Hi!
Just updated our buildbot master system to OpenBSD 7.5 and after pkg_add -u
rcctl -d start buildbot failed with:
> doing _rc_parse_conf
> buildbot_flags empty, using default >/var/buildbot<
> doing rc_check
> buildbot
> doing rc_start
> doing _rc_wait_for_start
> doing rc_check
> doing rc_chec
Hi!
I'm doing vulnerability scanning on some ports and for unzip CVE-2021-4217
seems not fixed.
Ubuntu had a proposed patch under
https://bugs.launchpad.net/ubuntu/+source/unzip/+bug/1957077/+attachment/5554956/+files/0001-Fix-null-pointer-dereference-and-use-of-uninitialized-data.patch.
Thanks!
Hi,
On the oss-security mailing list where reports about several CVEs concerning
libxml2.
These patches fixes CVE-2017-9047, CVE-2017-9048, CVE-2017-9049 and
CVE-2017-9050.
Cheers,
Matthias
patch-CVE-2017-9047:
--- valid.c.origMon May 23 09:25:25 2016
+++ valid.c Wed May 31 16:13:56
On 02.06.2017 - 12:26:46, Paul Irofti wrote:
> On Thu, Jun 01, 2017 at 09:09:48AM +0200, Matthias Pitzl wrote:
> > Hi,
> >
> > On the oss-security mailing list where reports about several CVEs concerning
> > libxml2.
> > These patches fixes CVE-2017-9047, CVE-201
Hello,
The following patch adds a new port for libmodsecurity of
https://www.modsecurity.org/.
https://github.com/SpiderLabs/ModSecurity:
Libmodsecurity is one component of the ModSecurity v3 project. The library
codebase serves as an interface to ModSecurity Connectors taking in web traffic
and
Hello Stuart,
Thank you for your quick reply.
On 21.07.2020 - 11:46:29, Stuart Henderson wrote:
> On 2020/07/21 10:45, Matthias Pitzl wrote:
> > Hello,
> >
> > The following patch adds a new port for libmodsecurity of
> > https://www.modsecurity.org/.
> >
Hi,
The attached tgz contains an updated version of the new libmodsecurity port.
I fixed the comments of Stuart except the library version.
As written in my last mail, the nginx ModSecurity connector relies on a lib
version 3.x and I do not want to patch the connector.
Greetings,
Matthias
libmo
On 21.07.2020 - 14:34:59, Stuart Henderson wrote:
> > > > +V =3.0.4
> > > > +DISTNAME = modsecurity-v$V
> > > > +PKGNAME = libmodsecurity-$V
> > > > +
> > > > +SHARED_LIBS += modsecurity 3.3 # 3.3
> > >
> > > start with 0.0
> > >
> >
>
Hello,
The following patch adds the ModSecurity connector module to nginx.
This module uses my previously sent libmodsecurity.
By moving the module sources into the nginx source directory in the pre-patch
stage, the configure run accepts the libmodsecurity with 0.0 as version without
any real pat
Hi,
B::COW is a simple module for checking copy-on-write status in Perl.
Needed as test dependency for p5-CDB_File, a new port I'm working on.
Greetings,
Matthias
devel_p5-B-COW.tgz
Description: application/gzip
Hi,
CDB_File is a Perl module for accessing constant databases (cdb).
Greetings,
Matthias
databases_p5-CDB_File.tgz
Description: application/gzip
Hello,
REST::Client is a simple REST client capable to work with http and https
resources.
Greetings,
Matthias
net_p5-REST-Client.tgz
Description: application/gzip
On 22.07.2020 - 10:43:09, Matthias Pitzl wrote:
> On 21.07.2020 - 14:34:59, Stuart Henderson wrote:
> > > > > +V = 3.0.4
> > > > > +DISTNAME = modsecurity-v$V
> > > > > +PKGNAME = libm
On 23.07.2020 - 13:48:12, Matthias Pitzl wrote:
> Hello,
>
> REST::Client is a simple REST client capable to work with http and https
> resources.
>
> Greetings,
> Matthias
Hi,
Any OK or other feedback on this one?
Greetings,
Matthias
On 22.07.2020 - 10:47:14, Matthias Pitzl wrote:
> Hello,
>
> The following patch adds the ModSecurity connector module to nginx.
> This module uses my previously sent libmodsecurity.
>
> By moving the module sources into the nginx source directory in the pre-patch
> sta
On 24.07.2020 - 13:39:55, Andrew Hewus Fresh wrote:
> On Thu, Jul 23, 2020 at 12:05:01PM +0200, Matthias Pitzl wrote:
> > Hi,
> >
> > CDB_File is a Perl module for accessing constant databases (cdb).
>
> The contents of the "bun-x.pl" script are included in
Hello,
This new port is needed for adding ModSecurity support to nginx.
Excerpt from github:
ModSecurity is an open source, cross platform web application firewall (WAF)
engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs.
It has a robust event-based programming langua
Hello,
The following patch adds the ModSecurity connector module to nginx.
This module uses my previously sent libmodsecurity.
By moving the module sources into the nginx source directory in the pre-patch
stage, the configure run accepts the libmodsecurity with 0.0 as version without
any real pat
On 24.08.2020 - 16:19:06, Stuart Henderson wrote:
> On 2020/08/24 14:28, Matthias Pitzl wrote:
> > Hello,
> >
> > This new port is needed for adding ModSecurity support to nginx.
> >
> > Excerpt from github:
> > ModSecurity is an open source, cross plat
Hi,
In libxml2 were some more CVEs.
The patches attached fix these:
CVE-2017-9663:
>From 92b9e8c8b3787068565a1820ba575d042f9eec66 Mon Sep 17 00:00:00 2001
From: Nick Wellnhofer
Date: Tue, 6 Jun 2017 12:56:28 +0200
Subject: Fix type confusion in xmlValidateOneNamespace
Comment out code that cast
Hi,
I'm working on a port for Chart::Clicker and one of the modules it depends on
wants a newer version of Data::Visitor.
The diff below brings devel/p5-Data-Visitor to the current version 0.30.
Greetings,
Matthias
-
Index:
On 19.07.2017 - 23:28:57, Alexander Bluhm wrote:
> On Wed, Jul 19, 2017 at 12:12:15PM +0200, Matthias Pitzl wrote:
> > The diff below brings devel/p5-Data-Visitor to the current version 0.30.
>
> make regress does not pass. It complains about Data::Alias. This
> has to be reso
On 20.07.2017 - 12:02:59, Alexander Bluhm wrote:
> On Thu, Jul 20, 2017 at 11:32:04AM +0200, Matthias Pitzl wrote:
> > Good point. I checked the port for Data::Alias and I don't think there's an
> > easy
> > fix for this module. There are several bug tickets o
On 20.07.2017 - 12:02:59, Alexander Bluhm wrote:
> On Thu, Jul 20, 2017 at 11:32:04AM +0200, Matthias Pitzl wrote:
> > Good point. I checked the port for Data::Alias and I don't think there's an
> > easy
> > fix for this module. There are several bug tickets o
On 20.07.2017 - 13:08:13, Alexander Bluhm wrote:
> On Thu, Jul 20, 2017 at 12:39:46PM +0200, Matthias Pitzl wrote:
> > The attached diff adds a patch for Data::Visitor preventing the loading of
> > Data::Alias.
>
> Test pass, but make regress gives this ugly o
Hi,
I'm working on a port for Chart::Clicker and therefore had to build a bunch of
new ports.
This one is for the Check::ISA module for checking, if a given object is of a
certain class.
-- Matthias
p5-Check-ISA.tgz
Description: application/gtar-compressed
Hi,
This is a port for the Forest module of Perl.
It provides a collection of n-ary tree related modules.
Needed on the way to the Chart::Clicker port im working on.
-- Matthias
p5-Forest.tgz
Description: application/gtar-compressed
Hi,
This is a new port for the MooseX::Storage module.
It provides a serialization framework for Moose classes.
Also needed as dependency for the Chart::Clicker stuff.
-- Matthias
p5-MooseX-Storage.tgz
Description: application/gtar-compressed
Hi,
This is a new port for Test::Deep::JSON.
-- Matthias
p5-Test-Deep-JSON.tgz
Description: application/gtar-compressed
Hi,
A new port for the Test::Deep::Type module.
-- Matthias
p5-Test-Deep-Type.tgz
Description: application/gtar-compressed
Hi,
This is a new port for Color::Library, needed on the way to the Chart::Clicker
port.
-- Matthias
p5-Color-Library.tgz
Description: application/gtar-compressed
Hi,
New port for Color::Scheme module of Perl.
Also needed for Chart::Clicker port.
-- Matthias
p5-Color-Scheme.tgz
Description: application/gtar-compressed
Hi,
Port for the Graphics::Color module. Needed also by Chart::Clicker.
-- Matthias
p5-Graphics-Color.tgz
Description: application/gtar-compressed
Hi,
This is the port for Chart::Clicker, a modern an powerful module for charting in
Perl.
-- Matthias
p5-Chart-Clicker.tgz
Description: application/gtar-compressed
Hi,
A new port for Graphics::Primitive::Driver::Cairo.
Needed for Chart::Clicker.
-- Matthias
p5-Graphics-Primitive-Driver-Cairo.tgz
Description: application/gtar-compressed
Hi,
Port for Graphics::Primitive. Also a requirement for Chart::Clicker.
-- Matthias
p5-Graphics-Primitive.tgz
Description: application/gtar-compressed
Hi,
Port for the Layout::Manager Perl module needed by Chart::Clicker.
-- Matthias
p5-Layout-Manager.tgz
Description: application/gtar-compressed
On 20.07.2017 - 17:22:55, Stuart Henderson wrote:
> On 2017/07/20 16:20, Matthias Pitzl wrote:
> > Hi,
> >
> > This is a port for the Forest module of Perl.
> > It provides a collection of n-ary tree related modules.
> > Needed on the way to the
On 20.07.2017 - 17:33:47, Stuart Henderson wrote:
> On 2017/07/20 16:24, Matthias Pitzl wrote:
> > Hi,
> >
> > A new port for the Test::Deep::Type module.
> >
> > -- Matthias
>
> Requires devel/p5-Test-Fatal in TEST_DEPENDS. I would also add the
> op
On 20.07.2017 - 17:36:50, Stuart Henderson wrote:
> On 2017/07/20 16:22, Matthias Pitzl wrote:
> > Hi,
> >
> > This is a new port for the MooseX::Storage module.
> > It provides a serialization framework for Moose classes.
> > Also needed as depend
Hi,
This is a new port for Text::Flow which is also needed by Chart::Clicker.
-- Matthias
p5-Text-Flow.tgz
Description: application/gtar-compressed
On 31.01.2025 - 20:31:59, Klemens Nanni wrote:
> On 31.01.2025 12:21, Matthias Pitzl wrote:
> > Hi!
> >
> > This is a port for the modern and maintained Perl distribution Data::Radius
> > which contains several modules for encoding/decoding RADIUS packets.
> >
Hi!
Attached a new port for the Perl module Const::FAST, which I need as dependency
for the upcoming port p5-Data-Radius, a modern Perl module for encoding/decoding
RADIUS packets.
Cheers,
Matthias
p5-Const-Fast.tgz
Description: application/gtar-compressed
smime.p7s
Description: S/MIME crypto
Hi!
This is a port for the modern and maintained Perl distribution Data::Radius
which contains several modules for encoding/decoding RADIUS packets.
In comparison to the existing p5-Net-Radius port, this new module
- supports working with Message-Authenticator attribute in packets as required
b
On 03.02.2025 - 18:02:26, Klemens Nanni wrote:
> 03.02.2025 16:59, Stuart Henderson пишет:
> >> Attached an updated version of p5-Data-Radius.
> >
> > OK sthen
>
> Imported, thanks.
Nice! Thank you!
>
> >> I do not know, if p5-Net-Radius should be removed. I only can say that we
> >> do not
>
Hi!
The current version of the Perl module contains a bug concerning the message
authenticator calculation for ACCESS_CHALLENGE replies (this type is missing in
the list of reply packet types).
The following diff fixes the problem.
I also reported the bug upstream, so hopefully there will be a ne
On 04.02.2025 - 14:59:52, Klemens Nanni wrote:
> 04.02.2025 16:23, Matthias Pitzl пишет:
> > Hi!
> >
> > The current version of the Perl module contains a bug concerning the message
> > authenticator calculation for ACCESS_CHALLENGE replies (this type is
> >
On 20.01.2025 - 20:53:24, Kirill A. Korinsky wrote:
> On Mon, 20 Jan 2025 09:42:21 +0100,
> Matthias Pitzl wrote:
> >
> > @@ -65,6 +68,7 @@ HOMEPAGE-geoip2= https://github.com/leev
> > HOMEPAGE-headers_more=
> > https://github.com/openresty/headers-m
On 17.01.2025 - 12:07:42, Theo Buehler wrote:
> > About the sparc64 build, I don't have a machine so we have to wait for the
> > bulk
> > build...
>
> The diff below builds and packages on sparc64 (with libmodsecurity 3.0.13)
> and is ok tb
Great to hear and thanks a lot for testing!
Here the u
Hi!
Here's an update to the Dante sockd port to version 1.4.4 due to CVE-2024-54662.
Cheers,
Matthias
Index: Makefile
===
RCS file: /mount/cvsdev/openbsd/cvs/ports/security/dante/Makefile,v
diff -u -p -r1.56 Makefile
--- Makefile
On 21.01.2025 - 20:10:23, Stuart Henderson wrote:
> On 2025/01/21 09:26, Matthias Pitzl wrote:
> > On 20.01.2025 - 20:53:24, Kirill A. Korinsky wrote:
> > > On Mon, 20 Jan 2025 09:42:21 +0100,
> > > Matthias Pitzl wrote:
> > > >
> > > > @@ -65,
Hi!
Bluhm has submitted security/libmodsecurity a while ago and this diff adds the
ModSecurity3 connector to nginx port which is required for building a web
application firewall using ModSecurity3.
Would be nice if this could be added to nginx.
Thanks a lot for your work maintaining the port!
G
On 16.01.2025 - 15:57:10, Stuart Henderson wrote:
> On 2025/01/16 16:06, Matthias Pitzl wrote:
> > +WANTLIB-modsecurity3=${COMPILER_LIBCXX} c curl crypto iconv lzma m
> > \
> > + maxminddb modsecurity n
On 06.02.2025 - 09:47:42, Matthias Pitzl wrote:
> On 04.02.2025 - 14:59:52, Klemens Nanni wrote:
> > 04.02.2025 16:23, Matthias Pitzl пишет:
> > > Hi!
> > >
> > > The current version of the Perl module contains a bug concerning the
> > >
54 matches
Mail list logo
