- move 1.0 obsoleted version to net/libnet10
net/libnet is latest Stable Version
net/libnet is latest Beta Version
- Fix all depended ports with a new DEPENDS scheme
- While I'm here fix security/yersinia build on 4.x
(getopt_long and ncurses issues)
PR: ports/85519 (based on)
Submitted by: Stas Yakovlev <stas.yakovlev_at_gmail.com>
in the Back Orifice preprocessor.
- Transfer maintainership to the submitter, who seems to be tracking
Snort development much closer than I do, and submitted most of
the Snort update PRs in last couple of years
PR: ports/87628
Submitted by: Linh Pham <question+fbsdports@closedsrc.org>
- Snort distribution no longer includes rules - download them seperately
(or consider using security/oinkmaster to simplify that process)
- Change default config dir to ${PREFIX}/etc/snort (to avoid cluttering)
- Install database schemas scripts into EXAMPLESDIR
- Removed end-of-line parser fix (introduced in 2.3.1) in favor of
completely reworking this at the next parser overhaul.
PR: ports/78846
Submitted by: Linh Pham <question+fbsdports@closedsrc.org>
All ports depending on postgresql shall use the USE_PGSQL=yes knob
defined in Mk/bsd.ports.mk. Bumping portrevisions where needed.
PR: 75344
Approved by: portmgr@ (kris), ade & sean (mentors)
* Add ghostscript knobs [1]
* Add per-port persistent build options with a menu-driven front-end [2]
* Allow porters to override the message generated when do-configure fails [3]
* Add patch to obviate many pkg-plist files [4]
* Fix the PKG_DBDIR comment [5]
* Make ports framework more robust with regard to make index [6]
* Add new command macros to bsd.port.mk [7]
* Remove direct command use from bsd.port.mk [8]
* Make the ports system respect WITHOUT_CPU_CFLAGS [9]
* Break the SDL code out into bsd.sdl.mk [10]
* Add working support for USE_SIZE [11]
* Fix RANDOMIZE_MASTER_SITES on -CURRENT [12]
* Convert some spaces to tabs [13]
* Add new physcial categories accessibility and x11-themes [14]
* Speed up GNU configure scripts [15]
* Remove "//" from MLINKS items in PLISTs and fix make -s install and
make -s deinstall [16]
* Be more specific about looking for files in distinfo [17]
* Add new run-autotools target, and resort configure targets [18]
* Make CONFLICTS compare prefix for installed packages and PREFIX [19]
* Change directory to ${.CURDIR} before running certain make commands [20]
* When INSTALL_AS_USER is set, run ldconfig with failures ignored [21]
* Speed up the security check phase [22]
* Fix some corner cases in the PORTDOCS code [23]
* Add a new DEPRECATED macro [24]
* Make INDEX breakage more informative [25]
Look for a full write-up to follow on ports@ and ports-developers@.
PR: 36112 [1]
59909 [4]
61351 [6]
59058 [7]
59058 [8]
59493 [9]
55494 [10]
59058 [11]
59315 [12]
59058 [13]
59811 [15]
59058 [16]
59058 [17]
60882 [18]
58149 [19]
59058 [20]
61133 [21]
55331 [22]
59070 [23]
59362 [24]
59626 [25]
Submitted by: linimon [1]
eivind [2]
marcus [3]
trevor [4]
gerald [5]
linimon [6]
eik [7]
eik [8]
jeh [9]
edwin [10]
eik [11]
Sergey Matveychuk <sem@ciam.ru> [12]
eik [13]
trevor gnome [14]
adamw [15]
eik [16]
eik [17]
edwin [18]
clement [19]
eik [20]
edwin lev [21]
Eugene M. Kim <ab@astralblue.com> [22]
eik [23]
linimon [24]
eik [25]
This is a sample script for ${PREFIX}/etc/rc.d that will
wake snort up on boot, and take it down on shutdown. Nothing
fancy here. This is needed, because I'm planning on teaching
ACID many new things, and ACID expects snort to help itself.
There is only one thing that requires thinking here: This
should run only after {MySQL|PostgreSQL} server is up, as
snort might want to report to the local server.
PR: ports/49047
Submitted by: Yonatan@xpert.com <Yonatan@xpert.com>
Approved by: maintainer timeout
The Sourcefire Vulnerability Research Team has learned of an integer
overflow in the Snort stream4 preprocessor used by the Sourcefire
Network Sensor product line. The Snort stream4 preprocessor
(spp_stream4) incorrectly calculates segment size parameters during
stream reassembly for certain sequence number ranges which can lead to
an integer overflow that can be expanded to a heap overflow.
PR: 51106
Submitted by: Sergey A. Osokin <osa@FreeBSD.org.ru>
A buffer overflow has been found in the snort RPC normalization
routines by ISS X-Force. This can cause snort to execute
arbitrary code embedded within sniffed network packets. This
preprocessor is enabled by default.
find its installed ruleset [1]. Install config files by default if there is
not already one present, and remove on deinstall if they are unchanged
from the default.
Submitted by: The Anarcat <anarcat@anarcat.dyndns.org> [1] (based on)
PR: ports/33887 [1]
Also install the complete set of rules files; some were missed in the
last upgrade.
PR: ports/32112 (rules updates)
Submitted by: Rob Simmons <rsimmons@mail.wlcg.com>
