09:42 ale 

pkcs11-gateway is a software that allows you to use a Linux 32-bit PKCS#11
module on FreeBSD i386/amd64.
It consists of a FreeBSD Cryptoki wrapper library that serializes and forwards
PKCS#11 function calls to a Linux server program that dlopen() and use the
real module. The communication between the two components is via a UNIX socket.
pkcs11-gateway is based on the rpc-layer of Gnome Keyring.

- Alex Dupre
ale@FreeBSD.org

07:58 ale 

pkcs11-dump is a small utility to dump PKCS#11 token contents.

WWW:    http://sites.google.com/site/alonbarlev/pkcs11-utilities

19:40 ohauer 

 - remove expired port security/barnyard
 - remove barnyard from security/Makefile

17:12 rene 

Garbage collect expired ports
2011-04-01 accessibility/linux-f8-atk: End of Life since Jan 7, 2009
2011-04-01 archivers/linux-f8-ucl: End of Life since Jan 7, 2009
2011-04-01 archivers/linux-f8-upx: End of Life since Jan 7, 2009
2011-04-01 audio/linux-f8-alsa-lib: End of Life since Jan 7, 2009
2011-04-01 audio/linux-f8-arts: End of Life since Jan 7, 2009
2011-04-01 audio/linux-f8-esound: End of Life since Jan 7, 2009
2011-04-01 audio/linux-f8-freealut: End of Life since Jan 7, 2009
2011-04-01 audio/linux-f8-libaudiofile: End of Life since Jan 7, 2009
2011-04-01 audio/linux-f8-libogg: End of Life since Jan 7, 2009
2011-04-01 audio/linux-f8-libvorbis: End of Life since Jan 7, 2009
2011-04-01 audio/linux-f8-mikmod: End of Life since Jan 7, 2009
2011-04-01 audio/linux-f8-nas-libs: End of Life since Jan 7, 2009
2011-04-01 audio/linux-f8-openal: End of Life since Jan 7, 2009
2011-04-01 audio/linux-f8-sdl_mixer: End of Life since Jan 7, 2009
2011-04-01 databases/linux-f8-sqlite3: End of Life since Jan 7, 2009
2011-04-02 databases/postgresql81-server: EOL see
http://wiki.postgresql.org/wiki/PostgreSQL_Release_Support_Policy
2011-04-02 databases/postgresql73-server: EOL see
http://wiki.postgresql.org/wiki/PostgreSQL_Release_Support_Policy
2011-04-02 databases/postgresql74-server: EOL see
http://wiki.postgresql.org/wiki/PostgreSQL_Release_Support_Policy
2011-04-02 databases/postgresql80-server: EOL see
http://wiki.postgresql.org/wiki/PostgreSQL_Release_Support_Policy
2011-04-01 devel/linux-f8-libglade: End of Life since Jan 7, 2009
2011-04-01 devel/linux-f8-sdl12: End of Life since Jan 7, 2009
2011-04-01 devel/linux-f8-allegro: End of Life since Jan 7, 2009
2011-04-01 devel/linux-f8-libsigc++20: End of Life since Jan 7, 2009
2011-04-01 devel/linux-f8-libglade2: End of Life since Jan 7, 2009
2011-04-01 devel/linux-f8-nspr: End of Life since Jan 7, 2009
2011-04-01 dns/linux-f8-libidn: End of Life since Jan 7, 2009
2011-04-01 emulators/linux_base-f8: End of Life since Jan 7, 2009
2011-04-01 emulators/linux_base-f9: End of Life since Jul 10, 2009
2011-04-01 emulators/linux_base-fc6: End of Life since December 7, 2007
2011-04-01 emulators/linux_base-f7: End of Life since June 13, 2008
2011-04-01 ftp/linux-f8-curl: End of Life since Jan 7, 2009
2011-04-01 graphics/linux-f8-sdl_image: End of Life since Jan 7, 2009
2011-04-01 graphics/linux-f8-ungif: End of Life since Jan 7, 2009
2011-04-01 graphics/linux-f8-imlib: End of Life since Jan 7, 2009
2011-04-01 graphics/linux-f8-cairo: End of Life since Jan 7, 2009
2011-04-01 graphics/linux-f8-dri: End of Life since Jan 7, 2009
2011-04-01 graphics/linux-f8-gdk-pixbuf: End of Life since Jan 7, 2009
2011-04-01 graphics/linux-f8-jpeg: End of Life since Jan 7, 2009
2011-04-01 graphics/linux-f8-png: End of Life since Jan 7, 2009
2011-04-01 graphics/linux-f8-libGLU: End of Life since Jan 7, 2009
2011-04-01 graphics/linux-f8-libmng: End of Life since Jan 7, 2009
2011-04-01 graphics/linux-f8-png10: End of Life since Jan 7, 2009
2011-04-01 graphics/linux-f8-tiff: End of Life since Jan 7, 2009
2011-04-01 lang/linux-f8-libg2c: End of Life since Jan 7, 2009
2011-04-01 lang/linux-f8-tcl84: End of Life since Jan 7, 2009
2011-04-01 multimedia/linux-f8-libtheora: End of Life since Jan 7, 2009
2011-04-02 net-p2p/dcd: No fetch sources and looks like project abandoned
2011-03-31 net/straw: abandoned upstream and does not work with python 2.6+
2011-04-01 security/linux-f8-libssh2: End of Life since Jan 7, 2009
2011-04-01 security/linux-f8-nss: End of Life since Jan 7, 2009
2011-04-01 security/linux-f8-openssl: End of Life since Jan 7, 2009
2011-04-01 textproc/linux-f8-libxml2: End of Life since Jan 7, 2009
2011-04-01 textproc/linux-f8-scim-gtk: End of Life since Jan 7, 2009
2011-04-01 textproc/linux-f8-scim-libs: End of Life since Jan 7, 2009
2011-04-01 textproc/linux-f8-expat: End of Life since Jan 7, 2009
2011-04-01 textproc/linux-f8-libxml: End of Life since Jan 7, 2009
2011-04-01 textproc/linux-f8-aspell: End of Life since Jan 7, 2009
2011-04-01 www/linux-f8-flashplugin10: End of Life since Jan 7, 2009
2011-03-30 www/mediawiki112: abandoned upstream
2011-03-30 www/mediawiki113: abandoned upstream
2011-03-30 www/mediawiki114: abandoned upstream
2011-03-30 www/mediawiki16: abandoned upstream
2011-04-01 x11-fonts/linux-f8-fontconfig: End of Life since Jan 7, 2009
2011-03-01 x11-themes/gnome-icons-cool-gorilla: "no mastersite"
2011-04-01 x11-themes/linux-f8-hicolor-icon-theme: End of Life since Jan 7, 2009
2011-04-01 x11-toolkits/linux-f8-gtk: End of Life since Jan 7, 2009
2011-04-01 x11-toolkits/linux-f8-gtk2: End of Life since Jan 7, 2009
2011-04-01 x11-toolkits/linux-f8-openmotif: End of Life since Jan 7, 2009
2011-04-01 x11-toolkits/linux-f8-pango: End of Life since Jan 7, 2009
2011-04-01 x11-toolkits/linux-f8-qt33: End of Life since Jan 7, 2009
2011-04-01 x11-toolkits/linux-f8-tk84: End of Life since Jan 7, 2009
2011-04-01 x11/linux-f8-xorg-libs: End of Life since Jan 7, 2009

06:07 sunpoet 

- Add create-cert 2.0

create-cert is a script that uses openssl(1) to create self-signed host
certificates and private keys for fully qualified domain names (FQDNs).

PR:             ports/155014
Submitted by:   Craig Leres <leres@ee.lbl.gov>

13:16 miwi 

Get weak or strong random data from pluggable sources

WWW: http://search.cpan.org/dist/Crypt-Random-Source

PR:             ports/155572
Submitted by:   Dereckson <dereckson at gmail.com>

18:04 wxs 

Two new ports: security/yara and security/py-yara. The latter is the python
bindings for the former.

"YARA is a tool aimed at helping malware researchers to identify and classify
malware samples. With YARA you can create descriptions of malware families
based on textual or binary patterns contained on samples of those families.
Each description consists of a set of strings and a Boolean expression which
determines its logic."

WWW: http://code.google.com/p/yara-project/

11:40 dhn 

This module extends existing IO::Async classes with extra methods to
allow the use of SSL or TLS-based connections using IO::Socket::SSL.

WWW:    http://search.cpan.org/dist/IO-Async-SSL/

PR:             ports/155336
Submitted by:   "ports@c0decafe.net" <ports@c0decafe.net>

17:14 miwi 

The OpenVPN Radius Plugin provides RADIUS authentication
and accounting support for OpenVPN.

WWW: http://www.nongnu.org/radiusplugin/index.html

PR:             ports/155259
Submitted by:   Mikhail T. <m.tsatsenko at gmail.com>

10:32 martymac 

Remove extra spaces after port names

Approved by:    portmgr@, ehaupt (mentor)

09:46 miwi 

- Part 1 of python24 removal
        - Clean up bsd.python.mk (remove PYWSGIREF, PYHASHLIB, PYCTYPES and
PYEXPAT) all these is now part of python
          since python25

Remove:
        textproc/py-expat
        devel/py-ctypes
        security/py-hashlib
        www/py-wsgiref

12:08 miwi 

bcrypt() is a sophisticated and secure hash algorithm designed by The OpenBSD
project for hashing passwords. bcrypt-ruby provides a simple, humane wrapper
for safely handling passwords.

WWW: http://rubygems.org/gems/bcrypt-ruby

PR:             ports/153965
Submitted by:   Jason Helfman <jhelfman at experts-exchange.com>
Feature safe:   yes

06:05 wen 

Twofish is a 128-bit symmetric block cipher with a variable key
length (128, 192, or 256 bits) key, developed by Counterpane Labs.
It is unpatented and free for all uses, as described at
http://www.counterpane.com/twofish.html. It has been one of the
five finalists for AES.

This module is written in pure Perl, it should run everywhere
where Perl runs.

WWW:    http://search.cpan.org/dist/Crypt-Twofish_PP/

PR:             ports/154142
Submitted by:   Konstantin Menshikov <kostjnspb@yandex.ru>
Feature safe:   yes

17:32 ehaupt 

Add ssh-copy-id 5.6p1, small script which copy your ssh public-key to a
remote host; appending it to your remote authorized_keys.

Feature safe: yes

01:54 wen 

Honggfuzz is a general-purpose fuzzing tool. Given a starting corpus of test
files, Hongfuzz supplies and modifies input to a test program and utilize the
ptrace() API/POSIX signal interface to detect and log crashes.

WWW:    http://code.google.com/p/honggfuzz/

03:32 mezz 

The x11/libcapplet has been broken for over a year (will be two in June 2011)
and no one has any of interest to fix it. It's an ancient software and
is part of GNOME 1. It's time for us to get rid of some of GNOME 1 stuff as
the GNOME 3 is coming sometimes in 2011. Any ports that required libcappet
are removed and ports that have optional aren't remove.

PR:             ports/153355
Discussed with: My team, FreeBSD GNOME Team
Tested by:      pointyhat-exp (thanks pav!)

14:38 garga 

Remove expired ports:

2011-01-01 audio/emphasis: abandoned upstream
2011-01-01 converters/ecore-txt: abandoned upstream
2011-01-01 deskutils/estickies: abandoned upstream
2011-01-01 devel/ecore-job: abandoned upstream
2011-01-01 devel/engrave: abandoned upstream
2011-01-01 devel/evfs: abandoned upstream
2011-01-01 devel/ruby-ecore: abandoned upstream
2011-01-01 graphics/exhibit: abandoned upstream
2011-01-01 graphics/epsilon: abandoned upstream
2011-01-01 graphics/esmart: abandoned upstream
2011-01-01 graphics/ruby-edje: abandoned upstream
2011-01-01 graphics/ruby-esmart: abandoned upstream
2011-01-01 graphics/ruby-evas: abandoned upstream
2011-01-01 graphics/ruby-redact: abandoned upstream
2011-01-01 multimedia/eclair: abandoned upstream
2011-01-01 security/phpmyid: Development has ceased.
2011-01-01 sysutils/ecore-config: abandoned upstream
2011-01-01 sysutils/extrackt: abandoned upstream
2011-01-01 textproc/exml: abandoned upstream
2011-01-02 www/mod_accesscookie: upstream is gone
2011-01-02 www/mod_vdbh: upstream is gone
2011-01-02 www/mod_auth_any: upstream is gone
2011-01-02 www/mod_log_data: upstream is gone and will be unsupported by ASF
when 2.4.0 is release, migrate to 2.2.x+ now
2011-01-01 x11-fm/entropyfm: abandoned upstream
2011-01-01 x11-themes/e17-splash-fortune: abandoned upstream
2011-01-01 x11-themes/e17-splash-shiny: abandoned upstream
2011-01-01 x11-themes/e17-splash-takara: abandoned upstream
2011-01-01 x11-themes/e17-theme-blue_eyed: abandoned upstream
2011-01-01 x11-themes/e17-theme-dali: abandoned upstream
2011-01-01 x11-themes/e17-theme-gant: abandoned upstream
2011-01-01 x11-themes/e17-theme-japan2007: abandoned upstream
2011-01-01 x11-themes/e17-theme-kor: abandoned upstream
2011-01-01 x11-themes/e17-theme-milky: abandoned upstream
2011-01-01 x11-themes/e17-theme-night_bling: abandoned upstream
2011-01-01 x11-themes/e17-theme-simply_white: abandoned upstream
2011-01-01 x11-themes/e17-splash-azul: abandoned upstream
2011-01-01 x11-themes/e17-splash-blue: abandoned upstream
2011-01-01 x11-themes/e17-splash-clean: abandoned upstream
2011-01-01 x11-themes/e17-splash-logo: abandoned upstream
2011-01-01 x11-toolkits/etk: abandoned upstream
2011-01-01 x11-toolkits/ewl: abandoned upstream
2011-01-01 x11-toolkits/enhance: abandoned upstream
2011-01-01 x11-wm/e17-module-bling: abandoned upstream
2011-01-01 x11-wm/e17-module-mixer: abandoned upstream
2011-01-01 x11-wm/e17-utils: abandoned upstream
2011-01-01 x11/elicit: abandoned upstream
2011-01-01 x11/enity: abandoned upstream
2011-01-01 x11/examine: abandoned upstream
2011-01-01 x11/ecore-desktop: abandoned upstream

21:49 rene 

Garbage collect unmaintained expired ports:
2011-01-01 security/lxnb: Development has ceased, mastersite disappeared
2011-01-01 x11-wm/lxsession-lite: Superseded by x11-wm/lxsession

01:32 nork 

Add tpmmanager 0.8, is an open source TPM (Trusted Platform
Module) management software providing an easy-to-use
graphical user interface.

WWW: http://projects.sirrix.com/trac/tpmmanager

17:35 rene 

Garbage-collect expired ports:
2010-12-30 databases/p5-sqlrelay: broken and upstream disapeared
2010-12-30 devel/php-dbg2: No upstream support
2010-12-30 dns/fourcdns: upstream has disapeared
2010-12-31 emulators/win4bsd: Development has ceased and distfile is no longer
available
2010-12-31 french/mozilla-flp: www/seamonkey port is deprecated. Consider using
the www/firefox-i18n.
2010-12-31 french/xtel: Minitel services will be discontinued at the end of
2010.
2010-12-30 ftp/ftpq: upstream has disapeared
2010-12-30 graphics/paintlib: does not compile with new tiff and no more
maintained upstream
2010-12-30 graphics/g3dviewer: does not build with gcc 4.2, upstream disapeared
2010-12-30 lang/scriba: Does not compile with gcc 4.2+, looks like abandonware
2010-12-30 math/rascal: Broken on every arch since 2008, looks like an
abandonware
2010-12-31 net-mgmt/nrg: Project has vanished. Use cacti instead.
2010-12-31 security/hostsentry: Project is dead.
2010-12-31 sysutils/kcube: Project has vanished
2010-12-31 www/cybercalendar: has been unmaintained since 2001 and is unusable
with dates after 2010 (see ports/150974)
2010-12-31 www/flock: Flock 3 moves from Firefox to Chromium
2010-12-31 www/linux-flock: Flock 3 moves from Firefox to Chromium
2010-12-30 x11-clocks/xtu: Looks like abandonware

Leave java/tya in for now, as it has outstanding PRs.

19:10 nobutaka 

Add log2timeline, a log file parser for computer forensic investigations.

18:50 nobutaka 

Add ssdeep, a tool for computing context triggered piecewise hashes.

18:38 mat 

This module allows to secure connections of POE::Wheel::ReadWrite with OpenSSL
by a POE::Filter object, and behaves (beside of SSLing) as POE::Filter::Stream.

15:29 ale 

Add xml-security port: the Apache Java library for XML Signature and Encryption.

21:32 rene 

Garbage collect old ports:
2010-11-15 archivers/linux-par2cmdline: Native version available
2010-11-15 audio/bmp-musepack: does not build with audio/musepack
2010-11-15 audio/libmpcdec: superseded by audio/musepack
2010-11-15 audio/py-musepack: does not build with audio/musepack
2010-12-01 chinese/chinput3: Development has ceased.
2010-12-01 emulators/dynagen-devel: Please install emulators/dynagen instead
2010-11-24 net-p2p/gift-fasttrack: unmaintained upstream
2010-11-24 net-p2p/gift-gnutella: unmaintained upstream
2010-11-24 net-p2p/gift-openft: unmaintained upstream
2010-11-24 net-p2p/pyslsk: unmantained upstream, use net-p2p/nicotine-plus
2010-11-11 security/pamsfs: SFS is dead, this project is dead, and site is gone
2010-11-10 www/p5-Catalyst-Plugin-CommandLine: The module is not needed any
more. With new Catalyst (at least 5.7014) it works out of the box.

15:37 kwm 

Presenting GNOME 2.32.1 for FreeBSD. The offical release notes for this
release can be found at http://library.gnome.org/misc/release-notes/2.32/

This will be the last release of the GNOME 2.x series, mainly a bugfix and
bridge release to the first release of the GNOME 3.x series.

This release features commits by avl, marcus, mezz and myself.

The FreeBSD GNOME Team would like to thank the following contributors and
testers for there help with this release:

Zane C.B. <vvelox@vvelox.net>
romain@
Olaf Seibert <O.Seibert@cs.ru.nl>
DomiX
Bapt <baptiste.daroussin@gmail.com>
jsa@
miwi@
Sergio de Almeida Lenzi <lenzi.sergio@gmail.com>
Maxim Samsonov <xors@mne.ru>
Kris Moore

And pav@ for 2 exp-runs

PR:             ports/152255
                ports/143260
                ports/141033
                ports/149629
                ports/150350
                ports/151523
With hat:       gnome@

07:28 tota 

- Add a new port: security/rubygem-roauth

  A simple OAuth library that supports OAuth header signing, and header
verifying.

  WWW:  http://github.com/maccman/roauth

10:08 garga 

Remove expired ports:

2010-11-07 devel/libisc: Unlikely to be used...
2010-11-08 emulators/vmware-guestd3: Depends of misc/compat3x, that is
deprecated and set to be removed
2010-11-08 emulators/vmware-tools3: Depends of misc/compat3x, that is deprecated
and set to be removed
2010-10-08 misc/compat3x: "Only FreeBSD 6.4+ are supported in ports"
2010-11-08 misc/bidwatcher: Obsoleted by JBidwatcher and changes at
http://ebay.com
2010-11-08 security/vscan: Depends of misc/compat3x, that is deprecated and set
to be removed
2010-11-08 www/ssserver: Depends of misc/compat3x, that is deprecated and set to
be removed

12:11 nork 

Add openssl_tpm_engine 0.4.1, is a OpenSSL TPM engine.

Obtained from:  http://bsssd.sourceforge.net/

12:10 nork 

Add tpm-tools 1.3.5, provides a basic set of TPM tools.

Obtained from:  http://bsssd.sourceforge.net/

12:07 nork 

Add opencryptoki 2.3.2, is an open PKCS#11 implementation library.

Obtained from:  http://bsssd.sourceforge.net/

12:05 nork 

Add trousers 0.3.6, is a CPL (Common Public License) licensed Trusted
Computing Software Stack.  It is mostly compliant with the TSS 1.2
specification.

Obtained from:  http://bsssd.sourceforge.net/

12:54 garga 

security/samba-vscan just works with samba 3.0, that is gone, so remove it too

17:40 garga 

Remove expired ports

2010-10-15 security/ssh2: abandoned upstream
2010-10-15 security/ssh2-nox11: abandoned upstream

18:23 romain 

gnome-keyring-sharp is a fully managed implementation of libgnome-keyring.

When the gnome-keyring-daemon is running, you can use this to retrieve/store
confidential information such as passwords, notes or network services user
information.

WWW:    http://andrew.jorgensenfamily.us/2008/08/gnome-keyring-sharp/

02:38 pgollucci 

spass is a random password generator written by Guy Rutenberg

WWW:
http://www.guyrutenberg.com/2010/08/13/statistical-tests-for-my-audio-based-random-number-generator/

PR:             ports/150072
Submitted by:   Eitan Adler <ports at eitanadler.com>

02:38 pgollucci 

ccsrch is a tool that searches for and identifies unencrypted and
contiguous credit card numbers (PAN) and track data on windows and
UNIX operating systems. It will also identify the location of the
PAN data in the files and record MAC times.

WWW:    http://ccsrch.sourceforge.net/

PR:             ports/148821
Submitted by:   Pavel I Volkov <pavelivolkov at googlemail.com>

15:31 jmelo 

The Suricata Engine is an Open Source Next Generation Intrusion Detection and
Prevention Engine developed by the Open Information Security Foundation (OISF).

This engine is not intended to just replace or emulate the existing tools in
the industry, but will bring new ideas and technologies to the field.

OISF is part of and funded by the Department of Homeland Security's Directorate
for Science and Technology HOST program (Homeland Open Security Technology),
by the the Navy's Space and Naval Warfare Systems Command (SPAWAR), as well as
through the very generous support of the members of the OISF Consortium.

More information about the Consortium is available, as well as a list of our
current Consortium Members.

The Suricata Engine and the HTP Library are available to use under the GPLv2.

The HTP Library is an HTTP normalizer and parser written by Ivan Ristic of
Mod Security fame for the OISF. This integrates and provides very advanced
processing of HTTP streams for Suricata. The HTP library is required by the
engine but may also be used independently in a range of applications and tools.

WWW: http://openinfosecfoundation.org

PR:             ports/150191
Submitted by:   Patrick Tracanelli <eksffa@freebsdbrasil.com.br>

23:24 pgollucci 

Decrypt the output from the yubikey token

The hardware can be found at

http://www.yubico.com/home/index/

The decryption module does only one thing - decrypt the AES encrypted
OTP from the Yubikey. To this, it requires the OTP, and the AES
key.

Please note - this module does not perform authentication - it is
a required component to decrypt the token first before authentication
can be performed.

WWW: http://search.cpan.org/~massyn/Auth-Yubikey_Decrypter-0.07/

PR:             ports/149802
Submitted by:   Kurt Jaeger <fbsd-ports@opsec.eu>

13:40 pav 

Strongswan is an open source IPsec-based VPN solution.
Strongswan for FreeBSD supports IKEv2 but NOT IKEv1.

WWW: http://www.strongswan.org

PR:             ports/147431
Submitted by:   Riaan Kruger <riaank@gmail.com>

16:28 lwhsu 

Add clamd-stream-client , standalone clamav client.

PR:             ports/149879
Submitted by:   glen.j.barber at gmail.com

09:27 niels 

New port: The BlindElephant Web Application Fingerprinter attempts
to discover the version of a (known) web application by comparing
static files at known locations against precomputed hashes for
versions of those files in all available releases. The technique
is fast, low-bandwidth, non-invasive, generic, and highly automatable.

WWW: http://blindelephant.sourceforge.net/

Approved by:    itetcu (mentor)

13:04 bapt 

Security vulnerability: local root privileges escalation problems

PR:             ports/148911
Submitted by:   Steve Wills <steve _at_ mouf.net> (maintainer)
Approved by:    tabthorpe (mentor)

15:48 jpaetzel 

Add openvpn-beta , secure IP/Ethernet tunnel daemon.

PR:             ports/149620
Submitted by:   Eric F Crist <ecrist at secure-computing.net>

20:51 ohauer 

PR:           146455
Submitted by: Dax Labrador <semprix _at_ bsdmail.org>
Approved by:  glarkin (mentor)

dradis is an open source framework to enable effective information sharing.

dradis is a self-contained web application that provides a centralised
repository of information to keep track of what has been done so far,
and what is still ahead.

Features include:

    * Easy report generation.
    * Support for attachments.
    * Integration with existing systems and
      tools through server plugins.
    * Platform independent.

WWW: http://dradisframework.org/

20:36 dougb 

As previously advertised, remove the old libassuan port now that all
consumers have moved to libassuan 2.0.0, or dropped the dependency

00:31 lx 

Adding ncrack, a network authentication cracking tool from the folks
that brought you nmap.

22:54 araujo 

- Development has been discontinued.

PR:             ports/148261
Submitted by:   Anderson Eduardo <anderson@secover.com.br> (maintainer)
Feature safe:   yes

20:02 araujo 

- The EOL was announced in 2006 and has a lot of security issues.

Feature safe:   yes

00:42 dougb 

Update security/libassuan to version 2.0.0, which is required by gnupg 2.0.15

Unfortunately version 2.0.0 is largely incompatible with version 1.x, so it
is necessary to have a stopgap measure while ports that depend on libassuan
can be updated. In conversation with the maintainers of the dependent ports
it was originally considered ideal to prepare updates for the ports first,
then upgrade everything to libassuan 2.x en masse. Since no action has
arisen on that front, go with plan B:

Copy security/libassuan to security/libassuan-1, and update the dependent
ports accordingly. Because this is (intended to be) a _temporary_ measure,
and because no updates for libassuan 1.x are anticipated, and because the
hope is that it can be removed sooner rather than later, it's a copy instead
of a repocopy.

17:16 wxs 

Add missing shibboleth2-sp entry.

Noticed by:     itetcu@

06:59 miwi 

PBKDF2 is a secure password hashing algorithm that uses the techniques of
"key strengthening" to make the complexity of a brute-force attack arbitrarily
high. PBKDF2 uses any other cryptographic hash or cipher (by convention,
usually HMAC-SHA1, but Crypt::PBKDF2 is fully pluggable), and allows for an
arbitrary number of iterations of the hashing function, and a nearly unlimited
output hash size (up to 2**32 - 1 times the size of the output of the backend
hash). The hash is salted, as any password hash should be, and the salt may
also be of arbitrary size.

See also: RFC2898, PKCS#5 version 2.0: http://tools.ietf.org/html/rfc2898

WWW:    http://search.cpan.org/dist/Crypt-PBKDF2/

PR:             ports/146847
Submitted by:   Victor Popov <v.a.popov at gmail.com>

21:22 miwi 

The update utility is designed to download and save updates and modules
of the Kaspersky Lab's applications into a separate folder.

With the help of the utility you can download updates for selected
Kaspersky Lab's applications installed either in your network or at
a home PC. The utility has a function for saving downloaded updates
and autopatches in a local folder, a network folder connected as a
disc to the computer file system, or onto a flash-carrier.

WWW:    http://support.kaspersky.com/updater?level=2

PR:             ports/147116
Submitted by:   Gvozdikov Veniamin <g.veniamin at googlemail.com>

16:14 miwi 

Perl encrypt stuff simply

WWW:    http://search.cpan.org/dist/Crypt-Simple/

PR:             ports/147284
Submitted by:   Alexander Kriventsov <avk at vl.ru>

15:16 ale 

Quantis is a physical random number generator exploiting
an elementary quantum optics process.

This port contains the user library and a CLI/GUI application
to access such devices.

WWW:    http://www.idquantique.com/

15:16 ale 

Quantis is a physical random number generator exploiting
an elementary quantum optics process.

This port contains the kernel driver to access Quantis
PCI and PCIe devices.

WWW:    http://www.idquantique.com/

21:52 pgj 

Rename the following Haskell ports to bring them in sync with the
HackageDB:

  archivers/hs-zip-archive-ghc -> archivers/hs-zip-archive
  devel/hs-binary-ghc -> devel/hs-binary
  devel/darcs -> devel/hs-darcs
  devel/hs-language-c-ghc -> devel/hs-language-c
  devel/hs-lazysmallcheck-ghc -> devel/hs-lazysmallcheck
  devel/hs-pcre-light-ghc -> devel/hs-pcre-light
  devel/hs-utf8-string-ghc -> devel/hs-utf8-string
  graphics/hs-HGL-ghc -> graphics/hs-HGL
  ports-mgmt/porte -> ports-mgmt/hs-porte
  security/hs-digest-ghc -> security/hs-digest
  textproc/hs-haxml -> textproc/hs-HaXml
  textproc/hs-highlighting-kate-ghc -> textproc/hs-highlighting-kate
  textproc/hs-polyparse-ghc -> textproc/hs-polyparse
  textproc/pandoc -> textproc/hs-pandoc
  x11/hs-x11-ghc -> x11/hs-X11
  x11/hs-x11-xft-ghc -> x11/hs-X11-xft
  x11/xmobar -> x11/hs-xmobar
  x11-toolkits/hs-opengl-ghc -> x11-toolkits/hs-OpenGL
  x11-toolkits/hs-OpenGLRaw-ghc -> x11-toolkits/hs-OpenGLRaw
  x11-toolkits/hs-GLURaw-ghc -> x11-toolkits/hs-GLURaw
  x11-toolkits/hs-glut-ghc -> x11-toolkits/hs-GLUT
  x11-wm/xmonad -> x11-wm/hs-xmonad
  x11-wm/xmonad-contrib -> x11-wm/hs-xmonad-contrib

00:33 wen 

The Tiny Encryption Algorithm in Perl and JavaScript.

WWW:    http://search.cpan.org/~pjb/Crypt-Tea/

PR:             ports/145303
Submitted by:   Steve Wills <steve@mouf.net>

21:19 kwm 

Presenting GNOME 2.30.1 for FreeBSD. The offical release notes for this
release can be found at http://library.gnome.org/misc/release-notes/2.30/ .

This release brings initial PackageKit support, Upower (replaces power
management part of hal), cuse4bsd integration with HAL and cheese, and a
faster Evolution.

Sadly GNOME 2.30.x will be the last release with FreeBSD 6.X support. This
will also be the last of the 2.x releases. The next release will be the
highly-anticipated GNOME 3.0 which will bring with it a new UI experience.

Currently, there are a few bugs with GNOME 2.30 that may be of note for our
users. Be sure to consult the UPGRADING note or the 2.30 upgrade FAQ at
http://www.freebsd.org/gnome/docs/faq230.html for specific upgrading
instructions, and the up-to-date list of known issues.

This release features commits by avl, ahze, bland, marcus, mezz, and myself.

The FreeBSD GNOME Team would like to thank Anders F Bjorklund for doing the
initual packagekit porting.

And the following contributors & testers for there help with this release:
Eric L. Chen
Vladimir Grebenschikov
Sergio de Almeida Lenzi
DomiX
walder
crsd
Kevin Oberman
Michal Varga
Pavel Plesov
Bapt
kevin

and ITetcu for two exp-run

PR:     ports/143852
        ports/145347
        ports/144980
        ports/145830
        ports/145511

05:53 miwi 

This is a adaptation of pam_chroot to BSD jails : it dropps users in jails
after login.

PR:             ports/145302
Submitted by:   Damien Bobillot

02:53 miwi 

pulledpork is a Perl script which helps to update your Snort 2.8+ rules.

The sample config file comes predefined with the new settings for
snort.org downloads, which will change in June 2010.

BE SURE to read through the master pulledpork.conf file thoroughly,
as there are many changes as of snort 2.8.6.0 that WILL affect you,
even if you are NOT yet running 2.8.6.0!

Features:
    * Flowbit tracking!
    * capability to specify base ruleset (see README.RULESETS) in master
      pulledpork.conf file.
    * Handle preprocessor and sensitive-information rulesets
    * Ability to define sid ranges in any of the sid modification .conf files
    * Ability to specify references in any of the sid modification .conf files
    * Ability to ignore entire rule categories (i.e. not include them)
    * Specify locally stored rules files that need their meta data included
      in sid-msg.map
    * Ability to specify your arch for so_rules
    * Rules are written to only two distinct files
    * Support metadata based VRT recommended rulesets
    * Maintain an optional rule changelog
    * Support for setting rules to Drop
    * Support for multi-line rules
    * Rule modification, i.e. disabling of specific rules within rule sets
    * Outputs changes in rules files if any rules have been added / modified
    * Compares new rules files with current rule sets
    * Automated retrieval of certain variables (Distro, Snort Version.. etc)
    * Downloads latest rules file
    * Verifies MD5 of local rules file
    * If MD5 has not changed from snort.org.. doesn't fetch files again
    * handle both rules and so_rules
    * Capability to generate stub files

WWW: http://code.google.com/p/pulledpork/

PR:             ports/146239
Submitted by:   Olli Hauer

13:08 tobez 

Add security/p5-Crypt-CAST5 0.05, a Perl module that implements
CAST5 block cipher.

03:36 cy 

Welcome the new fwbuilder-devel and libfwbuilder-devel ports.

10:45 miwi 

2010-04-30 audio/py-flac: has been marked IGNORE for past 24 months
2010-02-20 databases/mysql-connector-java50: Old version: please use
databases/mysql-connector-java instead
2010-04-15 databases/p5-DBIx-Class-HTML-FormFu: This module is obsoleted by
www/p5-HTML-FormFu-Model-DBIC
2010-04-29 devel/py-rbtree: "does not build with new pyrex and it's not active
maintained"
2010-04-08 devel/tavrasm: No longer maintained, use devel/avra instead
2010-04-27 mail/postfix23: it's no longer maintened by upstream developer
2010-04-30 math/libgmp4: Use math/gmp instead.
2010-04-04 misc/ezload: does not build with new USB stack in 8-STABLE
2010-01-31 misc/gkrellmbgchg: use misc/gkrellmbgchg2
2010-03-04 multimedia/kbtv: no longer under development by author
2010-02-16 net/plb: broken; abandoned by author; use net/relayd or www/nginx
instead
2010-04-30 security/vpnd: This software is no longer developed
2010-03-15 textproc/isearch: abandoned upstream, uses an obsolete version of
GCC, not used by any other port
2010-04-02 www/caudium12: No longer maintained upstream, please switch to
www/caudium14
2010-03-08 www/p5-Catalyst-Plugin-Cache-FileCache: Deprecated by module author
in favor of www/p5-Catalyst-Plugin-Cache

03:29 cy 

Krb5-17 has been merged into krb5 and a new krb5-appl has been repocopied
from krb5-l7. The old krb5-17 port has been removed. All this is in
preparation for the krb5 1.8.1 commit.

PR:             145968

16:19 dinoex 

- PHP 5.2 slave port
PR:             145772
Submitted by:   Alex Keda

16:05 dinoex 

- PHP 5.2 slave port
PR:             145772
Submitted by:   Alex Keda

16:02 dinoex 

- PHP 5.2 slave port
PR:             145772
Submitted by:   Alex Keda

15:49 dinoex 

- PHP 5.2 slave port
PR:             145772
Submitted by:   Alex Keda

15:40 dinoex 

- PHP 5.2 slave port
PR:             145772
Submitted by:   Alex Keda

21:12 niels 

JBroFuzz is a web application fuzzer for requests being made over
HTTP or HTTPS. Its purpose is to provide a single, portable application
that offers stable web protocol fuzzing capabilities.

WWW: http://www.owasp.org/index.php/Category:OWASP_JBroFuzz

Approved by:    itetcu (mentor)

11:12 niels 

New port: Fuzzdb is a comprehensive set of fuzzing patterns that
can be used during discovery or security testing of web applications.

WWW: http://code.google.com/p/fuzzdb/

Approved by:    itetcu (mentor)

07:38 niels 

New port: WhatWeb can be used to detect the software packages that
are used for a website. It can detect content management systems
(CMS), blogging platforms, stats/analytics packages, javascript
libraries, servers, etc..

WWW: http://www.morningstarsecurity.com/research/whatweb

Approved by:    itetcu (mentor)

09:34 ale 

Update to PHP 5.3.2 release!

16:45 amdmi3 

- Remove nmap-i18n-man - security/nmap now comes with translated manual pages

PR:             145439
Submitted by:   Daniel Roethlisberger <daniel@roe.ch> (maintainer)

22:13 miwi 

Python-otr is a set of python bindings for libotr. This gives
developers the flexibility to implement OTR encryption for
their python-based Instant Messaging clients.

WWW: http://python-otr.pentabarf.de/

Submitted by:   Frank Steinborn <steinex at nognu.de>

06:43 niels 

skipfish is a high-performance, easy, and sophisticated Web application
security testing tool. It features a single-threaded multiplexing
HTTP stack, heuristic detection of obscure Web frameworks, and
advanced, differential security checks capable of detecting blind
injection vulnerabilities, stored XSS, and so forth.

PR:     ports/144942
Submitted by:   Ryan Steinmetz <rpsfa@rit.edu>
Approved by:    itetcu (mentor)
WWW:    http://code.google.com/p/skipfish/

22:07 niels 

OWASP WebScarab is aframework for analysing HTTP and HTTPS web application
traffic

Approved by:    itetcu (mentor)
WWW:    http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project

22:34 miwi 

The clamav-unofficial-sigs script provides the capability to download, test,
and update the third-party ClamAV signature databases provided by
Sanesecurity, SecuriteInfo, MalwarePatrol, OITC, INetMsg and ScamNailer.

PR:             ports/144509
Submitted by:   Marko Njezic <sf at maxempire.com>

21:52 niels 

OWASP DirBuster is a multi threaded java application designed to
brute force directories and files names on web/application servers.

Approved by:    itetcu (mentor)
Feature safe:   yes
WWW:    http://www.owasp.org/index.php/Category:OWASP_DirBuster_Project

22:03 niels 

Burp Suite is an integrated platform for testing web applications

PR:     ports/144150
Submitted by:   niels
Approved by:    itetcu (mentor)
WWW:    http://www.portswigger.net/suite/

12:22 mandree 

Revive openvpn-devel port and pass maintainership to Eric F. Christ.

NOTE that the port is more of a development snapshot than it used to be,
so it should be used SOLELY for testing and development, NOT IN PRODUCTION.

PR: ports/144115
Approved by: mandree@ (previous maintainer)
Approved by: garga@ (mentor)
Feature safe: yes

13:43 miwi 

NmapSi4 is a complete Qt-based Gui with the design goals to provide a complete
nmap interface for Users, in order to management all options of this powerful
security net scanner!

WWW:    http://www.nmapsi4.org

PR:             ports/142118
Submitted by:   Gvozdikov Veniamin <g.veniamin at googlemail.com>

01:59 miwi 

2010-01-08 x11-toolkits/gtkada-gps: has been broken for 3 months
2010-01-08 x11-fm/velocity: has been broken for 7 months
2010-01-08 x11-drivers/xf86-video-nsc: has been broken for 5 months
2010-01-08 www/rubygem-merb: has been broken for 5 months
2010-01-08 security/shibboleth-sp: has been broken for 3 months

20:46 wxs 

isolate runs processes in a chroot-ed environment, with constrained resource
limits, as a random UID, and with limited access to the X server

WWW:    http://code.google.com/p/isolate/

PR:             ports/142350
Submitted by:   Steve Wills <steve@mouf.net>

06:02 amdmi3 

- Fix sorting and minor cleanups in category Makefiles

14:52 glarkin 

Provide a fast way to delete entries from OpenSSH's known_hosts
file. This is a simple automation of the things normally done by
the user when having an "offending key" in his/her known_hosts file
caused by a changing host key of the destination.

WWW:    http://unssh.sourceforge.net/

PR:             ports/137254
Submitted by:   Dax Labrador <semprix at bsdmail.org>

11:31 olgeni 

Add cl-md5-clisp, a native MD5 implementation in Common Lisp (CLISP
binaries).

11:30 olgeni 

Add cl-md5-sbcl, a native MD5 implementation in Common Lisp (SBCL
binaries).

11:28 olgeni 

Add cl-md5, a native MD5 implementation in Common Lisp.

23:27 pgj 

This Haskell library implements the SHA suite of message digest
functions, according to NIST FIPS 180-2 (with the SHA-224 addendum), as
well as the SHA-based HMAC routines. The functions have been tested
against most of the NIST and RFC test vectors for the various functions.
While some attention has been paid to performance, these do not
presently reach the speed of well-tuned libraries, like OpenSSL.

WWW: http://hackage.haskell.org/package/SHA

16:47 mandree 

Move security/openvpn to security/openvpn20 (after previous repocopy).
Update security/openvpn20 to 2.0.9, revising pkg-message.

Move security/openvpn-devel to security/openvpn and
update security/openvpn to 2.1.1.

Remove security/openvpn-devel, adding a MOVED entry.

Update security/Makefile to remove openvpn-devel and add openvpn20 to
SUBDIRS.

Add a UPDATING entry for this shuffle.  Currently without upgrade
instructions since neither portupgrade nor portmaster are up to the
task (because of the CONFLICTS).

Approved by:  garga@ (mentor)

12:23 miwi 

PAM module which permits authentication for arbitrary services via
ssh-agent. Written with sudo in mind, but like any auth PAM module,
can be used for for many purposes.

WWW: http://pamsshagentauth.sourceforge.net/

10:31 miwi 

SoftHSM is an implementation of a cryptographic store accessible
through a PKCS #11 interface. You can use it to explore PKCS #11
without having a Hardware Security Module. It is being developed
as a part of the OpenDNSSEC project. SoftHSM uses Botan for its
cryptographic operations.

WWW: http://www.opendnssec.org/

PR:             ports/141932
Submitted by:   Jaap Akkerhuis <jaap at NLnetLabs.nl

20:38 miwi 

misc/bsdiff||2009-12-24|Incorporated into base system long ago
security/freebsd-update||2009-12-24|Incorporated into base system long ago
sysutils/est||2009-12-24|Incorporated into base system long ago
sysutils/estctrl||2009-12-24|Incorporated into base system long ago
sysutils/freebsd-sha1||2009-12-24|Incorporated into base system long ago
sysutils/freebsd-sha256||2009-12-24|Incorporated into base system long ago

08:26 wen 

The Net_Portscan package allows one to perform basic portscanning
functions with PHP. It supports checking an individual port or
checking a whole range of ports on a machine.

WWW: http://pear.php.net/package/Net-Portscan/

08:48 cy 

Add sudosh3.

16:29 garga 

Remove security/pfw, it's no longer maintainer by author

12:32 dinoex 

PolarSSL is a light-weight open source cryptographic and SSL/TLS library
written in C. PolarSSL is written with embedded systems in mind and has
been ported on a number of architectures, including ARM, PowerPC, MIPS
and Motorola 68000.

Features include:
 * Small memory footprint
 * Clean and simple API for integration
 * Loose coupling of cryptographic code.
 * Symmetric encryption algorithms: AES, Triple-DES, DES, ARC4, Camellia, XTEA
 * Hash algorithms: MD2, MD4, MD5, SHA-1, SHA-224, SHA-256, SHA-384, SHA-512
 * HAVEGE random number generator
 * RSA with PKCS#1 v1.5 padding
 * SSL version 3 and TLS version 1 client support
 * X.509 certificate and CRL reading from memory or disk in PEM and DER formats
 * Over 900 regression and code coverage tests
 * Example applications

LICENSE: GPL2

WWW: http://polarssl.org/

12:31 dinoex 

Cyassl is an embedded SSL Library for programmers building security
functionality into their applications and devices.

Features
  SSL version 3 and TLS versions 1, 1.1 and 1.2 (client and server)
  Minimum size of 60-100kb, depending on build options
  Runtime memory usage between 5-50kb
  DTLS support (client and server)
  OpenSSL compatibility layer
  zlib compression support
  integration in MySQL, stunnel, Lighttpd availible.
  MD2, MD4, MD5, SHA-1, RIPEMD, HMAC, DES, 3DES, AES, ARC4, TWOFISH, BLOWFISH,
  RSA, DSS, DH, and PKCS#5 PBKDF2
  ia32 assembly for AES, 3DES, BLOWFISH, TWOFISH, ARC4, MD5, SHA, and RIPEMD
  SSE2 instructions for Large Integers
  Simple API
  Interchangeable crypto and certificate libraries
  PEM and DER certificate support
  Very fast

LICENSE: GPL2 with FOSS extension

WWW: http://www.yassl.com/