summaryrefslogtreecommitdiff
path: root/security (follow)
Commit message (Collapse)AuthorAgeFilesLines
* security/quantis-kmod: remove dependency on infozipBaptiste Daroussin2025-05-131-3/+1
| | | | | | | Recent bsdtar can handle the content of this zip just fine. This reduce the number of dependency for cross building and make this module become part of the kmod repository
* security/modsecurity3: update 3.0.13 -> 3.0.14, fix CVEWolfgang Gerlach2025-05-132-4/+4
| | | | | | | PR: 286413 Security: CVE-2025-27110 Changes: https://github.com/owasp-modsecurity/ModSecurity/blob/v3.0.14/CHANGES Approved: marius.halden@modirum.com (timeout)
* security/tpm2-abrmd: Assorted improvements to the portAndrea Cocito2025-05-1310-20/+73
| | | | | | | | | | | * Fix name collision on function write_all(): * Stop installing tpm2-abrmd-devd.conf as it is useless and does not work * Use "wheel" as FreeBSD does not have the "root" group * Fix inconsistent naming of the rc script PR: 286218 Approved by: maintainer Pull Request: https://github.com/freebsd/freebsd-ports/pull/391
* security/fakeroot: Update to 1.37.1.2Ganael LAPLANCHE2025-05-132-4/+4
| | | | Changelog: https://salsa.debian.org/clint/fakeroot/-/blob/debian/1.37.1.2-1/debian/changelog?ref_type=tags
* security/fizz: update 2025.05.05.00 → 2025.05.12.00Yuri Victorovich2025-05-122-4/+4
|
* security/vuxml: Add Varnish Cache vulnerabilityDanilo G. Baio2025-05-121-0/+32
|
* security/timestamp-authority: Update version 1.2.6=>1.2.7Muhammad Moinur Rahman2025-05-122-6/+6
| | | | Changelog: https://github.com/sigstore/timestamp-authority/releases/tag/v1.2.7
* security/go-tuf: Update version 2.1.0=>2.1.1Muhammad Moinur Rahman2025-05-122-6/+6
| | | | Changelog: https://github.com/theupdateframework/go-tuf/releases/tag/v2.1.1
* security/amavisd-new: Fix at runtime after security/p5-Crypt-OpenSSL-RSA updateGuido Falsi2025-05-112-3/+23
| | | | | | PR: 286719 Submitted by: mat Approved by: flo (maintainer)
* security/nss: update to 3.111Christoph Moench-Tegeder2025-05-112-4/+4
| | | | | | Release Notes: https://hg-edge.mozilla.org/projects/nss/file/tip/doc/rst/releases/nss_3_111.rst (upstream is slow to update their website and mailing list)
* security/vuxml: Add Mozilla vulnerabilitiesFernando Apesteguía2025-05-111-0/+208
| | | | | | | | | * CVE-2025-4083 * CVE-2025-4085 * CVE-2025-4087 * CVE-2025-4088 * CVE-2025-4089 * CVE-2025-4092
* security/netbird: New Port: wireguard based VPN clientHakan Sarıman2025-05-115-0/+72
| | | | | | | | | | | | | | | | | | | | | | | NetBird is an open-source WireGuard-based overlay network combined with Zero Trust Network Access, providing secure and reliable connectivity to internal resources. Key features: - Zero-config VPN: Easily create secure connections between devices without manual network setup. - Built on WireGuard: Leverages WireGuard's high-performance encryption for fast and secure communication. - Self-hosted or Cloud-managed: Users can deploy their own NetBird management server or use NetBird Cloud for centralized control. - Access Control & Routing: Fine-grained access control policies and automatic network routing simplify connectivity. - This FreeBSD port provides the NetBird client daemon and CLI tools, allowing FreeBSD systems to join a NetBird mesh network and securely communicate with other peers. For more details, visit: https://netbird.io PR: 284877
* security/wazuh-*: Updatet to 4.12.0Jose Alonso Cardenas Marquez2025-05-1121-334/+480
| | | | | | | | | - Update bundle python to 3.11.12 - Update opensearch dependency to 2.19.1 - Update opensearch-dashboards dependency to 2.19.1 ChangeLog at: https://documentation.wazuh.com/current/release-notes/release-4-12-0.html Sponsored by: Entersekt
* security/p5-Crypt-SysRandom: add, Perl interface to system randomnessMathieu Arnold2025-05-115-0/+25
|
* security/p5-Crypt-OpenSSL-RSA: update to 0.35Mathieu Arnold2025-05-103-9/+4
|
* security/vuxml: document gitlab vulnerabilitiesMatthias Fechner2025-05-101-0/+33
|
* security/zeek: Update to 7.0.7Craig Leres2025-05-092-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | https://github.com/zeek/zeek/releases/tag/v7.0.7 This release fixes the following bugs: - The LDAP analyzer now handles GSSAPI-signed traffic correctly if the response token is missing. The QUIC analyzer gained the following fixes: - Traffic where ClientHello/ServerHello messages are fragmented over multiple packets should now be parsed correctly. - The wrong connection ID could be used for decryption if the client started using a different one later in the INITIAL packet. - ACK ranges should now be parsed correctly. - Parsing of INITIAL packets could consume the remainder of a UDP datagram, even if there were possibly other PACKET types in that datagram. Reported by: Tim Wojtulewicz
* security/libgcrypt: Update to 1.11.1Cy Schubert2025-05-095-27/+7
|
* security/apkid: upgrade to v3.0.0Thierry Thomas2025-05-092-5/+4
| | | | Release notes at https://github.com/rednaga/APKiD/releases/tag/v3.0.0
* security/snort3: Update version 3.7.3.0=>3.7.4.0Muhammad Moinur Rahman2025-05-093-4/+9
| | | | Changelog: https://github.com/snort3/snort3/releases/tag/3.7.4.0
* security/go-tuf: Update version 2.0.2=>2.1.0Muhammad Moinur Rahman2025-05-092-6/+6
| | | | Changelog: https://github.com/theupdateframework/go-tuf/releases/tag/v2.1.0
* security/sslproxy: Update version 0.9.7=>0.9.8Muhammad Moinur Rahman2025-05-092-5/+6
| | | | Changelog: https://github.com/sonertari/SSLproxy/releases/tag/v0.9.8
* security/hockeypuck: Update to 2.2.3Siva Mahadevan2025-05-094-74/+165
| | | | | | | Use PLIST_FILES and Makefile.modules. Submitter takes maintainership. PR: 259176
* security/sudo-rs: Update to 0.2.6Marc Schoolderman2025-05-092-26/+29
| | | | | | | | ChangeLog: https://github.com/trifectatechfoundation/sudo-rs/releases/tag/v0.2.6 PR: 286636 Approved by: submitter is maintainer
* security/vuxml: Add information about PostgreSQL overflow issuePalle Girgensohn2025-05-081-0/+70
|
* security/vuls: Update to 0.31.1Palle Girgensohn2025-05-082-7/+6
| | | | Release notes: https://github.com/future-architect/vuls/releases/tag/v0.31.1
* security/boringssl: update to the recent snapshotSergey A. Osokin2025-05-083-7/+7
|
* KDE: Update KDE Gear to 25.04.1Max Brazhnikov2025-05-086-18/+18
| | | | Announcement: https://kde.org/announcements/gear/25.04.1/
* KDE: Update KDE Plasma to 6.3.5Max Brazhnikov2025-05-084-10/+9
| | | | Announcement: https://kde.org/announcements/plasma/6/6.3.5/
* security/dropbear: update to 2025.88Piotr Kubaj2025-05-082-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Changelog: - Security: Don't allow dbclient hostname arguments to be interpreted by the shell. dbclient hostname arguments with a comma (for multihop) would be passed to the shell which could result in running arbitrary shell commands locally. That could be a security issue in situations where dbclient is passed untrusted hostname arguments. Now the multihop command is executed directly, no shell is involved. Thanks to Marcin Nowak for the report, tracked as CVE-2025-47203 - Fix compatibility for htole64 and htole32, regression in 2025.87 Patch from Peter Fichtner to work with old GCC versions, and patch from Matt Robinson to check different header files. - Fix building on older compilers or libc that don't support static_assert(). Regression in 2025.87 - Support ~R in the client to force a key re-exchange. - Improve strict KEX handling. Dropbear previously would allow other packets at the end of key exchange prior to receiving the remote peer's NEWKEYS message, which should be forbidden by strict KEX. Reported by Fabian Bäumer.
* security/snowflake-tor: fix typo in snowflake-broker rc scriptVinícius Zavam2025-05-082-2/+2
| | | | | | | PR: 286632 Reported by: polyduekes % proton.me Sponsored by: TorBSD Diversity Project, TDP Sponsored by: The Tor Project
* security/cargo-audit: Update version 0.21.0=>0.21.2Muhammad Moinur Rahman2025-05-073-201/+287
| | | | Changelog: https://github.com/rustsec/rustsec/releases/tag/cargo-audit%2Fv0.21.2
* security/vuxml: add www/*chromium < 136.0.7103.92Robert Nagy2025-05-071-0/+33
| | | | Obtained from: https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop.html
* security/trivy: update to 0.62.1Matthias Fechner2025-05-072-6/+6
| | | | Changes: https://github.com/aquasecurity/trivy/releases/tag/v0.62.1
* security/afl++: Update to 4.32cFabian Keil2025-05-062-11/+11
| | | | | | | | | | | While at it, leverage "Uses" for llvm as suggested by Benjamin Takacs. [1] ChangeLogs: https://github.com/AFLplusplus/AFLplusplus/releases/tag/v4.31c https://github.com/AFLplusplus/AFLplusplus/releases/tag/v4.32c PR: 286068 [1] Reported by: Benjamin Takacs <nimaje+fbz@bureaucracy.de> [1]
* security/afl++: Drop maintainershipLorenzo Salvadore2025-05-061-1/+1
| | | | | I do not have enough time to take care of this port, so I put it back into the pool.
* security/rustscan: AdoptMuhammad Moinur Rahman2025-05-061-1/+1
|
* security/cargo-audit: AdoptMuhammad Moinur Rahman2025-05-061-1/+1
|
* security/gnupg-pkcs11-scd: update to 0.11.0Mathieu Arnold2025-05-063-18/+4
|
* security/rustscan: drop maintainershipMikael Urankar2025-05-061-1/+1
|
* security/cloak: drop maintainershipMikael Urankar2025-05-061-1/+1
|
* security/cargo-audit: drop maintainershipMikael Urankar2025-05-061-1/+1
|
* security/linux-rl9-libxcrypt: integrate into linux_base-rl9Dima Panov2025-05-065-65/+0
| | | | PR: 283925
* security/vuxml: add www/*chromium < 136.0.7103.59Robert Nagy2025-05-061-0/+39
| | | | Obtained from: https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop_29.html
* security/git-credential-oauth: Update to 0.15.1Emanuel Haupt2025-05-062-9/+8
|
* security/fizz: update 2025.04.28.00 → 2025.05.05.00Yuri Victorovich2025-05-052-4/+4
|
* security/plasma6-kwallet-pam: add patches lost during transition from Plasma5Max Brazhnikov2025-05-053-1/+27
| | | | while here, remove needless dependence on Qt6 libraries.
* security/crowdsec-firewall-bouncer: Update 0.0.31 => 0.0.32marco2025-05-052-11/+10
| | | | | | | Changelog: https://github.com/crowdsecurity/cs-firewall-bouncer/releases/tag/v0.0.32 PR: 286602
* security/vuxml: Add entry for fcgi < 2.4.5Christos Chatzaras2025-05-051-0/+30
| | | | | PR: 286590 Reported by: chris@cretaforce.gr
* security/nmap*: LibreSSL is not supportedCy Schubert2025-05-052-0/+8
| | | | | | | | Upstream calls EC_GROUP_method_of(). OpenBSD has removed EC_GROUP_method_of() from their tree, meaning LibreSSL doesn't have it either. security/nmap* will not build with LibreSSL. PR: 286598
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-01 15:38:16 +0000