Received: from mail.netbsd.org (mail.netbsd.org [204.152.190.11]) by www.NetBSD.org (Postfix) with ESMTP id 5875663B293 for ; Sat, 6 Jun 2009 11:26:21 +0000 (UTC) Received: by mail.netbsd.org (Postfix, from userid 0) id E557463B237; Sat, 6 Jun 2009 11:26:20 +0000 (UTC) Received: from cvs.netbsd.org (cvs.NetBSD.org [IPv6:2001:4f8:3:7:2e0:81ff:fe30:95bd]) by mail.netbsd.org (Postfix) with ESMTP id A357C63B1CF for ; Sat, 6 Jun 2009 11:26:19 +0000 (UTC) Received: by cvs.netbsd.org (Postfix, from userid 500) id 90595175D0; Sat, 6 Jun 2009 11:26:19 +0000 (UTC) MIME-Version: 1.0 Content-Disposition: inline Content-Transfer-Encoding: binary Content-Type: text/plain Date: Sat, 6 Jun 2009 11:26:19 +0000 From: Adrian Portelli Subject: CVS commit: pkgsrc/security/base To: pkgsrc-changes@NetBSD.org Reply-To: adrianp@netbsd.org X-Mailer: log_accum Message-Id: <20090606112619.90595175D0@cvs.netbsd.org> Sender: pkgsrc-changes-owner@NetBSD.org List-Id: pkgsrc-changes Precedence: list Module Name: pkgsrc Committed By: adrianp Date: Sat Jun 6 11:26:19 UTC 2009 Modified Files: pkgsrc/security/base: Makefile PLIST distinfo pkgsrc/security/base/patches: patch-aa Log Message: 4/03/2009 1.4.2 (chandy) - EmThreats_link opens now in separate browser window -- Juergen Leising for Micah Gersten - A new reference "[rule]" points now to base_local_rules.php, which displays a particular rule for a given rules id (sid). Prerequisite for this is that "local_rules_dir" in base_conf.php points to an actually existing and readable/searchable directory which contains the snort rules. Please note, that a web server is usually NOT allowed to access any files outside of its document root. Feature request by Chris Ryan, cf. https://sourceforge.net/forum/message.php?msg_id=5310420 https://sourceforge.net/forum/message.php?msg_id=5311517 -- Juergen Leising - Update of base.spec; works with fedora 10 -- Juergen Leising - I have applied two patches submitted by asavenkov with regard to the oci8 driver (oracle 10), cf. https://sourceforge.net/forum/message.php?msg_id=5795641 https://sourceforge.net/forum/message.php?msg_id=5796556 -- Juergen Leising - The "email-the-alerts"-variables were defined twice at different locations in base_conf.php. Fixed this. -- Juergen Leising - Emails from BASE containing one or more alerts include now a "To:"-header, as well. Bug report no. 2234733 -- Juergen Leising - $sort_order, once it has been chosen, survives now a possible "action", even in base_stat_uaddr.php, base_stat_ports.php, base_stat_iplink.php, base_stat_class.php and base_stat_sensor.php. Bug no. 2234745. -- Juergen Leising - The refresh-problem, when an "action" has been taken, is now fixed in base_stat_uaddr.php, base_stat_ports.php, base_stat_iplink.php, base_stat_class.php and base_stat_sensor.php, as well. Bug no. 1681012. -- Juergen Leising - I have corrected the way ICMP redirect messages are displayed by BASE, inspired by Bruno G. San Alejo. -- Juergen Leising - Several preprocessor events that did not get stored in the acid_event table, so far, are now processed and displayed by BASE. This affects all those preprocessors which have sig names that do NOT start with a "spp_" prefix. -- Juergen Leising - Fixed bug with archiving IP options. -- Juergen Leising 5/14/09 1.4.3 (gabi) - XSS Flaws fixed in alert groups -- Kevin Johnson - Possible SQL injection flaw fixed in AG -- Kevin Johnson - XSS Flaws fixed in base_qry files -- Kevin Johnson - Multiple XSS flaws fixed in citems -- Kevin Johnson 5/30/09 1.4.3.1 (zig) - Multiple XSS flaws fixed in User and Role management -- Kevin Johnson To generate a diff of this commit: cvs rdiff -u -r1.23 -r1.24 pkgsrc/security/base/Makefile cvs rdiff -u -r1.8 -r1.9 pkgsrc/security/base/PLIST cvs rdiff -u -r1.10 -r1.11 pkgsrc/security/base/distinfo cvs rdiff -u -r1.2 -r1.3 pkgsrc/security/base/patches/patch-aa Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.