pkgsrc-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: [pkgsrc-2009Q1] pkgsrc/security/base



Module Name:    pkgsrc
Committed By:   tron
Date:           Sun Jun  7 10:15:56 UTC 2009

Modified Files:
        pkgsrc/security/base [pkgsrc-2009Q1]: Makefile PLIST distinfo
        pkgsrc/security/base/patches [pkgsrc-2009Q1]: patch-aa

Log Message:
Pullup ticket #2787 - requested by adrianp
base: security update

Revisions pulled up:
- security/base/Makefile                        1.24
- security/base/PLIST                           1.9
- security/base/distinfo                        1.11
- security/base/patches/patch-aa                1.3
---
Module Name:    pkgsrc
Committed By:   adrianp
Date:           Sat Jun  6 11:26:19 UTC 2009

Modified Files:
        pkgsrc/security/base: Makefile PLIST distinfo
        pkgsrc/security/base/patches: patch-aa

Log Message:
4/03/2009 1.4.2 (chandy)
- EmThreats_link opens now in separate browser window -- Juergen Leising
for Micah Gersten
- A new reference "[rule]" points now to base_local_rules.php,
which displays a particular rule for a given rules id (sid).
Prerequisite for this is that "local_rules_dir" in base_conf.php
points to an actually existing and readable/searchable directory which
contains the snort rules.  Please note, that a web server
is usually NOT allowed to access any files outside of its
document root.  Feature request by Chris Ryan, cf.
https://sourceforge.net/forum/message.php?msg_id=5310420
https://sourceforge.net/forum/message.php?msg_id=5311517
-- Juergen Leising
- Update of base.spec; works with fedora 10 -- Juergen Leising
- I have applied two patches submitted by asavenkov
with regard to the oci8 driver (oracle 10), cf.
https://sourceforge.net/forum/message.php?msg_id=5795641
https://sourceforge.net/forum/message.php?msg_id=5796556
-- Juergen Leising
- The "email-the-alerts"-variables were defined twice at different
locations in base_conf.php.  Fixed this.  -- Juergen Leising
- Emails from BASE containing one or more alerts include now a
"To:"-header, as well.  Bug report no. 2234733 -- Juergen Leising
- $sort_order, once it has been chosen, survives now a possible "action",
even in base_stat_uaddr.php, base_stat_ports.php, base_stat_iplink.php,
base_stat_class.php and base_stat_sensor.php.
Bug no. 2234745. -- Juergen Leising
- The refresh-problem, when an "action" has been taken, is now fixed in
base_stat_uaddr.php, base_stat_ports.php, base_stat_iplink.php,
base_stat_class.php and base_stat_sensor.php, as well.
Bug no. 1681012. -- Juergen Leising
- I have corrected the way ICMP redirect messages are displayed
by BASE, inspired by Bruno G. San Alejo. -- Juergen Leising
- Several preprocessor events that did not get stored in the acid_event
table, so far, are now processed and displayed by BASE.  This affects
all those preprocessors which have sig names that do NOT start with
a "spp_" prefix. -- Juergen Leising
- Fixed bug with archiving IP options. -- Juergen Leising

5/14/09 1.4.3 (gabi)
- XSS Flaws fixed in alert groups -- Kevin Johnson
- Possible SQL injection flaw fixed in AG -- Kevin Johnson
- XSS Flaws fixed in base_qry files -- Kevin Johnson
- Multiple XSS flaws fixed in citems -- Kevin Johnson

5/30/09 1.4.3.1 (zig)
- Multiple XSS flaws fixed in User and Role management -- Kevin Johnson


To generate a diff of this commit:
cvs rdiff -u -r1.23 -r1.23.4.1 pkgsrc/security/base/Makefile
cvs rdiff -u -r1.8 -r1.8.4.1 pkgsrc/security/base/PLIST
cvs rdiff -u -r1.10 -r1.10.4.1 pkgsrc/security/base/distinfo
cvs rdiff -u -r1.2 -r1.2.28.1 pkgsrc/security/base/patches/patch-aa

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.



Home | Main Index | Thread Index | Old Index