non port: security/Makefile |
Number of commits found: 2351 (showing only 100 on this page) |
Thursday, 18 May 2023
|
08:19 Robert Clausecker (fuz) Author: rihaz jerrin
security/ismtp: Test for SMTP user enumeration, internal spoofing, and relay
SMTP user enumeration (RCPT TO and VRFY), internal spoofing, and open
relay. A tool that tests for all three and comes with great
flexibility. iSMTP does just that, making it much easier to knock that
process out of the way.
WWW: https://github.com/altjx/ipwn/tree/master/iSMTP
PR: 270304
6da2b6f |
Thursday, 11 May 2023
|
03:37 Kai Knoblich (kai)
security/py-netbox-secrets: New port
This is the continuation of the NetBox Secretstore app. The original
plugin is minimally maintained and has a lot of issues.
This plugin is a complete rewrite of the original plugin. It is more
generic and flexible than the original plugin. It is also regularly
tested with the latest NetBox releases to ensure compatibility and
stability.
Features:
* Store secrets in the database encrypted with a public key (RSA)
* More generic and flexible than the original plugin (e.g. secrets
can be assigned to any object in NetBox)
* Secrets can be assigned to contacts to associate them with
a secret (e.g. SSH key)
* Updated user interface to make it easier to use and more intuitive
to navigate
* Regularly tested with the latest NetBox releases to ensure
compatibility and stability
MFH: 2023Q2 (in 3 weeks, to provide a migration path for
security/py-netbox-secretstore, which is deprecated)
1976bf9 |
Wednesday, 3 May 2023
|
03:29 Jason E. Hale (jhale)
security/gpgme-qt: Flavorize for new Qt6 bindings
Rename security/gpgme-qt5 to security/gpgme-qt and flavorize to
allow building qt5 and qt6 flavors.
Adjust dependencies and bump PORTREVISION on consumers.
Fix installation of optional Doxgen docs.
f247211 |
Tuesday, 2 May 2023
|
06:53 Felix Palmen (zirias)
security/tlsc: Add new port
Tlsc is a little BSD-licensed daemon that allows to connect non-TLS
clients to TLS-enabled services.
It's kept simple, so uses all-standard options for TLS and doesn't
implement anything else (like e.g. STARTTLS or doing service-side).
Approved by: tcberner (mentor, implicit)
cf234c8 |
Monday, 1 May 2023
|
18:26 Jose Alonso Cardenas Marquez (acm)
security/py-iris-intelowl-module: New port: IntelOwl IRIS module
iris-intelowl-module is a IRIS processor module providing open-source threat
intelligence leveraging IntelOlw analyzers, to enrich indicators of compromise.
18a6934 |
Sunday, 30 Apr 2023
|
21:50 Jose Alonso Cardenas Marquez (acm)
security/py-iris-evtx-module: New port: Example of IRIS module, handling EVTX
files
An interface module for Evtx2Splunk and Iris in order to ingest Microsoft EVTX
log files. The module is installed on IRIS by default. In case you needed a
procedure to install it by yourself, you can follow the one below.
dae915d |
03:53 Jose Alonso Cardenas Marquez (acm)
security/py-iris-vt-module: New port: IRIS Module enriching IOCs with VT
insights
An interface module for VT and Iris to automatically enrich IOCs with VT
insight.
0b2a355f |
03:46 Jose Alonso Cardenas Marquez (acm)
security/py-iris-webhooks-module: New port: IRIS module offering support for
webhooks
An interface module that allows to call webhooks from IRIS.
858d116 |
03:31 Jose Alonso Cardenas Marquez (acm)
security/py-iris-check-module: New port: A simple processor module for IRIS
An Iris Module that simply replies to every hooks
0d27d93 |
03:24 Jose Alonso Cardenas Marquez (acm)
security/py-iris-misp-module: New port: IRIS module interfacing MISP with IRIS
An interface module for MISP and Iris to automatically enrich IOCs with MISP
insight.
0e13ed1 |
03:14 Jose Alonso Cardenas Marquez (acm)
security/py-iris-module-interface: New port: Base interface for modules of Iris
This Python package is used by IRIS modules to interact and extend IRIS
capabilities. It's the interface which module have to use to communicate with
the platform.
03bf39e |
Saturday, 29 Apr 2023
|
23:32 Jose Alonso Cardenas Marquez (acm)
security/py-flask-bcrypt: New port: Flask extension that provides bcrypt hashing
utilities for your application
Flask-Bcrypt is a Flask extension that provides bcrypt hashing utilities for
your application.
Due to the recent increased prevalence of powerful hardware, such as modern
GPUs, hashes have become increasingly easy to crack. A proactive solution to
this is to use a hash that was designed to be "de-optimized". Bcrypt is such a
hashing facility; unlike hashing algorithms such as MD5 and SHA1, which are
optimized for speed, bcrypt is intentionally structured to be slow.
For sensitive data that must be protected, such as passwords, bcrypt is an
advisable choice.
0b98cb4 |
22:47 Jose Alonso Cardenas Marquez (acm)
security/py-iris-client: New port: Python client for DFIR-IRIS
dfir_iris_client offers a Python interface to communicate with IRIS.
It relies exclusively on the API, which means output of the methods are the
same as specified in the API reference.
9c3c097 |
06:08 Jose Alonso Cardenas Marquez (acm)
security/caldera: New port: Automated Adversary Emulation Platform
CALDERA a cyber security platform designed to easily automate adversary
emulation, assist manual red-teams, and automate incident response.
It is built on the MITRE ATT&CK framework and is an active research project
at MITRE.
The framework consists of two components:
- The core system. This is the framework code, consisting of what is available
in this repository. Included is an asynchronous command-and-control (C2)
server with a REST API and a web interface.
- Plugins. These repositories expand the core framework capabilities and
providing additional functionality. Examples include agents, reporting,
collections of TTPs and more.
84e20fa |
Thursday, 20 Apr 2023
|
02:26 Jose Alonso Cardenas Marquez (acm)
security/py-dirhash: New port: Python module and CLI for hashing of file system
directories
A lightweight python module and CLI for computing the hash of any directory
based on its files structure and content.
- Supports all hashing algorithms of Python's built-in hashlib module.
- Glob/wildcard (".gitignore style") path matching for expressive filtering of
files to include/exclude.
- Multiprocessing for up to 6x speed-up
The hash is computed according to the Dirhash Standard, which is designed to
allow for consistent and collision resistant generation/verification of
directory hashes across implementations.
ddef073 |
Wednesday, 19 Apr 2023
|
22:03 Jose Alonso Cardenas Marquez (acm)
security/py-aiohttp-security: New port: security for aiohttp.web
The library provides identity and authorization for aiohttp.web
eb19c26 |
Tuesday, 18 Apr 2023
|
18:00 Po-Chuan Hsieh (sunpoet)
security/py-pyhanko: Add py-pyhanko 0.17.2
The lack of open-source CLI tooling to handle digitally signing and stamping PDF
files was bothering me, so I went ahead and rolled my own.
Note: The working title of this project (and former name of the repository on
GitHub) was pdf-stamp, which might still linger in some references.
5e663a4 |
Wednesday, 12 Apr 2023
|
14:31 Matthias Fechner (mfechner)
www/gitlab-ce: added newly required ports for version 15.10
3ab74c0 |
Sunday, 9 Apr 2023
|
13:36 Po-Chuan Hsieh (sunpoet)
security/rubygem-openssl221: Remove obsoleted port
Use security/rubygem-openssl instead.
80e88b6 |
Wednesday, 5 Apr 2023
|
20:06 Eugene Grosbein (eugen)
new port: security/cpfx
PFX decoder for CryptoPro GOST R 34.10-2012 implementation
acb81ef |
20:04 Eugene Grosbein (eugen)
new port: security/pygost
PyGOST is pure Python 2.7/3.x GOST cryptographic functions library.
08e811b |
17:29 Po-Chuan Hsieh (sunpoet)
security/rubygem-rasn1: Add rubygem-rasn1 0.12.1
Rasn1 is a ruby ASN.1 library to encode, parse and decode ASN.1 data in DER
format.
e4a5bcb |
17:29 Po-Chuan Hsieh (sunpoet)
security/py-detect-secrets: Add py-detect-secrets 1.4.0
detect-secrets is an aptly named module for (surprise, surprise) detecting
secrets within a code base.
However, unlike other similar packages that solely focus on finding secrets,
this package is designed with the enterprise client in mind: providing a
backwards compatible, systematic means of:
1. Preventing new secrets from entering the code base,
2. Detecting if such preventions are explicitly bypassed, and
3. Providing a checklist of secrets to roll, and migrate off to a more secure
storage.
This way, you create a separation of concern: accepting that there may currently
be secrets hiding in your large repository (this is what we refer to as a
baseline), but preventing this issue from getting any larger, without dealing
with the potentially gargantuan effort of moving existing secrets away.
It does this by running periodic diff outputs against heuristically crafted
regex statements, to identify whether any new secret has been committed. This
way, it avoids the overhead of digging through all git history, as well as the
need to scan the entire repository every time.
4bead35 |
17:29 Po-Chuan Hsieh (sunpoet)
*/Makefile: Sort SUBDIRs
6527bbb |
Monday, 3 Apr 2023
|
14:15 Gleb Popov (arrowd) Author: Alexey Yushkin
security/howdy: Face recognition based authentication provider.
Co-authored-by: Alexey Donskov <voxnod@gmail.com>
Co-authored-by: Gleb Popov <arrowd@FreeBSD.org>
Sponsored by: Serenity Cybersecurity, LLC
93eaa54 |
Thursday, 30 Mar 2023
|
23:59 Muhammad Moinur Rahman (bofh)
security/teleport: Update version 4.4.12=>5.2.5
This port was marked to expire on 2023-03-31 but there was another port
security/teleport5 with more recent version from upstream. So move
security/teleport5 to security/teleport.
Pet portlint/portclippy while I am here.
Approved by: portmgr (blanket)
301d2b5 |
23:59 Muhammad Moinur Rahman (bofh)
security/openvpn25: Remove expired port:
2023-03-31 security/openvpn25: replaced by new upstream release 2.6.0
2bfed05 |
23:59 Muhammad Moinur Rahman (bofh)
security/portsentry: Remove expired port:
2023-03-31 security/portsentry: Abandoned, upstream is dead and last release was
back in 2003
2223282 |
23:59 Muhammad Moinur Rahman (bofh)
security/openscep: Remove expired port:
2023-03-31 security/openscep: Do not support recent RFC 8894
b8a99dc |
Wednesday, 29 Mar 2023
|
11:38 Gleb Popov (arrowd) Author: Alexey Yushkin
security/pam_howdy: + PAM module for Howdy Face Recognition.
This is a beta version for the upcoming release.
Co-authored-by: Alexey Donskov <voxnod@gmail.com>
Reviewed by: arrowd
8bb4370 |
Sunday, 26 Mar 2023
|
15:07 Matthias Fechner (mfechner)
www/gitlab-ce: fix dependency problem
Starting gitlab fails with error:
rake aborted!
NoMethodError: undefined method `active_record_options' for
#<Doorkeeper::Config:0x000000081fb0f0c8 @orm=:active_record,
@default_generator_method=:hex,
@authenticate_resource_owner=#<Proc:0x000000081fb0ed80
/usr/local/www/gitlab-ce/config/initializers/doorkeeper.rb:13>,
@resource_owner_from_credentials=#<Proc:0x000000081fb0ec68
/usr/local/www/gitlab-ce/config/initializers/doorkeeper.rb:25>,
@refresh_token_enabled=true, @enforce_configured_scopes=true,
@force_ssl_in_redirect_uri=false, @forbid_redirect_uri=#<Proc:0x000000081fb0ea10
/usr/local/www/gitlab-ce/config/initializers/doorkeeper.rb:67>,
@enable_application_owner=true,
@default_scopes=#<Doorkeeper::OAuth::Scopes:0x000000081fb17e30 @scopes=["api"]>,
@optional_scopes=#<Doorkeeper::OAuth::Scopes:0x000000081fb177f0
@scopes=["read_api", "read_user", "read_repository", "write_repository", "sudo",
"openid", "profile", "email"]>, @access_token_methods=[:from_access_token_param,
:from_bearer_authorization, :from_bearer_param],
@token_secret_strategy=Gitlab::DoorkeeperSecretStoring::Token::Pbkdf2Sha512,
@token_secret_fallback_strategy=Doorkeeper::SecretStoring::Plain,
@application_secret_strategy=Gitlab::DoorkeeperSecretStoring::Secret::Pbkdf2Sha512,
@application_secret_fallback_strategy=Doorkeeper::SecretStoring::Plain,
@grant_flows=["authorization_code", "password", "client_credentials"],
@skip_authorization=#<Proc:0x000000081fb1ce58
/usr/local/www/gitlab-ce/config/initializers/doorkeeper.rb:109>,
@base_controller="::Gitlab::BaseDoorkeeperController",
@skip_client_authentication_for_password_grant=true,
@application_model=Doorkeeper::Application(id: integer, name: string, uid:
string, secret: string, redirect_uri: text, scopes: string, created_at:
datetime, updated_at: datetime, owner_id: integer, owner_type: string, trusted:
boolean, confidential: boolean, expire_access_tokens: boolean),
@access_grant_model=Doorkeeper::AccessGrant(id: integer, resource_owner_id:
integer, application_id: integer, token: string, expires_in: integer,
redirect_uri: text, created_at: datetime, revoked_at: datetime, scopes: string,
code_challenge: text, code_challenge_method: text),
@access_token_model=Doorkeeper::AccessToken(id: integer, resource_owner_id:
integer, application_id: integer, token: string, refresh_token: string,
expires_in: integer, revoked_at: datetime, created_at: datetime, scopes:
string)>
if
Doorkeeper.configuration.active_record_options[:establish_connection]
^^^^^^^^^^^^^^^^^^^^^^
/usr/local/www/gitlab-ce/config/environment.rb:7:in `<top (required)>'
This is caused by a breaking change in doorkeeper 5.6.3, so fix on version 5.6.2
for now.
https://github.com/doorkeeper-gem/doorkeeper/blob/main/CHANGELOG.md
An upgrade of doorkeeper-openid_connect to 1.8.5 is not possible, as this brings
another breaking dependency shift from json-jwt to jwt, which causes again other
dependecy breaks.
Downgrading doorkeeper is for now the best solution.
5c3f9ae |
Tuesday, 21 Mar 2023
|
19:19 Po-Chuan Hsieh (sunpoet)
security/rubygem-rack-oauth21: Add rubygem-rack-oauth21 1.21.3 (copied from
rubygem-rack-oauth2)
- Add PORTSCOUT
ae445d3 |
19:19 Po-Chuan Hsieh (sunpoet)
*/Makefile: Sort SUBDIRs
f2fb2ea |
Monday, 20 Mar 2023
|
03:49 Romain Tartière (romain)
security/pam_rssh: New port
This PAM module provides ssh-agent based authentication. The primary
design goal is to avoid typing password when you sudo on remote servers.
Instead, you can simply touch your hardware security key (e.g.
Yubikey/Canokey) to fulfill user verification. The process is done by
forwarding the remote authentication request to client-side ssh-agent as
a signature request.
d856093 |
Tuesday, 14 Mar 2023
|
18:24 Bernard Spil (brnrd)
security/openssl31: Add OpenSSL 3.1 release port
Reported by: ngie
Differential Revision: https://reviews.freebsd.org/D38938
39c5850 |
18:19 Bernard Spil (brnrd)
security/openssl-devel: Rename to security/openssl30
* Align with the upstream "release" status
* Avoid confusion with OpenSSL 3.1
Reported by: ngie
Differential Revision: https://reviews.freebsd.org/D38938
98749c4 |
Sunday, 12 Mar 2023
|
09:50 Tobias C. Berner (tcberner)
security/libomemo-c: new port -- for of libsignal-protocol-c with OMEMO support
This is a fork of libsignal-protocol-c, an implementation of Signal's
ratcheting forward secrecy protocol that works in synchronous and asynchronous
messaging. The fork adds support for OMEMO as defined in XEP-0384 versions
0.3.0 and later.
* OMEMO version 0.3.0 uses the original libsignal-protocol-c implementation
with its protocol versions 2 and 3.
* OMEMO version 0.4.0+ is implemented using a new protocol version 4
internally. In comparison with protocol version 3, it changes:
* HKDF info strings
* Protocol buffer encoding
* Signature scheme (uses XEd25519 instead of custom "Curve25519 signatures")
* Specification-compliant double ratchet
* Support for Ed25519 public keys
* Various serializations
* Removes unused functionality
WWW: https://github.com/dino/libomemo-c
0656fbe |
Wednesday, 8 Mar 2023
|
18:22 Gleb Popov (arrowd)
security/linux-c7-ca-certificates: + Mozilla certificates for Linuxulator.
Sponsored by: Serenity Cybersecurity, LLC
0ffd3fc |
Monday, 6 Mar 2023
|
02:42 Romain Tartière (romain)
security/pam_u2f: New port
This module implements PAM over U2F and FIDO2, providing an easy way to
integrate the YubiKey (or other U2F/FIDO2 compliant authenticators) into
your existing infrastructure.
3cbf478 |
Monday, 20 Feb 2023
|
23:36 Robert Clausecker (fuz) Author: Seyed Pouria Mousavizadeh Tehrani
security/ssh-import-id: new port
You're logged onto a cloud instance working on a problem with your
fellow devs, and you want to invite them to log in and take a look
at these crazy log messages. What to do?
Oh. You have to ask them to cat their public SSH key, paste it into
IRC (wait, no, it's id_rsa.pub, not id_rsa silly!) then you copy it
and cat it to the end of authorized_hosts.
That's where ssh-import-id comes in. With ssh-import-id, you can add
the public SSH keys from a known, trusted online identity to grant
SSH access.
Currently supported identities include Github and Launchpad.
WWW: https://git.launchpad.net/ssh-import-id
Submitter is first time maintainer.
PR: 265835
Approved by: flo (mentor)
Differential Revision: https://reviews.freebsd.org/D38681
d24b805 |
Sunday, 19 Feb 2023
|
11:01 Robert Clausecker (fuz) Author: Clockwork6400
security/pam_fprint: revive port
pam_fprint is a simple PAM module which uses libfprint's fingerprint
processing and verification functionality for authentication. In other
words, instead of seeing a password prompt, you're asked to scan your
fingerprint.
Submitter becomes maintainer. Is already maintainer of other ports.
PR: 269554
Approved by: flo (mentor)
Differential Revision: https://reviews.freebsd.org/D38628
cae60e6 |
11:01 Robert Clausecker (fuz)
security/openssl-agent: New port: OpenSSL key agent and client utils
OpenSSL key agent and client utilities.
The aim of these utilities is to provide an openssl-rsautl(1) drop-in
replacement for performing cryptographic operations using a private key
that is unlocked for the session, similar to OpenSSH's ssh-agent(1).
The port's author is known to the maintainer but wishes not to be named.
WWW: https://git.build2.org/cgit/openssl-agent/tree/README
Obtained from: anonymous author
Approved by: flo (mentor)
Differential Revision: https://reviews.freebsd.org/D38630
b6a3351 |
Monday, 30 Jan 2023
|
12:58 Po-Chuan Hsieh (sunpoet)
security/py-pem: Add py-pem 21.2.0
pem is an MIT-licensed Python module for parsing and splitting of PEM files,
i.e. Base64-encoded DER keys and certificates.
It runs on Python 3.7+, has no dependencies, and does not attempt to interpret
the certificate data in any way.
It's born from the need to load keys, certificates, trust chains, and DH
parameters from various certificate deployments: some servers (like Apache)
expect them to be a separate file, others (like nginx) expect them concatenated
to the server certificate and finally some (like HAProxy) expect key,
certificate, and chain to be in one file.
Additionally to the vanilla parsing code, pem also contains helpers for Twisted
that save a lot of boilerplate code.
0421e03 |
12:58 Po-Chuan Hsieh (sunpoet)
*/Makefile: Sort SUBDIRs
a2e9b4a |
Friday, 27 Jan 2023
|
21:32 Matthias Andree (mandree)
security/openvpn*: update to 2.6.0, keep openvpn25
- copy openvpn to openvpn25, mark as deprecated and to expire March 31
- update openvpn to openvpn 2.6.0, highlights from Frank Lichtenheld's
release announcement e-mail, slightly edited:
* Data Channel Offload (DCO) kernel acceleration support for Windows,
Linux, and FreeBSD [14].
* OpenSSL 3 support
* Improved handling of tunnel MTU, including support for pushable MTU.
* Outdated cryptographic algorithms disabled by default, but there are
options to override if necessary.
* Reworked TLS handshake, making OpenVPN immune to replay-packet state
exhaustion attacks.
* Added --peer-fingerprint mode for a more simplistic certificate setup
and verification.
* Improved protocol negotiation, leading to faster connection setup.
ChangeLog: https://github.com/OpenVPN/openvpn/blob/v2.6.0/Changes.rst
6853ab1 |
Friday, 13 Jan 2023
|
12:26 Fernando ApesteguÃa (fernape) Author: Daniel
security/kc: update to 2.5.1
kc24 was a transient port to easy the migration of the database. Later on, the
original kc port was obsoleted. Rename kc24 to kc to match upstream again and
update to latest version.
PR: 268842
Reported by: leva@ecentrum.hu (maintainer)
d4fef53 |
Wednesday, 11 Jan 2023
|
20:52 Juraj Lutter (otis)
security/py-badkeys: Add new port
badkeys is a tool and a library to check cryptographic public keys for
known vulnerabilities.
2d756eb |
Tuesday, 10 Jan 2023
|
16:41 Tobias C. Berner (tcberner)
security/keysmith: new port - Application to generate 2fa tokens
Keysmith is an application to generate two-factor authentication (2FA)
tokens when logging in to your (online) accounts. Currently it supports
both HOTP and TOTP tokens.
WWW: https://invent.kde.org/utilities/keysmith
77596f3 |
Monday, 9 Jan 2023
|
03:19 Vanilla I. Shu (vanilla)
security/lua-argon2: New port
Lua C binding for the Argon2 password hashing function. Compatible with Lua 5.x
and LuaJIT.
PR: 268039
Reported by: Manuel Wiesinger <manuel at mmap.at>
0eb692f |
Friday, 6 Jan 2023
|
12:47 Dag-Erling Smørgrav (des)
security/opie: New port: One-time Passwords In Everything
Differential Revision: https://reviews.freebsd.org/D37963
3d4de6d |
Thursday, 5 Jan 2023
|
05:59 Yuri Victorovich (yuri)
security/diswall: New port: Distributed firewall
6a09bf4 |
Monday, 2 Jan 2023
|
08:06 Daniel Engberg (diizzy) Author: Michael Reim
security/teleport5: New port: Centralized access gateway using the SSH protocol
This ports main purpose is to provide an upgrade path for users to
Teleport 6 and newer versions. New installations are STRONGLY
discouraged until we have version 7.X in tree.
PR: 268604
efc9e9c |
Sunday, 1 Jan 2023
|
10:16 Yuri Victorovich (yuri)
security/authoscope: New port: Scriptable network authentication cracker
21e13cb |
Saturday, 31 Dec 2022
|
14:59 Rene Ladan (rene)
cleanup: Remove expired ports:
2022-06-30 security/py-pycrypto: Unmaintained, obsolete, and contains security
vulnerabilities. Use security/py-pycryptodome instead
d22a548 |
02:50 Alexey Dokuchaev (danfe)
Restore three ports removed too early and assume their maintainership.
a95989d |
01:33 Rene Ladan (rene)
cleanup: Remove expired ports:
2022-12-31 security/libfprint: Very outdated, unsupported upstream which now
have systemd as a non optional requirement
2022-12-31 security/fprint_demo: Depends on deprecated library libfprint
2022-12-31 security/fprintd: Very outdated, unsupported upstream which now have
systemd as a non optional requirement
995d4ad |
Tuesday, 27 Dec 2022
|
03:36 Koichiro Iwao (meta)
security/gokey: New port: Simple password manager writen in Go
PR: 268587
aeccccd |
Sunday, 25 Dec 2022
|
19:36 Muhammad Moinur Rahman (bofh)
*/*php74*: Sunset php 7.4
As per upstream php 7.4 has reached it's EOL on 2022-11-22. Remove php74
from the tree. Default version of php has already been switched to 8.1.
Approved by: portmgr (blanket infrastructure)
Sponsored by: Bounce Experts
0d310d7 |
Monday, 19 Dec 2022
|
05:07 Lewis Cook (lcook)
security/osv-scanner: Vulnerability scanner written in Go which uses the OSV
database
Use OSV-Scanner to find existing vulnerabilities affecting your projects
dependencies.
OSV-Scanner provides an officially supported frontend to the OSV database
that connects a projects list of dependencies with the vulnerabilities
that affect them. Since the OSV.dev database is open source and distributed,
it has several benefits in comparison with closed source advisory databases
and scanners:
* Each advisory comes from an open and authoritative source.
* Anyone can suggest improvements to advisories, resulting in a very high
quality database.
* The OSV format unambiguously stores information about affected versions
in a machine-readable format that precisely maps onto a developers list
of packages.
The above all results in fewer, more actionable vulnerability notifications,
which reduces the time needed to resolve them.
WWW: https://github.com/google/osv-scanner
b2dc69c |
Friday, 16 Dec 2022
|
06:33 Fernando ApesteguÃa (fernape) Author: Marco
security/crowdsec-blocklist-mirror: New port: CrowdSec Blocklist Mirror
ChangeLog: https://github.com/crowdsecurity/cs-blocklist-mirror
This bouncer exposes CrowdSec's active decisions via provided HTTP endpoints in
pre-defined formats. It can be used by network appliances which support
consumption of blocklists via HTTP.
PR: 268105
Reported by: marco@crowdsec.net
4fde381 |
01:44 Koichiro Iwao (meta) Author: Rozhuk Ivan
security/gostsum: New port:Implementation of GOST R 34.11-94, GOST R 34.11-2012
hash functions
PR: 268343
47cc96f |
Wednesday, 7 Dec 2022
|
14:22 Muhammad Moinur Rahman (bofh)
security/local-php-security-checker: New port
The Local PHP Security Checker is a command line tool that checks if
your PHP application depends on PHP packages with known security
vulnerabilities. It uses the Security Advisories Database behind the
scenes availble from https://github.com/FriendsOfPHP/security-advisories
PR: 261148
Reported by: einar@isnic.is
Tested by: bofh
Approved by: einar@isnic.is (Submitter is maintainer)
0a6ca5e |
Tuesday, 6 Dec 2022
|
04:36 Yasuhiro Kimura (yasu)
security/py-{acme,certbot*}: Update to 2.0.0
ChangeLog: https://github.com/certbot/certbot/releases/tag/v2.0.0
PR: 267913
Approved by: maintainer timeout
65cc12e |
Saturday, 3 Dec 2022
|
18:36 Muhammad Moinur Rahman (bofh)
security/rubygem-omniauth-saml1: New port
A generic SAML strategy for OmniAuth
Sponsored by: Nepustil
524a93c |
Thursday, 1 Dec 2022
|
04:16 Yuri Victorovich (yuri)
security/openfhe: New port: Open-source Fully Homomorphic Encryption library
6373568 |
Tuesday, 22 Nov 2022
|
09:38 Matthias Fechner (mfechner)
www/gitlab-ce: new ports required for version 15.5
a892bde |
Saturday, 19 Nov 2022
|
07:33 Muhammad Moinur Rahman (bofh)
security/rubygem-pundit61: New port
Pundit provides a set of helpers which guide you in leveraging regular
Ruby classes and object oriented design patterns to build a simple,
robust and scaleable authorization system.
Sponsored by: Nepustil
39336c4 |
06:43 Muhammad Moinur Rahman (bofh)
security/rubygem-doorkeeper-rails61: New port
Doorkeeper is a Ruby gem that makes it easy to introduce OAuth 2
provider functionality to a Rails or Grape application.
Sponsored by: Nepustil
89858f6 |
05:27 Muhammad Moinur Rahman (bofh)
security/rubygem-devise_pam_authenticatable2-rails61: New port
The devise_pam_authenticatable2 is a Devise extension for authentication
using PAM (Pluggable Authentication Modulues) via the rpam2 gem. This
allows you to authenticate against the local host's authentication
system including local account usernames and passwords.
Sponsored by: Nepustil
9acad4e |
Friday, 18 Nov 2022
|
00:01 Cy Schubert (cy)
security/heimdal-devel: New port tracking Heimdal develpment
This new heimdal port tracks the Heimdal development branch. The
last security advisory showed us we might want to track its development.
4e44a84 |
Tuesday, 15 Nov 2022
|
15:57 Ryan Steinmetz (zi)
security/shibboleth-idp: new port:
A simple Single Sign-On solution for any organisation with complex
identity management requirements. With excellent scaling capabilities
and customisable user-related data, the Identity Provider equips
workforces with a personalised user experience.
* Widely adaptable to support custom scenarios
* Built-in support for a range of authentication systems
* Handles millions of authentication requests per day
WWW: https://shibboleth.atlassian.net/wiki/spaces/IDP4/pages/1265631498/Home
287db69 |
Monday, 7 Nov 2022
|
15:41 Matthias Fechner (mfechner)
security/rubygem-omniauth-rails_csrf_protection: new port, required for
gitlab-ce
344c25a |
Friday, 4 Nov 2022
|
11:05 Mateusz Piotrowski (0mp)
security/tpm-quote-tools: Add new port
The TPM Quote Tools is a collection of programs that provide support
for TPM based attestation using the TPM quote mechanism. The manual
page for tpm_quote_tools provides a usage overview. The manangement
tools are only used to take ownership of a TPM.
The additional patches[1] in files/ come from AUR and were authored by
Michael Niewöhner. The patches were incomplete according to grawity[2].
I've incorporated grawity's feedback into our patches so that the -y
flag is recognized by a call to getopt().
[1]:
https://aur.archlinux.org/cgit/aur.git/plain/0001-Differentiate-between-owner-and-srk-well-known-passs.patch?h=tpm-quote-tools
[2]: https://aur.archlinux.org/packages/tpm-quote-tools#comment-684239
Sponsored by: Klara, Inc.
01e03ae |
Tuesday, 25 Oct 2022
|
14:24 Antoine Brodin (antoine)
security/Makefile: unbreak the ports tree
26c11a8 |
12:42 Li-Wen Hsu (lwhsu) Author: Gabriel M. Dutra
Add security/nuclei: Fast vulnerability scanner
PR: 266509
2bceb89 |
12:28 Li-Wen Hsu (lwhsu) Author: Gabriel M. Dutra
Add security/tfsec: Security scanner for Terraform
PR: 267319
0155f0a |
Saturday, 22 Oct 2022
|
09:56 Li-Wen Hsu (lwhsu) Author: Robert Clausecker
Add security/hyperhotp: Programmer for the HOTP feature of hyperFIDO USB
security keys
HyperHOTP is an open re-implementation of the programming software for
the HOTP feature of the hyperFIDO security keys. It's based on reverse-
engineering the Windows-based programmer available on Hypersecu's
website.
WWW: https://github.com/casept/hyperhotp
PR: 267223
bc2ac75 |
Friday, 21 Oct 2022
|
12:23 Bernard Spil (brnrd)
security/nextcloud-twofactor_totp: Included in www/nextcloud
* Nextcloud Hub 3 / 25.0.0 includes the twofactor TOTP provider
291711e |
Sunday, 9 Oct 2022
|
20:14 Adriaan de Groot (adridg) Author: Boudhayan Gupta
security/py-certbot-dns-gandi: new port, certbot plugin
This plugin comes from https://github.com/obynio/certbot-plugin-gandi .
Port file from Boudhayan, slightly modified for line length and portlint.
PR: 266860
851f5d0 |
Friday, 30 Sep 2022
|
20:06 Rene Ladan (rene)
cleanup: Remove expired ports:
2022-09-30 security/pwman3: Depends on expired security/py-pycrypto
2022-09-30 sysutils/py-ansible-base: Depends on expired security/py-pycrypto
642838c |
Thursday, 29 Sep 2022
|
03:57 Jose Alonso Cardenas Marquez (acm)
security/py-secure: New port: Adds security headers for python web frameworks
secure.py lock is a lightweight package that adds optional security headers for
Python web frameworks.
bafd04a |
Sunday, 25 Sep 2022
|
05:45 Jose Alonso Cardenas Marquez (acm)
security/wazuh-dashboard: New port: Web user interface for data visualization
and analysis
Wazuh is a free and open source platform used for threat prevention, detection,
and response. It is capable of protecting workloads across on-premises,
virtualized, containerized, and cloud-based environments.
Wazuh solution consists of an endpoint security agent, deployed to the
monitored systems, and a management server, which collects and analyzes data
gathered by the agents. Besides, Wazuh has been fully integrated with the
Elastic Stack, providing a search engine and data visualization tool that
allows users to navigate through their security alerts.
ad9a3f9 |
05:44 Jose Alonso Cardenas Marquez (acm)
security/wazuh-server: New port: Components for analyze the data received from
the agents
Wazuh is a free and open source platform used for threat prevention, detection,
and response. It is capable of protecting workloads across on-premises,
virtualized, containerized, and cloud-based environments.
Wazuh solution consists of an endpoint security agent, deployed to the
monitored systems, and a management server, which collects and analyzes data
gathered by the agents. Besides, Wazuh has been fully integrated with the
Elastic Stack, providing a search engine and data visualization tool that
allows users to navigate through their security alerts.
844dbce |
05:42 Jose Alonso Cardenas Marquez (acm)
security/wazuh-indexer: New port: A highly scalable, full-text search and
analytics engine
Wazuh is a free and open source platform used for threat prevention, detection,
and response. It is capable of protecting workloads across on-premises,
virtualized, containerized, and cloud-based environments.
Wazuh solution consists of an endpoint security agent, deployed to the
monitored systems, and a management server, which collects and analyzes data
gathered by the agents. Besides, Wazuh has been fully integrated with the
Elastic Stack, providing a search engine and data visualization tool that
allows users to navigate through their security alerts.
8c9cf93 |
Thursday, 15 Sep 2022
|
02:40 Neel Chauhan (nc) Author: Lady Serena Kitty
security/rotate: New Port
Differential Revision: https://reviews.freebsd.org/D36588
5f5b3bd |
Wednesday, 14 Sep 2022
|
21:44 Neel Chauhan (nc) Author: Lady Serena Kitty
security/diffcode: New port
Differential Revision: https://reviews.freebsd.org/D36586
4ed2ec5 |
Tuesday, 13 Sep 2022
|
15:16 Nuno Teixeira (eduardo) Author: Daniel Engberg
security/s2n-tls: Various improvements
- Define LICENSE_FILE
- Use ports framework for unit testing
- Add option for assembly optimization and LTO
- Disable building tests by default
- Disable assembly optimization by default (requires AVX2 and BMI2 support
without runtime detection)
- Use CMake helpers provided by framework
- Rename s2n -> s2n-tls to match upstream name
PR: 266397
79a0481 |
Sunday, 11 Sep 2022
|
11:26 Felix Palmen (zirias)
security/linux-c7-openssl-devel: Add new port
This contains the headers to build Linux software using OpenSSL.
Also add USE_LINUX=openssl-devel.
Approved by: tijl, tcberner (mentor)
Differential Revision: https://reviews.freebsd.org/D35903
b1cb46a |
Tuesday, 6 Sep 2022
|
16:42 Felix Palmen (zirias) Author: Daniel Engberg
security/axc: Add new port
Client lib providing crypto interfaces for libsignal-protocol-c.
PR: 266104
Approved by: tcberner (mentor)
Differential Revision: https://reviews.freebsd.org/D36468
d7813e3 |
Wednesday, 31 Aug 2022
|
20:37 Larry Rosenman (ler)
security/1password-client2-beta: [NEW PORT]
Make the beta version of the CLI available in FreeBSD ports.
latest changelog:
https://app-updates.agilebits.com/product_history/CLI2#v2070101
NOTE: you may need to check the "show betas" checkbox on that link.
caf16d2 |
Monday, 29 Aug 2022
|
15:56 Cy Schubert (cy)
security/libomemo: Add new port
libomemo implements OMEMO (XEP-0384 v0.3.0) in C. For more information
see https://github.com/gkdr/libomemo.
PR: 265966
Submitted by: Michael A. Oshin <micadeyeye at gmail.com>
Reported by: Michael A. Oshin <micadeyeye at gmail.com>
2bf1fc5 |
Saturday, 27 Aug 2022
|
10:10 Po-Chuan Hsieh (sunpoet)
security/rubygem-openssl2: Add rubygem-openssl2 2.2.1 (copied from
rubygem-openssl)
- Add PORTSCOUT
dced785 |
10:10 Po-Chuan Hsieh (sunpoet)
security/p5-URN-OASIS-SAML2: Add p5-URN-OASIS-SAML2 0.003
URN::OASIS::SAML2 provides constants which are in use by the SAML2
implementation.
WWW: https://metacpan.org/dist/URN-OASIS-SAML2
2cdd6fc |
10:10 Po-Chuan Hsieh (sunpoet)
security/p5-Net-SAML2: Add p5-Net-SAML2 0.57
Net::SAML2 provides support for the Web Browser SSO profile of SAML2.
Net::SAML2 correctly perform the SSO process against numerous SAML Identity
Providers (IdPs). It has been tested against:
- GSuite (Google)
- Azure (Microsoft Office 365)
- OneLogin
- Jump
- Mircosoft ADFS
- Keycloak
- Auth0
- PingIdentity
WWW: https://metacpan.org/dist/Net-SAML2
1ca8cd5 |
10:10 Po-Chuan Hsieh (sunpoet)
security/p5-Crypt-OpenSSL-Verify: Add p5-Crypt-OpenSSL-Verify 0.35
Given a CA certificate and another untrusted certificate, will show whether the
CA signs the certificate. This is a useful thing to have if you're signing with
X509 certificates, but outside of SSL.
A specific example is where you're working with XML signatures, and need to
verify that the signing certificate is valid.
WWW: https://metacpan.org/dist/Crypt-OpenSSL-Verify
0973142 |
Wednesday, 24 Aug 2022
|
04:22 Matthias Fechner (mfechner)
www/gitlab-ce: added new ports required by gitlab-ce 15.2
02c44a2 |
Tuesday, 16 Aug 2022
|
20:53 Juraj Lutter (otis)
security/py-certbot-dns-powerdns: Add new port
Add py-certbot-dns-powerdns, a PowerDNS certbot authentication module.
WWW: https://github.com/pan-net-security/certbot-dns-powerdns
6c19d65 |
Saturday, 6 Aug 2022
|
22:09 Neel Chauhan (nc) Author: John W. O'Brien
security/py-pycryptodome-test-vectors: New port: Optional test vectors for
PyCryptodome and PyCryptodomeX
PR: 265668
8b64941 |
Monday, 1 Aug 2022
|
20:43 Jose Alonso Cardenas Marquez (acm)
security/py-notus-scanner: New port: scanner for creating results from local
security checks
Notus Scanner detects vulnerable products in a system environment. The scanning
method is to evaluate internal system information. It does this very fast and
even detects currently inactive products because it does not need to interact
with each of the products.
To report about vulnerabilities, Notus Scanner receives collected system
information on the one hand and accesses the vulnerability information from the
feed service on the other. Both input elements are in table form: the system
information is specific to each environment and the vulnerability information
is specific to each system type.
Notus Scanner integrates into the Greenbone Vulnerability Management framework
which allows to let it scan entire networks within a single task. Any
vulnerability test in the format of .notus files inside the Greenbone Feed will
be considered and automatically matched with the scanned environments.
WWW: https://github.com/greenbone/notus-scanner
a3cdb67 |
13:21 Rene Ladan (rene)
cleanup: Remove expired ports:
2022-08-01 security/nextcloud-twofactor_u2f: Upstream deprecated this port in
favor of twofactor_webauthn. Check
https://github.com/nextcloud/twofactor_webauthn#migration-from-two-factor-u2f
for migration instructions
bf8555d |
Number of commits found: 2351 (showing only 100 on this page) |