similar to: cvs commit: ports/multimedia/win32-codecs Makefile distinfo pkg-plist

FYI Kris ----- Forwarded message from Kris Kennaway <kris@FreeBSD.org> ----- X-Original-To: kkenn@localhost Delivered-To: kkenn@localhost.obsecurity.org Delivered-To: kris@freebsd.org Delivered-To: ports-committers@freebsd.org From: Kris Kennaway <kris@FreeBSD.org> Date: Thu, 17 Apr 2003 14:45:03 -0700 (PDT) To: ports-committers@FreeBSD.org, cvs-ports@FreeBSD.org,

This was in bugtraq, and hasn't shown up in portaudit yet so I thought I would send it and the fix to you. I submitted a pr for a patch as well. (but for some reason, ir bounced) Problem #1: Clamav 87 has been found to have a security vulnerability that could lead to remote code execution Problem #2 patch patch-clamav-milter_clamav-milter.c won't

I will be updating the MIT krb5 port to krb5-1.3.2 this weekend. Unfortunately crypto-publish.org does not distribute the new source yet. Traditionally I disabled support for fetch from crytpo-publish.org until they updated their website with the latest krb5 sources, requiring the port to fetch the source from MIT in all cases. This time will be different, that is unless of course someone

FYI ----- Forwarded message from Kris Kennaway <kris@FreeBSD.org> ----- X-Original-To: kkenn@localhost Delivered-To: kkenn@localhost.obsecurity.org Delivered-To: kris@freebsd.org Delivered-To: ports-committers@freebsd.org From: Kris Kennaway <kris@FreeBSD.org> Date: Thu, 4 Dec 2003 06:45:06 -0800 (PST) To: ports-committers@FreeBSD.org, cvs-ports@FreeBSD.org, cvs-all@FreeBSD.org

On Tue, Feb 17, 2004 at 02:20:46PM +0100, Michael Nottebrock wrote: [distfile rerolls] > I didn't know that I was supposed to perform a security audit and I did not do > so. So if anyone happens to have the old distfile still around, please send > it my way, cause I don't. I suggest next time instead of marking a port as > BROKEN= Checksum mismatch, mark it as BROKEN= Needs

Hey guys, hope you don't mind this forward email, because I have been reading the 'flashpluginwrapper problem.' subject. The bug is in the linux_base, but nobody seem to check on this in the freebsd-ports. Looks like Brandon D. Valentine might needs to create a PR to get the better attention and keep the track. Cheers, Mezz >Summary: > >This began as a problem report

Hello! Yesterday portaudit notified me about squid's vulnerability, but today it didn't (despite I haven't upgraded squid). This has attracted my attention, so I've compared yesterday's and today's auditfile.tbz: -r--r--r-- 1 root wheel 29875 Sep 6 15:40 auditfile.tbz vs. -r--r--r-- 1 root wheel 5685 Sep 7 10:11 auditfile.tbz I don't see commits to

Hello! Port security/portaudit reports the following problem: Affected package: FreeBSD-491000 Type of problem: multiple vulnerabilities in the cvs server code. Reference: <http://www.FreeBSD.org/ports/portaudit/d2102505-f03d-11d8-81b0-000347a4fa7d.htm l> Note: To disable this check add the uuid to `portaudit_fixed' in /usr/local/etc/portaudit.conf I have 2 related questions: 1)

Dear Security Team, Ports/japanese/samba is updated to ja-samba-2.2.12-j1.0beta1, which fixes CAN-2004-1154. Please update the portaudit database. >>>>> In <200505242242.j4OMglSA099193@repoman.freebsd.org> >>>>> Pav Lucistnik <pav@FreeBSD.org> wrote: > pav 2005-05-24 22:42:47 UTC > FreeBSD ports repository > Modified files: >

Apparently rsync breaks on FreeBSD if you turn off -O2 (which is the default.) The breakage is apparently inside zlib. You'd have to think it was a compiler bug, but perhaps not. I haven't tried to reproduce it yet. -- Martin ----- Forwarded message from grog@FreeBSD.org ----- Date: Fri, 19 Apr 2002 23:14:46 -0700 (PDT) From: <grog@FreeBSD.org> To: mbp@samba.org Subject: PR

Hi everyone , I'am new using Linux and SAMBA, so I hope you can help me to solve this problem : I have installed a SAMBA Server, I have created users and I can log in to the server, nevertheless, everytime I access the server, I lose my local Windows profile (I use the "same user and password"). What should I do to access my SAMBA server without losing my local windows

Jacques A. Vidrine wrote: > On Mon, Mar 29, 2004 at 08:14:29PM +0200, Oliver Eikemeier wrote: > >>Jacques A. Vidrine wrote: >> >>>On Sun, Mar 28, 2004 at 03:44:06PM -0800, Oliver Eikemeier wrote: >>> >>>>eik 2004/03/28 15:44:06 PST >>>> >>>>FreeBSD ports repository >>>> >>>>Modified files:

Juan, I dont see people here with "attitude" or any need to shut down this list as you suggested. Contrary to your experience, I find people to be quite helpful here. Steven's comment "Start here and then ask a real question" is definitely not arrogant IMHO. He is just trying to knock some etiquette on Luan. Besides, he did give him all the answer Luan was looking for.

Dear porters and port users, I've added a new port security/portaudit-db that complements security/portaudit for users that have a current ports tree and want to generate the portaudit database themselves, possibly distributing it over their local network. This will save you the traffic downloading information that is already on your local machine and avoid the lag that is currently

>Submitter-Id: current-users >Originator: Eygene Ryabinkin >Organization: Code Labs >Confidential: no >Synopsis: [patch] [vuxml] net/wireshark: fix DoS in SMTP dissector >Severity: serious >Priority: high >Category: ports >Class: sw-bug >Release: FreeBSD 7.1-PRERELEASE i386 >Environment: System: FreeBSD 7.1-PRERELEASE i386 >Description: Today the DoS

As has been noted by Dan Langille, over at the "cvs-all" mailing list, there are errors in the new Makefile for the chemtool port that make it impossible to build the port. It also stops the INDEX build in its tracks. The "make index" error message is reproduced below: *** *** Error code 1||||||| Stop in /usr/ports/science.||||||| Stop in /usr/ports.||||||| ||||||| ***

December 18, 2007 Dear Madam, dear Sir, the portaudit database is very small: >portaudit -F auditfile.tbz 100% of 5688 B 9737 Bps New database installed. > In addition, portaudit does not complain about what it did complain a few days ago. It seems to me that the database is truncated. By the way: How do I post to a mailing list without being later spammed by the

Any reason why portaudit and its associated infrastructure was not announced to this list or security-notifications? I recently discovered it, and discovered the feature was added to bsd.port.mk in the beginning of feburary. Seeing as the security officer apparently (without announcement) no longer issues security notices (SNs) for ports, I am assuming that portaudit has replaced SNs entirely,

I just drudged through a bit of the archives and see a FreeBSD bits floating in there that are of some value, but aren''t on the wiki. I posted a few bits on the wiki regarding some FreeBSD cobbling that I''ve done recently and hope that folk find it of use (and start posting their useful bits there as well). http://reductivelabs.com/trac/puppet/wiki/PuppetFreeBSD The

Hi! cc'd to freebsd-security@ as somebody there may correct me, cc'd to secteam@ as maintaner of security/portaudit. On Sun, 28 Aug 2005 10:14:21 +0930 Ian Moore wrote: > I've just updated my acroread port to 7.0.1 & was surprised when portaudit > still listed it as a vulnerability. I think it is portaudit problem. > According to