pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2006Q1]: pkgsrc/security/base Pullup ticket 1689 - requested b...
details: https://anonhg.NetBSD.org/pkgsrc/rev/910d739d90e0
branches: pkgsrc-2006Q1
changeset: 510321:910d739d90e0
user: salo <salo%pkgsrc.org@localhost>
date: Wed Jun 07 00:14:26 2006 +0000
description:
Pullup ticket 1689 - requested by adrianp
security update for base
Revisions pulled up:
- pkgsrc/security/base/Makefile 1.8, 1.10
- pkgsrc/security/base/PLIST 1.3, 1.4
- pkgsrc/security/base/distinfo 1.3, 1.4
- pkgsrc/security/base/patches/patch-aa 1.2
Module Name: pkgsrc
Committed By: adrianp
Date: Fri May 12 22:31:38 UTC 2006
Modified Files:
pkgsrc/security/base: Makefile PLIST distinfo
pkgsrc/security/base/patches: patch-aa
Log Message:
Update to BASE 1.2.4
> Changes:
> - Fixed issue with PostGRES and schema in base_db.inc.php -- Kevin J and Nikns
> - Fixed bug 1284695 Error in SQL with PostgreSQL -- Kevin J and Nikns
> - Fixed issues displaying PortScans -- Nikns
> - Fixed sig_class (bug 1407325) and sig_priority filter bug -- Nikns and Max Valdez (garaged)
> - Fixed bug 1408387 Archive move and Email summary issues -- Nikns
> - Fixed bug when, after setup, archive database wasn't used -- Nikns
> - Fixed PostgreSQL archive database support -- Nikns
> - Fixed bug 1313261 Unable to use actions in base_stat_sensor.php -- Nikns
> - Fixed bug 1371532 First of month timestamp issue -- Nikns
> - Fixed bug 1406945 Lost alert order when switching between payload display -- Nikns
> - Fixed bug 1413712 base_conf.php file path issue under MS Windows -- garaged
> - Fixed search by signature name -- Nikns
> - Converted sql/create_base_tbls_mssql_extra.sql to CRLF line terminators -- Nikns
> - Fixed broken auth system for MSSQL -- Nikns
> - Changed MSSQL schema for table acid_event, sig_name now has type VARCHAR instead of TEXT -- Nikns
> - Fixed bug 1307250 broken base_stat_alerts.php with MSSQL -- Nikns
> - Fixed bug 1413594 Force to use alert database for auth system stuff -- Nikns
> - Setup fix, on error form values are remembered, default language is English -- garaged
> - Uppercased name 'Archive' in base_main.php (in sync with base_hdr1.php) -- Nikns
> - Fixed support for actions in base_stat_class.php -- Nikns
> - Fixed bug 1418660 Broken search by IP criteria -- Nikns
> - Added checkboxes and fixed support for actions in base_stat_iplink.php -- Nikns
> - Implemented RFE 1123382 support for actions in base_stat_uaddr.php -- Nikns
> - Implemented support for actions in base_stat_ports.php -- Nikns
> - Fixed bug 1422575 when empty email sent even if action unsuccessful -- Nikns
> - Fixed bug 1424033 Unable to Graph Alert Detection Time -- Nikns
> - Fixed bug 1426089 Score removed from email address -- Nikns
> - Fixed bug 1210542 and 1288402 Packet display mode issues -- Nikns
> - Detect archiving duplicates with select queries instead of catching db conflict error -- Nikns
> - Fixed bug 1430686 Update alert cache for archived alert right after it is coppied to archive db -- Nikns
> - Implemented archiving support for schema 107 -- Nikns
> - Added sig_gid (signature generator id) to snort signature reference url for schema 107 -- Nikns
> - session_start() on base_conf.php avoiding repetition, easier to handle with debug output -- garaged
> - debug_mode needs to be off on login (index.php:45 ) -- garaged
> - Fixed bug 1275536 Unable to download binary payload in Internet Explorer when using SSL -- Nikns
> - Implemented archiving support for FLoP extended database schema -- Nikns
> - Implemented rebuild of packet in pcap format for FLoP extended database -- Nikns
> - Added display of MAC addresses in base_query_alert.php for FLoP extended database -- Nikns
> - Fixed BASE authentication bypass in standalone mode for base_maintenance.php -- Nikns
> - Added HTTP response codes on authentication failure in base_maintenance.php for standalone mode -- Nikns
> - Fixed bug 1341286 Show IP header length in bytes, not words -- Juergen Leising
> - In plain display mode several sequential non-ASCII payload characters join together displaying their count -- Nikns
> - Changed input type of the password field in useradmin -- Kevin Johnson
---
Module Name: pkgsrc
Committed By: adrianp
Date: Tue Jun 6 19:41:43 UTC 2006
Modified Files:
pkgsrc/security/base: Makefile PLIST
Log Message:
Update to 1.2.5
> - 6/4/2006 1.2.5 (sarah)
> - Added base64 encoding support for MAC addresses presented on the screen for FLoP extended database -- Juergen Leising
> - Added base64 encoding support for rebuild of packet in pcap format for FLoP extended database -- Juergen Leising
> - Fixed issue with Oracle and schema version in base_db.inc.php -- Nikns
> - Fixed bug when alerts with sig references would fail to archive causing duplicates error -- Nikns
> - Added base64 encoding support for ICMP payload additional table in base_qry_alert.php -- Juergen Leising
> - Added check for PHP Logging Level against E_NOTICES in setup/index.php -- Nikns
> - Fixed bug when certain preprocessor alerts would not be cached (for example arpspoof) -- Nikns
> - Added setup/setup_db.inc.php with CreateBASEAG() to resolve redundancy in setup and base_db_setup.php -- Nikns
> - Removed unnecessary and broken search index stuff from Create BASE AG, since schemas are already with them -- Nikns
> - Added XSSPrintSafe() (array safe htmlspecilchars() function) and made filterSql() use ADOdb qmagic() -- Nikns
> - Changed input type of the password field to actually be password in setup3.php -- Nikns
> - Filtered all unfiltred (mainly auth system stuff) $_POST and $_GET variables using filterSql() -- Nikns
> - Santized all $_SERVER variables to be protected against XSS attacks -- Nikns
> - Added "Clear Data Tables" option in base_maintenance.php and "Repair Tables" option to execute CreateBASEAG() -- Nikns
> - Make use of FLoP's event reference. Signature name of alert which trigered "Tagged Packet" alert is shown too -- Nikns
> - Updated chinese.lang.php -- Johnson Chiang
> - Fixed Time error in searches -- Jeff Kell
> - Fixed refresh issue with ~ directories -- Kevin Johnson
> - Fixed cookie stored data and authentication scheme to correct Nikns' report on session forge issue -- GaRaGeD
> - Updated link to the Nessus plug in DB -- Jonathan W Miner
> - Fixed display after deleting alerts -- Bruce Briggs
> - Fixed Bug #1466392 - Back button doesn't work after refresh. -- Juergen Leising
> - Patches from jhart%spoofed.org@localhost to add missing ICMP and TCP type and codes - GaRaGeD
> - add support for ICMP redirect decoding. - Jon Hart
> - add decoding support for ICMP source quench and ICMP parameter problem - Jon Hart
> - split up "flags" into DF and MF, much like tcp flags are currently handled - Jon Hart
---
Module Name: pkgsrc
Committed By: adrianp
Date: Tue Jun 6 20:09:50 UTC 2006
Modified Files:
pkgsrc/security/base: distinfo
Log Message:
Update distinfo missed in the update to 1.2.5
diffstat:
security/base/Makefile | 12 +++++++-----
security/base/PLIST | 7 ++++---
security/base/distinfo | 10 +++++-----
security/base/patches/patch-aa | 32 ++++++++++++++++----------------
4 files changed, 32 insertions(+), 29 deletions(-)
diffs (136 lines):
diff -r d6884c0c991c -r 910d739d90e0 security/base/Makefile
--- a/security/base/Makefile Tue Jun 06 23:46:58 2006 +0000
+++ b/security/base/Makefile Wed Jun 07 00:14:26 2006 +0000
@@ -1,12 +1,12 @@
-# $NetBSD: Makefile,v 1.7 2006/03/14 20:43:23 jlam Exp $
+# $NetBSD: Makefile,v 1.7.2.1 2006/06/07 00:14:26 salo Exp $
#
-DISTNAME= base-1.2.2
+DISTNAME= base-1.2.5
CATEGORIES= security
MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=secureideas/}
MAINTAINER= adrianp%NetBSD.org@localhost
-HOMEPAGE= http://secureideas.sourceforge.net/
+HOMEPAGE= http://secureideas.sourceforge.net/
COMMENT= Analysis engine to process a database of security events
DEPENDS+= adodb>=1.2:../../databases/adodb
@@ -22,6 +22,8 @@
NO_BUILD= YES
+.include "../../mk/bsd.prefs.mk"
+
DOC_FILES= CHANGELOG CREDITS README README.mssql TODO UPGRADE base_faq.rtf
BASE_DIR= ${PREFIX}/share/base
EGDIR= ${PREFIX}/share/examples/base
@@ -61,11 +63,11 @@
${INSTALL_SCRIPT} ${WRKSRC}/*.php ${BASE_DIR}
. for f in ${DOC_FILES}
- ${INSTALL_DATA} ${WRKSRC}/docs/${f} ${PREFIX}/share/doc/base
+ ${INSTALL_DATA} ${WRKSRC}/docs/${f:Q} ${PREFIX}/share/doc/base
. endfor
. for i in ${PAX_DIRS}
- cd ${WRKSRC}/${i} && ${PAX} -rw . ${BASE_DIR}/${i}
+ cd ${WRKSRC}/${i:Q} && ${PAX} -rw . ${BASE_DIR}/${i:Q}
. endfor
@${CHOWN} ${WWW_USER} ${BASE_DIR}
diff -r d6884c0c991c -r 910d739d90e0 security/base/PLIST
--- a/security/base/PLIST Tue Jun 06 23:46:58 2006 +0000
+++ b/security/base/PLIST Wed Jun 07 00:14:26 2006 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.2 2006/03/13 13:11:05 adrianp Exp $
+@comment $NetBSD: PLIST,v 1.2.2.1 2006/06/07 00:14:26 salo Exp $
share/base/admin/base_roleadmin.php
share/base/admin/base_useradmin.php
share/base/admin/index.php
@@ -62,8 +62,8 @@
share/base/includes/base_state_query.inc.php
share/base/includes/base_template.php
share/base/includes/base_user.inc.php
-share/base/includes/class.ezpdf.php
-share/base/includes/class.pdf.php
+share/base/includes/fpdf_class.php
+share/base/includes/fpdf_fonts.php
share/base/index.php
share/base/languages/chinese.lang.php
share/base/languages/czech.lang.php
@@ -88,6 +88,7 @@
share/base/scripts/base_maintenance.pl
share/base/setup/base_conf_contents.php
share/base/setup/index.php
+share/base/setup/setup_db.inc.php
share/base/setup/setup1.php
share/base/setup/setup2.php
share/base/setup/setup3.php
diff -r d6884c0c991c -r 910d739d90e0 security/base/distinfo
--- a/security/base/distinfo Tue Jun 06 23:46:58 2006 +0000
+++ b/security/base/distinfo Wed Jun 07 00:14:26 2006 +0000
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.2 2006/03/13 13:11:05 adrianp Exp $
+$NetBSD: distinfo,v 1.2.2.1 2006/06/07 00:14:26 salo Exp $
-SHA1 (base-1.2.2.tar.gz) = 34d389aec22d7c99cfe344c3df8c1a488529a723
-RMD160 (base-1.2.2.tar.gz) = c3e22f216e6ab67e9ded3050692bdb4479a65130
-Size (base-1.2.2.tar.gz) = 346518 bytes
-SHA1 (patch-aa) = 643f22ba268bf712bfc969b6e3e5d086106f466f
+SHA1 (base-1.2.5.tar.gz) = ea53ea599e0fb52679ac04d6fae8151f84928732
+RMD160 (base-1.2.5.tar.gz) = 212a931d3c77aec6520e4eebce3fae3f8e1c1feb
+Size (base-1.2.5.tar.gz) = 335285 bytes
+SHA1 (patch-aa) = 71c95cbf0bfe45ee818c409bfe9d57753b71689d
diff -r d6884c0c991c -r 910d739d90e0 security/base/patches/patch-aa
--- a/security/base/patches/patch-aa Tue Jun 06 23:46:58 2006 +0000
+++ b/security/base/patches/patch-aa Wed Jun 07 00:14:26 2006 +0000
@@ -1,31 +1,31 @@
-$NetBSD: patch-aa,v 1.1.1.1 2006/01/03 21:09:44 adrianp Exp $
+$NetBSD: patch-aa,v 1.1.1.1.2.1 2006/06/07 00:14:26 salo Exp $
---- base_conf.php.dist.orig 2005-10-31 11:33:27.000000000 +1100
+--- base_conf.php.dist.orig 2006-03-19 22:22:43.000000000 +0000
+++ base_conf.php.dist
-@@ -39,7 +39,7 @@ $Use_Auth_System = 0;
+@@ -40,7 +40,7 @@ $Use_Auth_System = 0;
But also put the preceding slash. e.g. Your URL is http://127.0.0.1/base
set this to /base
*/
--$BASE_urlpath = "";
-+$BASE_urlpath = "/base";
+-$BASE_urlpath = '';
++$BASE_urlpath = '/base';
/* Unique BASE ID. The below variable, if set, will append its value to the
* title bar of the browser. This is for people who manage multiple installs
-@@ -61,7 +61,7 @@ $base_custom_footer = "";
- * $foo = "c:\tmp" [OK]
- * $foo = "c:\tmp\" [WRONG]
+@@ -62,7 +62,7 @@ $base_custom_footer = '';
+ * $foo = 'c:\tmp' [OK]
+ * $foo = 'c:\tmp\' [WRONG]
*/
--$DBlib_path = "";
-+$DBlib_path = "@PREFIX@/share/adodb";
+-$DBlib_path = '';
++$DBlib_path = '@PREFIX@/share/adodb';
+
/* The type of underlying alert database
- *
-@@ -70,7 +70,7 @@ $DBlib_path = "";
- * MS SQL Server : "mssql"
- * Oracle : "oci8"
+@@ -72,7 +72,7 @@ $DBlib_path = '';
+ * MS SQL Server : 'mssql'
+ * Oracle : 'oci8'
*/
--$DBtype = "mysql";
-+$DBtype = "@DBTYPE@";
+-$DBtype = 'mysql';
++$DBtype = '@DBTYPE@';
/* Alert DB connection parameters
* - $alert_dbname : MySQL database name of Snort alert DB
Home |
Main Index |
Thread Index |
Old Index