![[BACK]](/icons/back.gif){kind=icon}
Up to [cvs.NetBSD.org] / pkgsrc / security / libnasl
Request diff between arbitrary revisions
Keyword substitution: kv
Default branch: MAIN
Remove Nessus. The distfiles haven't been provided in a long, long time by upstream and they haven't been mirrored either.
Recursive PKGREVISION bump for jpeg update to 8.
Simply and speed up buildlink3.mk files and processing. This changes the buildlink3.mk files to use an include guard for the recursive include. The use of BUILDLINK_DEPTH, BUILDLINK_DEPENDS, BUILDLINK_PACKAGES and BUILDLINK_ORDER is handled by a single new variable BUILDLINK_TREE. Each buildlink3.mk file adds a pair of enter/exit marker, which can be used to reconstruct the tree and to determine first level includes. Avoiding := for large variables (BUILDLINK_ORDER) speeds up parse time as += has linear complexity. The include guard reduces system time by avoiding reading files over and over again. For complex packages this reduces both %user and %sys time to half of the former time.
Fix botched update of nessus. Need to BUILDLINK_ABI_DEPENDS on the 2.2.11 versions of the libraries. Bump PKGREVISION wholesale to disambiguate the fixed packages from the botched ones and depend on them. Use GPLed version of the plugins instead of the non-free version. While here fix permissions of PKG_SYSCONFDIR in nessus-core/Makefile.
Per the process outlined in revbump(1), perform a recursive revbump on packages that are affected by the switch from the openssl 0.9.7 branch to the 0.9.8 branch. ok jlam@
Update to version 2.2.9
ok <frueauf>, the MAINTAINER.
changes:
2.2.9:
======
- nessus-mkcert-client:
- Make sure that the user calling nessus-mkcert-client is root
- nessus-libraries:
- Fixed a bug in the PCAP handler which in turn should fix synscan.nes
- nessus:
- Fixed a possible memory corruption issue when creating a list of plugins
to launch
- Fixed a corruption of the .nessusrc files when receiving some plugin
prefs ending by a space
- nessus-fetch:
- Make sure that every request (including the proxy CONNECT request)
is done with the user-specified user-agent.
- nessus-plugins:
- Fixed a banner encoding problem in nessus_tcp_scanner and find_service
- Fixed a possible deadlock in synscan
- nessusd:
- Avoid a deadlock when waiting for a sub process to die
2.2.8:
======
- nessusd:
- Make sure that plugins of type ACT_INIT and ACT_SETTINGS are
always enabled during a scan
- Display more error verbose error messages when it's impossible to
load a .nes plugin
- Fixed a harmless memory reallocation problem which would truncate
a very long preference name
- nessus-libraries:
- Fixed a possible memory corruption when forwarding data from a process
to another
- libnasl:
- 'a = b + c ++' would not work as expected
- fixed a memory allocation problem when split() is passed an argument
of the wrong type
Change the format of BUILDLINK_ORDER to contain depth information as well, and add a new helper target and script, "show-buildlink3", that outputs a listing of the buildlink3.mk files included as well as the depth at which they are included. For example, "make show-buildlink3" in fonts/Xft2 displays: zlib fontconfig iconv zlib freetype2 expat freetype2 Xrender renderproto
Track information in a new variable BUILDLINK_ORDER that informs us of the order in which buildlink3.mk files are (recursively) included by a package Makefile.
Update to version 2.2.7 Approved by <frueauf> Changes: - make it work as binary packages, - remove useless MESSAGE files, - add nmap.nasl plugin, not included by default upstream, - make the installation a bit more sane and easier to configure. 2.2.7: ====== Nessus 2.2.7 contains several fixes for bugs which have been found during the 3.x developement process and have been backported to this branch. It also slightly extends the NASL language by adding support for arrays of arrays. We will use this feature in some key plugins (SMB in particular) within 6 months, so you should definitely upgrade to 2.2.7 or 3.0.x. nessus-libraries: - Fixed a NULL pointer dereferencement in the BPF server (this mostly affects OpenBSD and FreeBSD < 5) - The 'service' functions now only deal with the services file provided - with Nessus (instead of using a mix of /etc/services and others) libnasl: - Fixed off-by-one bugs in insstr() and str_replace() which would sometimes prevent these two functions from properly dealing with the last character of a string - Fixed tcp_ping() which was too aggressive and may therefore sometimes miss a live host - Fixed a bug in send() which would not properly validate the value of the 'length' variable - Now handle arrays of arrays - Fixed open_priv_sock_tcp() which would report a successful connection when timing out nessusd: - Properly install the file 'nessus-services' in $prefix/var/nessus/ - Bigger buffer when receiving preferences from the client (to avoid a possible truncation of the plugin list in the future) - Fixed a bug in the preferences parser which would cause nessusd to die on startup when processing a malformed preference file nessus client: - Fixed an unlikely but potential segmentation fault when viewing the report in the GUI - Erase the credentials from memory after having used them (thanks to Sumiut Siddhart for noticing this) plugins: - Fixed several bugs in find_services.c which would not properly set the key Transport/SSL or which may read some data beyond its buffer - Fixed a bad #if/#endif clause in nessus_tcp_scanner.c which prevented it from recomputing the RTT, hence negatively impacting the performance - nmap.nasl has been removed from the main distribution (to use nmap from within Nessus read http://www.nessus.org/documentation/?doc=nmap-usage)
Aligned the last line of the buildlink3.mk files with the first line, so that they look nicer.
Over 1200 files touched but no revisions bumped :) RECOMMENDED is removed. It becomes ABI_DEPENDS. BUILDLINK_RECOMMENDED.foo becomes BUILDLINK_ABI_DEPENDS.foo. BUILDLINK_DEPENDS.foo becomes BUILDLINK_API_DEPENDS.foo. BUILDLINK_DEPENDS does not change. IGNORE_RECOMMENDED (which defaulted to "no") becomes USE_ABI_DEPENDS which defaults to "yes". Added to obsolete.mk checking for IGNORE_RECOMMENDED. I did not manually go through and fix any aesthetic tab/spacing issues. I have tested the above patch on DragonFly building and packaging subversion and pkglint and their many dependencies. I have also tested USE_ABI_DEPENDS=no on my NetBSD workstation (where I have used IGNORE_RECOMMENDED for a long time). I have been an active user of IGNORE_RECOMMENDED since it was available. As suggested, I removed the documentation sentences suggesting bumping for "security" issues. As discussed on tech-pkg. I will commit to revbump, pkglint, pkg_install, createbuildlink separately. Note that if you use wip, it will fail! I will commit to pkgsrc-wip later (within day).
Changes 2.2.3: Nessus 2.2.3 contains a new option called "silent dependencies" which can be used to filter out the noise generated by some plugins not directly enabled by the user. It also contains a slightly more intuitive GUI which now contains a "Credentials" tab to put Windows and SSH usernames and passwords.
- Update nessus to 2.2.0 - ok'ed frueauf - specify local state dir Local security checks over SSH : Nessus can now log into the remote hosts to determine their patch levels and missing updates A rewritten internal knowledge base API : the new knowledge base API makes KB access faster and lets the plugins store any amount of data An improved internal communication between the various nessusd processes, thus reducing the overhead it takes to handle the results of the plugins and pass them to the client An improved plugin scheduler which reduces the time Nessus needs to organize the order in which plugins should be launched Sensitive scripts (which can execute commands over SSH) are cryptographically signed
Libtool fix for PR pkg/26633, and other issues. Update libtool to 1.5.10 in the process. (More information on tech-pkg.) Bump PKGREVISION and BUILDLINK_DEPENDS of all packages using libtool and installing .la files. Bump PKGREVISION (only) of all packages depending directly on the above via a buildlink3 include.
Changes 2.0.12: * Fixed a bug in ./configure which would sometimes assume that GTK is not installed whereas it actually is * Fixed a race condition in nessus-adduser for users who do not configure their TMPDIR variable (thanks to Cyrille Barthelemy) * Fixed a bug in nessus-update-plugins which would not update the plugins properly on all systems (thanks to Keith Butler) * Fixed the installer to compile Nessus with GTK support if gtk-config OR pkg-config is installed.
Convert to buildlink3.