freebsd@mosconi.mat.br>

08:04 cy 

Bring COPS back from the dead.

17:14 zi 

New port: security/duo

Duo provides simple two-factor authentication as a service via:

    1.  Phone callback
    2.  SMS-delivered one-time passcodes
    3.  Duo mobile app to generate one-time passcodes
    4.  Duo mobile app for smartphone push authentication
    5.  Duo hardware token to generate one-time passcodes

This package allows an admin (or ordinary user) to quickly add Duo
authentication to any Unix login without setting up secondary user
accounts, directory synchronization, servers, or hardware.

WWW: http://duosecurity.com

Approved by:    tabthorpe (mentor)

16:18 bapt 

Remove some expired ports

2011-08-08 deskutils/alexandria: Upcoming ruby-gnome removes dependencies
2011-08-06 security/drweb: fails to fetch (website rearranged)
2011-08-06 security/drweb-postfix: fails to fetch (website rearranged)
2011-08-06 security/drweb-qmail: fails to fetch (website rearranged)
2011-08-06 security/drweb-sendmail: fails to fetch (website rearranged)

06:49 bapt 

Removing old ruby stuff

2011-08-03 comms/ruby-serialport: Doesn't work with Ruby 1.9
2011-08-03 databases/ruby-search-namazu: Doesn't work with Ruby 1.9
2011-08-03 databases/ruby-sqlite: Doesn't work with Ruby 1.9
2011-08-03 databases/rubygem-kirbybase: Doesn't work with Ruby 1.9
2011-08-03 devel/ruby-eet: Doesn't work with Ruby 1.9
2011-08-03 devel/ruby-filelock: Doesn't work with Ruby 1.9
2011-08-03 devel/ruby-filemagic: Doesn't work with Ruby 1.9
2011-08-03 devel/ruby-metaruby: Doesn't work with Ruby 1.9
2011-08-03 devel/ruby-poll: Doesn't work with Ruby 1.9
2011-08-03 devel/ruby-rrb: Doesn't work with Ruby 1.9
2011-08-03 devel/ruby-strongtyping: Doesn't work with Ruby 1.9
2011-08-03 devel/ruby-textbuf: Doesn't work with Ruby 1.9
2011-08-03 graphics/ruby-graph: Doesn't work with Ruby 1.9
2011-08-03 graphics/ruby-libpng: Doesn't work with Ruby 1.9
2011-08-03 japanese/ruby-kakasi: Doesn't work with Ruby 1.9
2011-08-03 lang/ruby-extensions: Doesn't work with Ruby 1.9
2011-08-03 lang/ruby-lua: Doesn't work with Ruby 1.9
2011-08-03 lang/ruby-perl: Doesn't work with Ruby 1.9
2011-08-03 mail/ruby-tmail: Doesn't work with Ruby 1.9
2011-08-03 math/ruby-bitset: Doesn't work with Ruby 1.9
2011-08-03 math/ruby-bitvector: Doesn't work with Ruby 1.9
2011-08-03 math/ruby-gmp: Doesn't work with Ruby 1.9
2011-08-03 net/ruby-mpi: Doesn't work with Ruby 1.9
2011-08-03 net/ruby-nis: Doesn't work with Ruby 1.9
2011-08-03 net/ruby-pcap: Doesn't work with Ruby 1.9
2011-08-03 net/ruby-romp: Doesn't work with Ruby 1.9
2011-08-03 net/ruby-spread: Doesn't work with Ruby 1.9
2011-08-03 print/ruby-pdflib: Doesn't work with Ruby 1.9
2011-08-03 security/ruby-aes: Doesn't work with Ruby 1.9
2011-08-03 security/ruby-blowfish: Doesn't work with Ruby 1.9
2011-08-03 security/ruby-cast_256: Doesn't work with Ruby 1.9
2011-08-03 security/ruby-mcrypt: Doesn't work with Ruby 1.9
2011-08-03 security/ruby-pam: Doesn't work with Ruby 1.9
2011-08-03 sysutils/ruby-log4r: Doesn't work with Ruby 1.9
2011-08-03 textproc/ruby-csv: Doesn't work with Ruby 1.9
2011-08-03 textproc/ruby-formvalidator: Doesn't work with Ruby 1.9
2011-08-03 textproc/ruby-gdome: Doesn't work with Ruby 1.9
2011-08-03 textproc/ruby-htmltools: Doesn't work with Ruby 1.9
2011-08-03 textproc/ruby-nqxml: Doesn't work with Ruby 1.9
2011-08-03 textproc/ruby-quixml: Doesn't work with Ruby 1.9
2011-08-03 textproc/ruby-raspell: Doesn't work with Ruby 1.9
2011-08-03 textproc/ruby-tempura: Doesn't work with Ruby 1.9
2011-08-03 textproc/ruby-xtemplate: Doesn't work with Ruby 1.9
2011-08-03 www/ruby-tmpl: Doesn't work with Ruby 1.9

13:38 pgj 

DES, Blowfish, AES, TEA, SHA1, MD5, RSA, BubbleBabble, Hexdump, Support for
Word128, Word192 and Word256 and Beyond, PKCS5 Padding, Various Encryption
Modes e.g. Cipher Block Chaining all in one package, with HUnit and
QuickCheck tests, and examples.

WWW:    http://hackage.haskell.org/package/Crypto

Obtained from:  FreeBSD Haskell

05:52 bapt 

Bye bye abandonwares (part 5)

2011-08-08 russian/messarge: Has expired: Looks like an abandonware, no more
public distfiles
2011-08-08 russian/pgp.language: Has expired: Looks like an abandonware, no more
public distfiles
2011-08-08 security/ifd-gempc410: Has expired: Looks like an abandonware, no
more public distfiles
2011-08-08 security/libidea: Has expired: Looks like an abandonware, no more
public distfiles
2011-08-08 security/rain: Has expired: Looks like an abandonware, no more public
distfiles
2011-08-08 sysutils/Tee: Has expired: No more public distfile
2011-08-08 sysutils/curly: Has expired: No more public distfiles
2011-08-08 sysutils/i855vidctl10: Has expired: No more public distfiles
2011-08-08 sysutils/ltrace: Has expired: Looks like an abandonware, no more
public distfiles
2011-08-08 sysutils/rsyslog3-snmp: Has expired: unsupported upstream
2011-08-08 sysutils/xapply: Has expired: No more public distfiles
2011-08-08 textproc/asm2html: Has expired: Looks like an abandonware, no more
public distfiles
2011-08-08 textproc/diff-mode.el: Has expired: Looks like an abandonware, no
more public distfiles
2011-08-08 vietnamese/gtk-im-vi: Has expired: Looks like an abandonware, no more
public distfiles
2011-08-08 www/campsite: Has expired: Does not work
2011-08-08 www/p5-PLP: Has expired: No more upstream, looks like an abandonware
2011-08-08 www/wcol: Has expired: Looks like an abandonware, no more public
distfiles
2011-08-08 x11-toolkits/sdl_gui: Has expired: Looks like an abandonware, no more
public distfiles

04:43 tota 

- Add a new port: security/rubygem-twitter_oauth

  twitter_oauth is a Ruby client for the Twitter API using OAuth.

  WWW:  https://github.com/moomerman/twitter_oauth

11:34 novel 

Add security/p11-kit, a library which provides a way to load and enumerate
PKCS#11 modules and provides a standard configuration setup for installing
PKCS#11 modules in such a way that they're discoverable.

02:43 linimon 

Disconnect the following deprecated ports that only work with java1.4:

  devel/colorer
  java/jboss3
  security/jce_policy14
  textproc/galax

PR:             ports/158969
Submitted by:   rene

22:25 mm 

This Horde package provides an OAuth consumer (http://oauth.net)
and OAuth infrastruture, and in the future will provide an OAuth server.

WWW: http://pear.horde.org

22:07 beech 

- Replaced by new pear install
security/horde4-auth

21:09 mm 

The Horde_Crypt package class provides an API for various cryptographic
systems.

WWW: http://pear.horde.org

19:46 mm 

Horde_Share provides an interface to all shared resources a user
owns or has access to.

WWW: http://pear.horde.org

19:45 mm 

The Perms package provides an interface to the Horde permissions system.

WWW: http://pear.horde.org

19:22 mm 

The Horde_Auth package provides a common interface into the various backends
for the Horde authentication system.

WWW: http://pear.horde.org

18:51 mm 

Package for managing and accessing the Horde groups system.

WWW: http://pear.horde.org

18:01 mm 

The Horde_Secret library provides an API for encrypting and decrypting
small pieces of data with the use of a shared key.

WWW: http://pear.horde.org

10:18 miwi 

Belier allows opening a shell or executing a command on a remote computer
through a SSH connection. The main feature of Belier is its ability to cross
several intermediate computers before realizing the job.

WWW: http://www.ohmytux.com/belier/index.html

PR:             ports/156757
Submitted by:   rokaz

15:52 dhn 

SSLScan is a fast SSL port scanner. SSLScan connects to SSL ports and determines
what ciphers are supported, which are the servers prefered ciphers, which SSL
protocols are supported and returns the SSL certificate. Client certificates and
private key can be configured and output is to text / XML.

PR:             ports/158111
Submitted by:   Matthieu BOUTHORS <matthieu@labs.fr>

01:32 wxs 

Free open-source disk encryption software

Main Features:
* Creates a virtual encrypted disk within a file and mounts it as
  a real disk.
* Encrypts an entire partition or storage device such as USB flash
  drive or hard drive.
* Encryption is automatic, real-time (on-the-fly) and transparent.
* Parallelization and pipelining allow data to be read and written
  as fast as if the drive was not encrypted.
* Provides plausible deniability, in case an adversary forces you
  to reveal the password:
  Hidden volume (steganography) and hidden operating system.

WWW: http://www.truecrypt.org/

NOTE: This port is experimental and provides no GUI for managing
truecrypt volumes.

PR:             ports/157072
Submitted by:   Ryan Steinmetz <rpsfa@rit.edu>

08:35 jadawin 

Dicewaregen is simple perl script that generated Diceware dictionaries, that
can be used to create secure passwords.

Dicewaregen relies on aspell, to make wordlist. Once you have wordlist you can
create Diceware dictionary. You can make few dictionaries using different
languages, merge them and then make Diceware dictionary.

More info about Diceware: http://world.std.com/~reinhold/diceware.html

WWW: http://hg.bsdroot.lv/aldis/dicewaregen/

PR:             ports/157251
Submitted by:   Aldis Berjoza <aldis at bsdroot.lv>

19:21 beech 

The Horde_Auth package provides a common interface into the
various backends for the Horde authentication system.

Approved by:    itetcu (mentor)(implicit)

02:45 lwhsu 

Add pam_google_authenticator 20110519, PAM module for two-step
authentication from Google.

PR:             ports/157152
Submitted by:   Jui-Nan Lin <jnlin at csie.nctu.edu.tw>

17:09 ohauer 

- add patch to barnyard2 to allow build with postgresql and tcl
  (reported and fixed upstream)
- display option TCL only for Master port, it makes no sense if
  the slave can de-select a required option
- remove broken barnyard-sguil (master port was removed 2011-04-04)
- add new port barnyard2-sguil [1]
- add entry to MOVED

PR:             ports/156188 [1]
Submitted by:   me
Approved by:    maintainer timeout

02:52 sunpoet 

- Add p5-String-MkPasswd

This Perl library defines a single function, mkpasswd(), to generate
random passwords. The function is meant to be a simple way for
developers and system administrators to easily generate a relatively
secure password.

WWW: http://search.cpan.org/dist/String-MkPasswd

PR:             ports/156714
Submitted by:   Frank Wall <fw@moov.de>

03:11 cy 

Libfwbuilder has been merged into fwbuilder.

23:28 stas 

Add rubygem-net-ssh-multi 1.0.1, SSH connection multiplexing library for
Ruby.

PR:             ports/ports/156780
Submitted by:   Renaud Chaput <renchap at cocoa-x.com>

20:14 bapt 

Remove unmaintained expired ports from security

2011-05-01 security/aafid2: Upstream disapear and distfile is no more available
2011-05-01 security/bjorb: Upstream disapear and distfile is no more available
2011-05-01 security/borzoi: Upstream disapear and distfile is no more available
2011-05-01 security/cmd5checkpw: Upstream disapear and distfile is no more
available
2011-05-01 security/cops: Upstream disapear and distfile is no more available
2011-05-01 security/find_ddos: Upstream disapear and distfile is no more
available
2011-05-01 security/ftpmap: Upstream disapear and distfile is no more available
2011-05-01 security/hafiye: Upstream disapear and distfile is no more available
2011-05-01 security/ident2: Upstream disapear and distfile is no more available
2011-05-01 security/liedentd: Upstream disapear and distfile is no more
available
2011-05-01 security/pam_pop3: Upstream disapear and distfile is no more
available
2011-05-01 security/poc: Upstream disapear and distfile is no more available
2011-05-01 security/portscanner: Upstream disapear and distfile is no more
available
2011-05-01 security/ppgen: Upstream disapear and distfile is no more available
2011-05-01 security/qident: Upstream disapear and distfile is no more available
2011-05-01 security/quintuple-agent: Upstream disapear and distfile is no more
available
2011-05-01 security/rc5pipe: Upstream disapear and distfile is no more available
2011-05-01 security/rid: Upstream disapear and distfile is no more available
2011-05-01 security/ssh: Upstream disapear and distfile is no more available
2011-05-01 security/tea-total: Upstream disapear and distfile is no more
available
2011-05-01 security/uberkey: Upstream disapear and distfile is no more available

17:42 skreuzer 

arpCounterattack is a program for detecting and remedying "ARP attacks." It
monitors traffic on any number of Ethernet interfaces and examines ARP replies
and gratuitous ARP requests. If it notices an ARP reply or gratuitous ARP
request that is in conflict with its notion of "correct" Ethernet/IP address
pairs, it logs the attack if logging is enabled, and, if the Ethernet
interface that the attack was seen on is is configured as being in aggressive
mode, it sends out a gratuitous ARP request and a gratuitous ARP reply with
the "correct" Ethernet/IP address pair in an attempt to reset the ARP tables
of hosts on the local network segment. The corrective gratuitous ARP request
and corrective gratuitous ARP reply can be sent from an Ethernet interface
other than the one that the attack was seen on.

WWW: http://acm.poly.edu/wiki/ARP_Counterattack

PR:             ports/151973
Submitted by:   Boris Kochergin <spawk@acm.poly.edu>

22:27 rene 

Remove unmaintained port that depends on expired security/newpki-lib:
security/newpki-client

22:25 rene 

Remove most expired ports:
2011-04-17 cad/tclspice: has been broken for more than a year
2011-04-17 comms/hcfmdm: does not compile on 7.X or higher
2011-04-17 databases/mysqlcc: has been broken for almost a year
2011-04-17 devel/ruby-rjudy: does not compile on FreeBSD 7.x or newer
2011-04-17 devel/xfc: does not compile on FreeBSD 7.x or newer
2011-04-17 devel/lamson: has been broken for a half year
2011-04-17 devel/cocktail: does not build on FreeBSD 7.x or newer
2011-04-17 devel/djgpp-gcc: has been broken for half a year
2011-04-17 devel/gauche-sdl: has been broken for a year
2011-04-17 devel/gdb53-act: does not compile on FreeBSD 7.x and up
2011-04-17 editors/zed: does not compile on FreeBSD 7.x or newer
2011-04-17 games/aqbubble: does not compile on FreeBSD 7.x or newer
2011-04-17 graphics/libvisual-plugins: has been broken for 3 years
2011-04-17 japanese/roundcube: has been broken for almost a year
2011-04-17 japanese/tkstep80: does not compile on FreeBSD 7.x or newer
2011-04-17 lang/u++: has been broken for over a half year
2011-04-17 lang/pugs: has been broken for over a year
2011-04-17 lang/mozart: does not compile on FreeBSD 7.x or newer
2011-04-17 math/linalg: does not build on FreeBSD 7.x or newer
2011-04-17 math/R-cran-igraph: has been broken for over a half year
2011-04-17 misc/ftree: has been broken for over a half year
2011-04-17 multimedia/katchtv: has been broken for a half year
2011-04-17 multimedia/libomxil-bellagio: has been broken for almost a year
2011-04-17 multimedia/banshee-mirage: has been broken for over a half year
2011-04-17 net-p2p/trackerbt: has been broken for a half year
2011-04-17 net/cap: does not compile on FreeBSD 7.x or newer
2011-04-17 net/ggsd: does not compile on FreeBSD 7.x or newer
2011-04-17 net/b2bua: does not compile on FreeBSD 7.x or newer
2011-04-17 net/penguintv: has been broken for a half year
2011-04-17 news/openftd: has been broken for almost a year
2011-04-17 palm/romeo: does not compile on FreeBSD 7.x or newer
2011-04-17 science/pcp: does not compile on FreeBSD 7.x or newer
2011-04-17 science/elmer-fem: has been broken for over a year
2011-04-17 security/newpki-lib: does not compile on FreeBSD 7.x or newer
2011-04-17 security/newpki-server: does not compile on FreeBSD 7.x or newer
2011-04-17 security/xmlsec: does not compile on FreeBSD 7.x or newer
2011-04-17 security/f-protd: has been broken for over a year
2011-04-17 sysutils/xwlans: does not compile on FreeBSD 7.x or newer
2011-04-17 www/bk_edit: does not compile on FreeBSD 7.x and newer
2011-04-17 www/bricolage: has been broken for a half year
2011-04-17 x11-toolkits/gauche-gtk: has been broken for a year
2011-04-17 x11-toolkits/gambas2-gb-qt: has been broken for over a year
2011-04-17 x11-toolkits/php-gtk2: has been broken for over a half year
2011-04-17 x11-toolkits/p5-Tcl-Tk: has been broken for 2 year
2011-04-17 x11/metisse: has been broken for over a half year

18:10 rene 

Remove expired ports:
2011-04-11 lang/gpc: development has ceased; use lang/fpc instead
2011-04-11 security/mypasswordsafe: development has ceased; try security/gorilla
instead

09:42 ale 

pkcs11-gateway is a software that allows you to use a Linux 32-bit PKCS#11
module on FreeBSD i386/amd64.
It consists of a FreeBSD Cryptoki wrapper library that serializes and forwards
PKCS#11 function calls to a Linux server program that dlopen() and use the
real module. The communication between the two components is via a UNIX socket.
pkcs11-gateway is based on the rpc-layer of Gnome Keyring.

- Alex Dupre
ale@FreeBSD.org

07:58 ale 

pkcs11-dump is a small utility to dump PKCS#11 token contents.

WWW:    http://sites.google.com/site/alonbarlev/pkcs11-utilities

19:40 ohauer 

 - remove expired port security/barnyard
 - remove barnyard from security/Makefile

17:12 rene 

Garbage collect expired ports
2011-04-01 accessibility/linux-f8-atk: End of Life since Jan 7, 2009
2011-04-01 archivers/linux-f8-ucl: End of Life since Jan 7, 2009
2011-04-01 archivers/linux-f8-upx: End of Life since Jan 7, 2009
2011-04-01 audio/linux-f8-alsa-lib: End of Life since Jan 7, 2009
2011-04-01 audio/linux-f8-arts: End of Life since Jan 7, 2009
2011-04-01 audio/linux-f8-esound: End of Life since Jan 7, 2009
2011-04-01 audio/linux-f8-freealut: End of Life since Jan 7, 2009
2011-04-01 audio/linux-f8-libaudiofile: End of Life since Jan 7, 2009
2011-04-01 audio/linux-f8-libogg: End of Life since Jan 7, 2009
2011-04-01 audio/linux-f8-libvorbis: End of Life since Jan 7, 2009
2011-04-01 audio/linux-f8-mikmod: End of Life since Jan 7, 2009
2011-04-01 audio/linux-f8-nas-libs: End of Life since Jan 7, 2009
2011-04-01 audio/linux-f8-openal: End of Life since Jan 7, 2009
2011-04-01 audio/linux-f8-sdl_mixer: End of Life since Jan 7, 2009
2011-04-01 databases/linux-f8-sqlite3: End of Life since Jan 7, 2009
2011-04-02 databases/postgresql81-server: EOL see
http://wiki.postgresql.org/wiki/PostgreSQL_Release_Support_Policy
2011-04-02 databases/postgresql73-server: EOL see
http://wiki.postgresql.org/wiki/PostgreSQL_Release_Support_Policy
2011-04-02 databases/postgresql74-server: EOL see
http://wiki.postgresql.org/wiki/PostgreSQL_Release_Support_Policy
2011-04-02 databases/postgresql80-server: EOL see
http://wiki.postgresql.org/wiki/PostgreSQL_Release_Support_Policy
2011-04-01 devel/linux-f8-libglade: End of Life since Jan 7, 2009
2011-04-01 devel/linux-f8-sdl12: End of Life since Jan 7, 2009
2011-04-01 devel/linux-f8-allegro: End of Life since Jan 7, 2009
2011-04-01 devel/linux-f8-libsigc++20: End of Life since Jan 7, 2009
2011-04-01 devel/linux-f8-libglade2: End of Life since Jan 7, 2009
2011-04-01 devel/linux-f8-nspr: End of Life since Jan 7, 2009
2011-04-01 dns/linux-f8-libidn: End of Life since Jan 7, 2009
2011-04-01 emulators/linux_base-f8: End of Life since Jan 7, 2009
2011-04-01 emulators/linux_base-f9: End of Life since Jul 10, 2009
2011-04-01 emulators/linux_base-fc6: End of Life since December 7, 2007
2011-04-01 emulators/linux_base-f7: End of Life since June 13, 2008
2011-04-01 ftp/linux-f8-curl: End of Life since Jan 7, 2009
2011-04-01 graphics/linux-f8-sdl_image: End of Life since Jan 7, 2009
2011-04-01 graphics/linux-f8-ungif: End of Life since Jan 7, 2009
2011-04-01 graphics/linux-f8-imlib: End of Life since Jan 7, 2009
2011-04-01 graphics/linux-f8-cairo: End of Life since Jan 7, 2009
2011-04-01 graphics/linux-f8-dri: End of Life since Jan 7, 2009
2011-04-01 graphics/linux-f8-gdk-pixbuf: End of Life since Jan 7, 2009
2011-04-01 graphics/linux-f8-jpeg: End of Life since Jan 7, 2009
2011-04-01 graphics/linux-f8-png: End of Life since Jan 7, 2009
2011-04-01 graphics/linux-f8-libGLU: End of Life since Jan 7, 2009
2011-04-01 graphics/linux-f8-libmng: End of Life since Jan 7, 2009
2011-04-01 graphics/linux-f8-png10: End of Life since Jan 7, 2009
2011-04-01 graphics/linux-f8-tiff: End of Life since Jan 7, 2009
2011-04-01 lang/linux-f8-libg2c: End of Life since Jan 7, 2009
2011-04-01 lang/linux-f8-tcl84: End of Life since Jan 7, 2009
2011-04-01 multimedia/linux-f8-libtheora: End of Life since Jan 7, 2009
2011-04-02 net-p2p/dcd: No fetch sources and looks like project abandoned
2011-03-31 net/straw: abandoned upstream and does not work with python 2.6+
2011-04-01 security/linux-f8-libssh2: End of Life since Jan 7, 2009
2011-04-01 security/linux-f8-nss: End of Life since Jan 7, 2009
2011-04-01 security/linux-f8-openssl: End of Life since Jan 7, 2009
2011-04-01 textproc/linux-f8-libxml2: End of Life since Jan 7, 2009
2011-04-01 textproc/linux-f8-scim-gtk: End of Life since Jan 7, 2009
2011-04-01 textproc/linux-f8-scim-libs: End of Life since Jan 7, 2009
2011-04-01 textproc/linux-f8-expat: End of Life since Jan 7, 2009
2011-04-01 textproc/linux-f8-libxml: End of Life since Jan 7, 2009
2011-04-01 textproc/linux-f8-aspell: End of Life since Jan 7, 2009
2011-04-01 www/linux-f8-flashplugin10: End of Life since Jan 7, 2009
2011-03-30 www/mediawiki112: abandoned upstream
2011-03-30 www/mediawiki113: abandoned upstream
2011-03-30 www/mediawiki114: abandoned upstream
2011-03-30 www/mediawiki16: abandoned upstream
2011-04-01 x11-fonts/linux-f8-fontconfig: End of Life since Jan 7, 2009
2011-03-01 x11-themes/gnome-icons-cool-gorilla: "no mastersite"
2011-04-01 x11-themes/linux-f8-hicolor-icon-theme: End of Life since Jan 7, 2009
2011-04-01 x11-toolkits/linux-f8-gtk: End of Life since Jan 7, 2009
2011-04-01 x11-toolkits/linux-f8-gtk2: End of Life since Jan 7, 2009
2011-04-01 x11-toolkits/linux-f8-openmotif: End of Life since Jan 7, 2009
2011-04-01 x11-toolkits/linux-f8-pango: End of Life since Jan 7, 2009
2011-04-01 x11-toolkits/linux-f8-qt33: End of Life since Jan 7, 2009
2011-04-01 x11-toolkits/linux-f8-tk84: End of Life since Jan 7, 2009
2011-04-01 x11/linux-f8-xorg-libs: End of Life since Jan 7, 2009

06:07 sunpoet 

- Add create-cert 2.0

create-cert is a script that uses openssl(1) to create self-signed host
certificates and private keys for fully qualified domain names (FQDNs).

PR:             ports/155014
Submitted by:   Craig Leres <leres@ee.lbl.gov>

13:16 miwi 

Get weak or strong random data from pluggable sources

WWW: http://search.cpan.org/dist/Crypt-Random-Source

PR:             ports/155572
Submitted by:   Dereckson <dereckson at gmail.com>

18:04 wxs 

Two new ports: security/yara and security/py-yara. The latter is the python
bindings for the former.

"YARA is a tool aimed at helping malware researchers to identify and classify
malware samples. With YARA you can create descriptions of malware families
based on textual or binary patterns contained on samples of those families.
Each description consists of a set of strings and a Boolean expression which
determines its logic."

WWW: http://code.google.com/p/yara-project/

11:40 dhn 

This module extends existing IO::Async classes with extra methods to
allow the use of SSL or TLS-based connections using IO::Socket::SSL.

WWW:    http://search.cpan.org/dist/IO-Async-SSL/

PR:             ports/155336
Submitted by:   "ports@c0decafe.net" <ports@c0decafe.net>

17:14 miwi 

The OpenVPN Radius Plugin provides RADIUS authentication
and accounting support for OpenVPN.

WWW: http://www.nongnu.org/radiusplugin/index.html

PR:             ports/155259
Submitted by:   Mikhail T. <m.tsatsenko at gmail.com>

10:32 martymac 

Remove extra spaces after port names

Approved by:    portmgr@, ehaupt (mentor)

09:46 miwi 

- Part 1 of python24 removal
        - Clean up bsd.python.mk (remove PYWSGIREF, PYHASHLIB, PYCTYPES and
PYEXPAT) all these is now part of python
          since python25

Remove:
        textproc/py-expat
        devel/py-ctypes
        security/py-hashlib
        www/py-wsgiref

12:08 miwi 

bcrypt() is a sophisticated and secure hash algorithm designed by The OpenBSD
project for hashing passwords. bcrypt-ruby provides a simple, humane wrapper
for safely handling passwords.

WWW: http://rubygems.org/gems/bcrypt-ruby

PR:             ports/153965
Submitted by:   Jason Helfman <jhelfman at experts-exchange.com>
Feature safe:   yes

06:05 wen 

Twofish is a 128-bit symmetric block cipher with a variable key
length (128, 192, or 256 bits) key, developed by Counterpane Labs.
It is unpatented and free for all uses, as described at
http://www.counterpane.com/twofish.html. It has been one of the
five finalists for AES.

This module is written in pure Perl, it should run everywhere
where Perl runs.

WWW:    http://search.cpan.org/dist/Crypt-Twofish_PP/

PR:             ports/154142
Submitted by:   Konstantin Menshikov <kostjnspb@yandex.ru>
Feature safe:   yes

17:32 ehaupt 

Add ssh-copy-id 5.6p1, small script which copy your ssh public-key to a
remote host; appending it to your remote authorized_keys.

Feature safe: yes

01:54 wen 

Honggfuzz is a general-purpose fuzzing tool. Given a starting corpus of test
files, Hongfuzz supplies and modifies input to a test program and utilize the
ptrace() API/POSIX signal interface to detect and log crashes.

WWW:    http://code.google.com/p/honggfuzz/

03:32 mezz 

The x11/libcapplet has been broken for over a year (will be two in June 2011)
and no one has any of interest to fix it. It's an ancient software and
is part of GNOME 1. It's time for us to get rid of some of GNOME 1 stuff as
the GNOME 3 is coming sometimes in 2011. Any ports that required libcappet
are removed and ports that have optional aren't remove.

PR:             ports/153355
Discussed with: My team, FreeBSD GNOME Team
Tested by:      pointyhat-exp (thanks pav!)

14:38 garga 

Remove expired ports:

2011-01-01 audio/emphasis: abandoned upstream
2011-01-01 converters/ecore-txt: abandoned upstream
2011-01-01 deskutils/estickies: abandoned upstream
2011-01-01 devel/ecore-job: abandoned upstream
2011-01-01 devel/engrave: abandoned upstream
2011-01-01 devel/evfs: abandoned upstream
2011-01-01 devel/ruby-ecore: abandoned upstream
2011-01-01 graphics/exhibit: abandoned upstream
2011-01-01 graphics/epsilon: abandoned upstream
2011-01-01 graphics/esmart: abandoned upstream
2011-01-01 graphics/ruby-edje: abandoned upstream
2011-01-01 graphics/ruby-esmart: abandoned upstream
2011-01-01 graphics/ruby-evas: abandoned upstream
2011-01-01 graphics/ruby-redact: abandoned upstream
2011-01-01 multimedia/eclair: abandoned upstream
2011-01-01 security/phpmyid: Development has ceased.
2011-01-01 sysutils/ecore-config: abandoned upstream
2011-01-01 sysutils/extrackt: abandoned upstream
2011-01-01 textproc/exml: abandoned upstream
2011-01-02 www/mod_accesscookie: upstream is gone
2011-01-02 www/mod_vdbh: upstream is gone
2011-01-02 www/mod_auth_any: upstream is gone
2011-01-02 www/mod_log_data: upstream is gone and will be unsupported by ASF
when 2.4.0 is release, migrate to 2.2.x+ now
2011-01-01 x11-fm/entropyfm: abandoned upstream
2011-01-01 x11-themes/e17-splash-fortune: abandoned upstream
2011-01-01 x11-themes/e17-splash-shiny: abandoned upstream
2011-01-01 x11-themes/e17-splash-takara: abandoned upstream
2011-01-01 x11-themes/e17-theme-blue_eyed: abandoned upstream
2011-01-01 x11-themes/e17-theme-dali: abandoned upstream
2011-01-01 x11-themes/e17-theme-gant: abandoned upstream
2011-01-01 x11-themes/e17-theme-japan2007: abandoned upstream
2011-01-01 x11-themes/e17-theme-kor: abandoned upstream
2011-01-01 x11-themes/e17-theme-milky: abandoned upstream
2011-01-01 x11-themes/e17-theme-night_bling: abandoned upstream
2011-01-01 x11-themes/e17-theme-simply_white: abandoned upstream
2011-01-01 x11-themes/e17-splash-azul: abandoned upstream
2011-01-01 x11-themes/e17-splash-blue: abandoned upstream
2011-01-01 x11-themes/e17-splash-clean: abandoned upstream
2011-01-01 x11-themes/e17-splash-logo: abandoned upstream
2011-01-01 x11-toolkits/etk: abandoned upstream
2011-01-01 x11-toolkits/ewl: abandoned upstream
2011-01-01 x11-toolkits/enhance: abandoned upstream
2011-01-01 x11-wm/e17-module-bling: abandoned upstream
2011-01-01 x11-wm/e17-module-mixer: abandoned upstream
2011-01-01 x11-wm/e17-utils: abandoned upstream
2011-01-01 x11/elicit: abandoned upstream
2011-01-01 x11/enity: abandoned upstream
2011-01-01 x11/examine: abandoned upstream
2011-01-01 x11/ecore-desktop: abandoned upstream

21:49 rene 

Garbage collect unmaintained expired ports:
2011-01-01 security/lxnb: Development has ceased, mastersite disappeared
2011-01-01 x11-wm/lxsession-lite: Superseded by x11-wm/lxsession

01:32 nork 

Add tpmmanager 0.8, is an open source TPM (Trusted Platform
Module) management software providing an easy-to-use
graphical user interface.

WWW: http://projects.sirrix.com/trac/tpmmanager

17:35 rene 

Garbage-collect expired ports:
2010-12-30 databases/p5-sqlrelay: broken and upstream disapeared
2010-12-30 devel/php-dbg2: No upstream support
2010-12-30 dns/fourcdns: upstream has disapeared
2010-12-31 emulators/win4bsd: Development has ceased and distfile is no longer
available
2010-12-31 french/mozilla-flp: www/seamonkey port is deprecated. Consider using
the www/firefox-i18n.
2010-12-31 french/xtel: Minitel services will be discontinued at the end of
2010.
2010-12-30 ftp/ftpq: upstream has disapeared
2010-12-30 graphics/paintlib: does not compile with new tiff and no more
maintained upstream
2010-12-30 graphics/g3dviewer: does not build with gcc 4.2, upstream disapeared
2010-12-30 lang/scriba: Does not compile with gcc 4.2+, looks like abandonware
2010-12-30 math/rascal: Broken on every arch since 2008, looks like an
abandonware
2010-12-31 net-mgmt/nrg: Project has vanished. Use cacti instead.
2010-12-31 security/hostsentry: Project is dead.
2010-12-31 sysutils/kcube: Project has vanished
2010-12-31 www/cybercalendar: has been unmaintained since 2001 and is unusable
with dates after 2010 (see ports/150974)
2010-12-31 www/flock: Flock 3 moves from Firefox to Chromium
2010-12-31 www/linux-flock: Flock 3 moves from Firefox to Chromium
2010-12-30 x11-clocks/xtu: Looks like abandonware

Leave java/tya in for now, as it has outstanding PRs.

19:10 nobutaka 

Add log2timeline, a log file parser for computer forensic investigations.

18:50 nobutaka 

Add ssdeep, a tool for computing context triggered piecewise hashes.

18:38 mat 

This module allows to secure connections of POE::Wheel::ReadWrite with OpenSSL
by a POE::Filter object, and behaves (beside of SSLing) as POE::Filter::Stream.

15:29 ale 

Add xml-security port: the Apache Java library for XML Signature and Encryption.

21:32 rene 

Garbage collect old ports:
2010-11-15 archivers/linux-par2cmdline: Native version available
2010-11-15 audio/bmp-musepack: does not build with audio/musepack
2010-11-15 audio/libmpcdec: superseded by audio/musepack
2010-11-15 audio/py-musepack: does not build with audio/musepack
2010-12-01 chinese/chinput3: Development has ceased.
2010-12-01 emulators/dynagen-devel: Please install emulators/dynagen instead
2010-11-24 net-p2p/gift-fasttrack: unmaintained upstream
2010-11-24 net-p2p/gift-gnutella: unmaintained upstream
2010-11-24 net-p2p/gift-openft: unmaintained upstream
2010-11-24 net-p2p/pyslsk: unmantained upstream, use net-p2p/nicotine-plus
2010-11-11 security/pamsfs: SFS is dead, this project is dead, and site is gone
2010-11-10 www/p5-Catalyst-Plugin-CommandLine: The module is not needed any
more. With new Catalyst (at least 5.7014) it works out of the box.

15:37 kwm 

Presenting GNOME 2.32.1 for FreeBSD. The offical release notes for this
release can be found at http://library.gnome.org/misc/release-notes/2.32/

This will be the last release of the GNOME 2.x series, mainly a bugfix and
bridge release to the first release of the GNOME 3.x series.

This release features commits by avl, marcus, mezz and myself.

The FreeBSD GNOME Team would like to thank the following contributors and
testers for there help with this release:

Zane C.B. <vvelox@vvelox.net>
romain@
Olaf Seibert <O.Seibert@cs.ru.nl>
DomiX
Bapt <baptiste.daroussin@gmail.com>
jsa@
miwi@
Sergio de Almeida Lenzi <lenzi.sergio@gmail.com>
Maxim Samsonov <xors@mne.ru>
Kris Moore

And pav@ for 2 exp-runs

PR:             ports/152255
                ports/143260
                ports/141033
                ports/149629
                ports/150350
                ports/151523
With hat:       gnome@

07:28 tota 

- Add a new port: security/rubygem-roauth

  A simple OAuth library that supports OAuth header signing, and header
verifying.

  WWW:  http://github.com/maccman/roauth

10:08 garga 

Remove expired ports:

2010-11-07 devel/libisc: Unlikely to be used...
2010-11-08 emulators/vmware-guestd3: Depends of misc/compat3x, that is
deprecated and set to be removed
2010-11-08 emulators/vmware-tools3: Depends of misc/compat3x, that is deprecated
and set to be removed
2010-10-08 misc/compat3x: "Only FreeBSD 6.4+ are supported in ports"
2010-11-08 misc/bidwatcher: Obsoleted by JBidwatcher and changes at
http://ebay.com
2010-11-08 security/vscan: Depends of misc/compat3x, that is deprecated and set
to be removed
2010-11-08 www/ssserver: Depends of misc/compat3x, that is deprecated and set to
be removed

12:11 nork 

Add openssl_tpm_engine 0.4.1, is a OpenSSL TPM engine.

Obtained from:  http://bsssd.sourceforge.net/

12:10 nork 

Add tpm-tools 1.3.5, provides a basic set of TPM tools.

Obtained from:  http://bsssd.sourceforge.net/

12:07 nork 

Add opencryptoki 2.3.2, is an open PKCS#11 implementation library.

Obtained from:  http://bsssd.sourceforge.net/

12:05 nork 

Add trousers 0.3.6, is a CPL (Common Public License) licensed Trusted
Computing Software Stack.  It is mostly compliant with the TSS 1.2
specification.

Obtained from:  http://bsssd.sourceforge.net/

12:54 garga 

security/samba-vscan just works with samba 3.0, that is gone, so remove it too

17:40 garga 

Remove expired ports

2010-10-15 security/ssh2: abandoned upstream
2010-10-15 security/ssh2-nox11: abandoned upstream

18:23 romain 

gnome-keyring-sharp is a fully managed implementation of libgnome-keyring.

When the gnome-keyring-daemon is running, you can use this to retrieve/store
confidential information such as passwords, notes or network services user
information.

WWW:    http://andrew.jorgensenfamily.us/2008/08/gnome-keyring-sharp/

02:38 pgollucci 

spass is a random password generator written by Guy Rutenberg

WWW:
http://www.guyrutenberg.com/2010/08/13/statistical-tests-for-my-audio-based-random-number-generator/

PR:             ports/150072
Submitted by:   Eitan Adler <ports at eitanadler.com>

02:38 pgollucci 

ccsrch is a tool that searches for and identifies unencrypted and
contiguous credit card numbers (PAN) and track data on windows and
UNIX operating systems. It will also identify the location of the
PAN data in the files and record MAC times.

WWW:    http://ccsrch.sourceforge.net/

PR:             ports/148821
Submitted by:   Pavel I Volkov <pavelivolkov at googlemail.com>

15:31 jmelo 

The Suricata Engine is an Open Source Next Generation Intrusion Detection and
Prevention Engine developed by the Open Information Security Foundation (OISF).

This engine is not intended to just replace or emulate the existing tools in
the industry, but will bring new ideas and technologies to the field.

OISF is part of and funded by the Department of Homeland Security's Directorate
for Science and Technology HOST program (Homeland Open Security Technology),
by the the Navy's Space and Naval Warfare Systems Command (SPAWAR), as well as
through the very generous support of the members of the OISF Consortium.

More information about the Consortium is available, as well as a list of our
current Consortium Members.

The Suricata Engine and the HTP Library are available to use under the GPLv2.

The HTP Library is an HTTP normalizer and parser written by Ivan Ristic of
Mod Security fame for the OISF. This integrates and provides very advanced
processing of HTTP streams for Suricata. The HTP library is required by the
engine but may also be used independently in a range of applications and tools.

WWW: http://openinfosecfoundation.org

PR:             ports/150191
Submitted by:   Patrick Tracanelli <eksffa@freebsdbrasil.com.br>

23:24 pgollucci 

Decrypt the output from the yubikey token

The hardware can be found at

http://www.yubico.com/home/index/

The decryption module does only one thing - decrypt the AES encrypted
OTP from the Yubikey. To this, it requires the OTP, and the AES
key.

Please note - this module does not perform authentication - it is
a required component to decrypt the token first before authentication
can be performed.

WWW: http://search.cpan.org/~massyn/Auth-Yubikey_Decrypter-0.07/

PR:             ports/149802
Submitted by:   Kurt Jaeger <fbsd-ports@opsec.eu>

13:40 pav 

Strongswan is an open source IPsec-based VPN solution.
Strongswan for FreeBSD supports IKEv2 but NOT IKEv1.

WWW: http://www.strongswan.org

PR:             ports/147431
Submitted by:   Riaan Kruger <riaank@gmail.com>

16:28 lwhsu 

Add clamd-stream-client , standalone clamav client.

PR:             ports/149879
Submitted by:   glen.j.barber at gmail.com

09:27 niels 

New port: The BlindElephant Web Application Fingerprinter attempts
to discover the version of a (known) web application by comparing
static files at known locations against precomputed hashes for
versions of those files in all available releases. The technique
is fast, low-bandwidth, non-invasive, generic, and highly automatable.

WWW: http://blindelephant.sourceforge.net/

Approved by:    itetcu (mentor)

13:04 bapt 

Security vulnerability: local root privileges escalation problems

PR:             ports/148911
Submitted by:   Steve Wills <steve _at_ mouf.net> (maintainer)
Approved by:    tabthorpe (mentor)

15:48 jpaetzel 

Add openvpn-beta , secure IP/Ethernet tunnel daemon.

PR:             ports/149620
Submitted by:   Eric F Crist <ecrist at secure-computing.net>

20:51 ohauer 

PR:           146455
Submitted by: Dax Labrador <semprix _at_ bsdmail.org>
Approved by:  glarkin (mentor)

dradis is an open source framework to enable effective information sharing.

dradis is a self-contained web application that provides a centralised
repository of information to keep track of what has been done so far,
and what is still ahead.

Features include:

    * Easy report generation.
    * Support for attachments.
    * Integration with existing systems and
      tools through server plugins.
    * Platform independent.

WWW: http://dradisframework.org/

20:36 dougb 

As previously advertised, remove the old libassuan port now that all
consumers have moved to libassuan 2.0.0, or dropped the dependency

00:31 lx 

Adding ncrack, a network authentication cracking tool from the folks
that brought you nmap.

22:54 araujo 

- Development has been discontinued.

PR:             ports/148261
Submitted by:   Anderson Eduardo <anderson@secover.com.br> (maintainer)
Feature safe:   yes

20:02 araujo 

- The EOL was announced in 2006 and has a lot of security issues.

Feature safe:   yes

00:42 dougb 

Update security/libassuan to version 2.0.0, which is required by gnupg 2.0.15

Unfortunately version 2.0.0 is largely incompatible with version 1.x, so it
is necessary to have a stopgap measure while ports that depend on libassuan
can be updated. In conversation with the maintainers of the dependent ports
it was originally considered ideal to prepare updates for the ports first,
then upgrade everything to libassuan 2.x en masse. Since no action has
arisen on that front, go with plan B:

Copy security/libassuan to security/libassuan-1, and update the dependent
ports accordingly. Because this is (intended to be) a _temporary_ measure,
and because no updates for libassuan 1.x are anticipated, and because the
hope is that it can be removed sooner rather than later, it's a copy instead
of a repocopy.

17:16 wxs 

Add missing shibboleth2-sp entry.

Noticed by:     itetcu@

06:59 miwi 

PBKDF2 is a secure password hashing algorithm that uses the techniques of
"key strengthening" to make the complexity of a brute-force attack arbitrarily
high. PBKDF2 uses any other cryptographic hash or cipher (by convention,
usually HMAC-SHA1, but Crypt::PBKDF2 is fully pluggable), and allows for an
arbitrary number of iterations of the hashing function, and a nearly unlimited
output hash size (up to 2**32 - 1 times the size of the output of the backend
hash). The hash is salted, as any password hash should be, and the salt may
also be of arbitrary size.

See also: RFC2898, PKCS#5 version 2.0: http://tools.ietf.org/html/rfc2898

WWW:    http://search.cpan.org/dist/Crypt-PBKDF2/

PR:             ports/146847
Submitted by:   Victor Popov <v.a.popov at gmail.com>