15:37 kwm 

Presenting GNOME 2.32.1 for FreeBSD. The offical release notes for this
release can be found at http://library.gnome.org/misc/release-notes/2.32/

This will be the last release of the GNOME 2.x series, mainly a bugfix and
bridge release to the first release of the GNOME 3.x series.

This release features commits by avl, marcus, mezz and myself.

The FreeBSD GNOME Team would like to thank the following contributors and
testers for there help with this release:

Zane C.B. <vvelox@vvelox.net>
romain@
Olaf Seibert <O.Seibert@cs.ru.nl>
DomiX
Bapt <baptiste.daroussin@gmail.com>
jsa@
miwi@
Sergio de Almeida Lenzi <lenzi.sergio@gmail.com>
Maxim Samsonov <xors@mne.ru>
Kris Moore

And pav@ for 2 exp-runs

PR:             ports/152255
                ports/143260
                ports/141033
                ports/149629
                ports/150350
                ports/151523
With hat:       gnome@

07:28 tota 

- Add a new port: security/rubygem-roauth

  A simple OAuth library that supports OAuth header signing, and header
verifying.

  WWW:  http://github.com/maccman/roauth

10:08 garga 

Remove expired ports:

2010-11-07 devel/libisc: Unlikely to be used...
2010-11-08 emulators/vmware-guestd3: Depends of misc/compat3x, that is
deprecated and set to be removed
2010-11-08 emulators/vmware-tools3: Depends of misc/compat3x, that is deprecated
and set to be removed
2010-10-08 misc/compat3x: "Only FreeBSD 6.4+ are supported in ports"
2010-11-08 misc/bidwatcher: Obsoleted by JBidwatcher and changes at
http://ebay.com
2010-11-08 security/vscan: Depends of misc/compat3x, that is deprecated and set
to be removed
2010-11-08 www/ssserver: Depends of misc/compat3x, that is deprecated and set to
be removed

12:11 nork 

Add openssl_tpm_engine 0.4.1, is a OpenSSL TPM engine.

Obtained from:  http://bsssd.sourceforge.net/

12:10 nork 

Add tpm-tools 1.3.5, provides a basic set of TPM tools.

Obtained from:  http://bsssd.sourceforge.net/

12:07 nork 

Add opencryptoki 2.3.2, is an open PKCS#11 implementation library.

Obtained from:  http://bsssd.sourceforge.net/

12:05 nork 

Add trousers 0.3.6, is a CPL (Common Public License) licensed Trusted
Computing Software Stack.  It is mostly compliant with the TSS 1.2
specification.

Obtained from:  http://bsssd.sourceforge.net/

12:54 garga 

security/samba-vscan just works with samba 3.0, that is gone, so remove it too

17:40 garga 

Remove expired ports

2010-10-15 security/ssh2: abandoned upstream
2010-10-15 security/ssh2-nox11: abandoned upstream

18:23 romain 

gnome-keyring-sharp is a fully managed implementation of libgnome-keyring.

When the gnome-keyring-daemon is running, you can use this to retrieve/store
confidential information such as passwords, notes or network services user
information.

WWW:    http://andrew.jorgensenfamily.us/2008/08/gnome-keyring-sharp/

02:38 pgollucci 

spass is a random password generator written by Guy Rutenberg

WWW:
http://www.guyrutenberg.com/2010/08/13/statistical-tests-for-my-audio-based-random-number-generator/

PR:             ports/150072
Submitted by:   Eitan Adler <ports at eitanadler.com>

02:38 pgollucci 

ccsrch is a tool that searches for and identifies unencrypted and
contiguous credit card numbers (PAN) and track data on windows and
UNIX operating systems. It will also identify the location of the
PAN data in the files and record MAC times.

WWW:    http://ccsrch.sourceforge.net/

PR:             ports/148821
Submitted by:   Pavel I Volkov <pavelivolkov at googlemail.com>

15:31 jmelo 

The Suricata Engine is an Open Source Next Generation Intrusion Detection and
Prevention Engine developed by the Open Information Security Foundation (OISF).

This engine is not intended to just replace or emulate the existing tools in
the industry, but will bring new ideas and technologies to the field.

OISF is part of and funded by the Department of Homeland Security's Directorate
for Science and Technology HOST program (Homeland Open Security Technology),
by the the Navy's Space and Naval Warfare Systems Command (SPAWAR), as well as
through the very generous support of the members of the OISF Consortium.

More information about the Consortium is available, as well as a list of our
current Consortium Members.

The Suricata Engine and the HTP Library are available to use under the GPLv2.

The HTP Library is an HTTP normalizer and parser written by Ivan Ristic of
Mod Security fame for the OISF. This integrates and provides very advanced
processing of HTTP streams for Suricata. The HTP library is required by the
engine but may also be used independently in a range of applications and tools.

WWW: http://openinfosecfoundation.org

PR:             ports/150191
Submitted by:   Patrick Tracanelli <eksffa@freebsdbrasil.com.br>

23:24 pgollucci 

Decrypt the output from the yubikey token

The hardware can be found at

http://www.yubico.com/home/index/

The decryption module does only one thing - decrypt the AES encrypted
OTP from the Yubikey. To this, it requires the OTP, and the AES
key.

Please note - this module does not perform authentication - it is
a required component to decrypt the token first before authentication
can be performed.

WWW: http://search.cpan.org/~massyn/Auth-Yubikey_Decrypter-0.07/

PR:             ports/149802
Submitted by:   Kurt Jaeger <fbsd-ports@opsec.eu>

13:40 pav 

Strongswan is an open source IPsec-based VPN solution.
Strongswan for FreeBSD supports IKEv2 but NOT IKEv1.

WWW: http://www.strongswan.org

PR:             ports/147431
Submitted by:   Riaan Kruger <riaank@gmail.com>

16:28 lwhsu 

Add clamd-stream-client , standalone clamav client.

PR:             ports/149879
Submitted by:   glen.j.barber at gmail.com

09:27 niels 

New port: The BlindElephant Web Application Fingerprinter attempts
to discover the version of a (known) web application by comparing
static files at known locations against precomputed hashes for
versions of those files in all available releases. The technique
is fast, low-bandwidth, non-invasive, generic, and highly automatable.

WWW: http://blindelephant.sourceforge.net/

Approved by:    itetcu (mentor)

13:04 bapt 

Security vulnerability: local root privileges escalation problems

PR:             ports/148911
Submitted by:   Steve Wills <steve _at_ mouf.net> (maintainer)
Approved by:    tabthorpe (mentor)

15:48 jpaetzel 

Add openvpn-beta , secure IP/Ethernet tunnel daemon.

PR:             ports/149620
Submitted by:   Eric F Crist <ecrist at secure-computing.net>

20:51 ohauer 

PR:           146455
Submitted by: Dax Labrador <semprix _at_ bsdmail.org>
Approved by:  glarkin (mentor)

dradis is an open source framework to enable effective information sharing.

dradis is a self-contained web application that provides a centralised
repository of information to keep track of what has been done so far,
and what is still ahead.

Features include:

    * Easy report generation.
    * Support for attachments.
    * Integration with existing systems and
      tools through server plugins.
    * Platform independent.

WWW: http://dradisframework.org/

20:36 dougb 

As previously advertised, remove the old libassuan port now that all
consumers have moved to libassuan 2.0.0, or dropped the dependency

00:31 lx 

Adding ncrack, a network authentication cracking tool from the folks
that brought you nmap.

22:54 araujo 

- Development has been discontinued.

PR:             ports/148261
Submitted by:   Anderson Eduardo <anderson@secover.com.br> (maintainer)
Feature safe:   yes

20:02 araujo 

- The EOL was announced in 2006 and has a lot of security issues.

Feature safe:   yes

00:42 dougb 

Update security/libassuan to version 2.0.0, which is required by gnupg 2.0.15

Unfortunately version 2.0.0 is largely incompatible with version 1.x, so it
is necessary to have a stopgap measure while ports that depend on libassuan
can be updated. In conversation with the maintainers of the dependent ports
it was originally considered ideal to prepare updates for the ports first,
then upgrade everything to libassuan 2.x en masse. Since no action has
arisen on that front, go with plan B:

Copy security/libassuan to security/libassuan-1, and update the dependent
ports accordingly. Because this is (intended to be) a _temporary_ measure,
and because no updates for libassuan 1.x are anticipated, and because the
hope is that it can be removed sooner rather than later, it's a copy instead
of a repocopy.

17:16 wxs 

Add missing shibboleth2-sp entry.

Noticed by:     itetcu@

06:59 miwi 

PBKDF2 is a secure password hashing algorithm that uses the techniques of
"key strengthening" to make the complexity of a brute-force attack arbitrarily
high. PBKDF2 uses any other cryptographic hash or cipher (by convention,
usually HMAC-SHA1, but Crypt::PBKDF2 is fully pluggable), and allows for an
arbitrary number of iterations of the hashing function, and a nearly unlimited
output hash size (up to 2**32 - 1 times the size of the output of the backend
hash). The hash is salted, as any password hash should be, and the salt may
also be of arbitrary size.

See also: RFC2898, PKCS#5 version 2.0: http://tools.ietf.org/html/rfc2898

WWW:    http://search.cpan.org/dist/Crypt-PBKDF2/

PR:             ports/146847
Submitted by:   Victor Popov <v.a.popov at gmail.com>

21:22 miwi 

The update utility is designed to download and save updates and modules
of the Kaspersky Lab's applications into a separate folder.

With the help of the utility you can download updates for selected
Kaspersky Lab's applications installed either in your network or at
a home PC. The utility has a function for saving downloaded updates
and autopatches in a local folder, a network folder connected as a
disc to the computer file system, or onto a flash-carrier.

WWW:    http://support.kaspersky.com/updater?level=2

PR:             ports/147116
Submitted by:   Gvozdikov Veniamin <g.veniamin at googlemail.com>

16:14 miwi 

Perl encrypt stuff simply

WWW:    http://search.cpan.org/dist/Crypt-Simple/

PR:             ports/147284
Submitted by:   Alexander Kriventsov <avk at vl.ru>

15:16 ale 

Quantis is a physical random number generator exploiting
an elementary quantum optics process.

This port contains the user library and a CLI/GUI application
to access such devices.

WWW:    http://www.idquantique.com/

15:16 ale 

Quantis is a physical random number generator exploiting
an elementary quantum optics process.

This port contains the kernel driver to access Quantis
PCI and PCIe devices.

WWW:    http://www.idquantique.com/

21:52 pgj 

Rename the following Haskell ports to bring them in sync with the
HackageDB:

  archivers/hs-zip-archive-ghc -> archivers/hs-zip-archive
  devel/hs-binary-ghc -> devel/hs-binary
  devel/darcs -> devel/hs-darcs
  devel/hs-language-c-ghc -> devel/hs-language-c
  devel/hs-lazysmallcheck-ghc -> devel/hs-lazysmallcheck
  devel/hs-pcre-light-ghc -> devel/hs-pcre-light
  devel/hs-utf8-string-ghc -> devel/hs-utf8-string
  graphics/hs-HGL-ghc -> graphics/hs-HGL
  ports-mgmt/porte -> ports-mgmt/hs-porte
  security/hs-digest-ghc -> security/hs-digest
  textproc/hs-haxml -> textproc/hs-HaXml
  textproc/hs-highlighting-kate-ghc -> textproc/hs-highlighting-kate
  textproc/hs-polyparse-ghc -> textproc/hs-polyparse
  textproc/pandoc -> textproc/hs-pandoc
  x11/hs-x11-ghc -> x11/hs-X11
  x11/hs-x11-xft-ghc -> x11/hs-X11-xft
  x11/xmobar -> x11/hs-xmobar
  x11-toolkits/hs-opengl-ghc -> x11-toolkits/hs-OpenGL
  x11-toolkits/hs-OpenGLRaw-ghc -> x11-toolkits/hs-OpenGLRaw
  x11-toolkits/hs-GLURaw-ghc -> x11-toolkits/hs-GLURaw
  x11-toolkits/hs-glut-ghc -> x11-toolkits/hs-GLUT
  x11-wm/xmonad -> x11-wm/hs-xmonad
  x11-wm/xmonad-contrib -> x11-wm/hs-xmonad-contrib

00:33 wen 

The Tiny Encryption Algorithm in Perl and JavaScript.

WWW:    http://search.cpan.org/~pjb/Crypt-Tea/

PR:             ports/145303
Submitted by:   Steve Wills <steve@mouf.net>

21:19 kwm 

Presenting GNOME 2.30.1 for FreeBSD. The offical release notes for this
release can be found at http://library.gnome.org/misc/release-notes/2.30/ .

This release brings initial PackageKit support, Upower (replaces power
management part of hal), cuse4bsd integration with HAL and cheese, and a
faster Evolution.

Sadly GNOME 2.30.x will be the last release with FreeBSD 6.X support. This
will also be the last of the 2.x releases. The next release will be the
highly-anticipated GNOME 3.0 which will bring with it a new UI experience.

Currently, there are a few bugs with GNOME 2.30 that may be of note for our
users. Be sure to consult the UPGRADING note or the 2.30 upgrade FAQ at
http://www.freebsd.org/gnome/docs/faq230.html for specific upgrading
instructions, and the up-to-date list of known issues.

This release features commits by avl, ahze, bland, marcus, mezz, and myself.

The FreeBSD GNOME Team would like to thank Anders F Bjorklund for doing the
initual packagekit porting.

And the following contributors & testers for there help with this release:
Eric L. Chen
Vladimir Grebenschikov
Sergio de Almeida Lenzi
DomiX
walder
crsd
Kevin Oberman
Michal Varga
Pavel Plesov
Bapt
kevin

and ITetcu for two exp-run

PR:     ports/143852
        ports/145347
        ports/144980
        ports/145830
        ports/145511

05:53 miwi 

This is a adaptation of pam_chroot to BSD jails : it dropps users in jails
after login.

PR:             ports/145302
Submitted by:   Damien Bobillot

02:53 miwi 

pulledpork is a Perl script which helps to update your Snort 2.8+ rules.

The sample config file comes predefined with the new settings for
snort.org downloads, which will change in June 2010.

BE SURE to read through the master pulledpork.conf file thoroughly,
as there are many changes as of snort 2.8.6.0 that WILL affect you,
even if you are NOT yet running 2.8.6.0!

Features:
    * Flowbit tracking!
    * capability to specify base ruleset (see README.RULESETS) in master
      pulledpork.conf file.
    * Handle preprocessor and sensitive-information rulesets
    * Ability to define sid ranges in any of the sid modification .conf files
    * Ability to specify references in any of the sid modification .conf files
    * Ability to ignore entire rule categories (i.e. not include them)
    * Specify locally stored rules files that need their meta data included
      in sid-msg.map
    * Ability to specify your arch for so_rules
    * Rules are written to only two distinct files
    * Support metadata based VRT recommended rulesets
    * Maintain an optional rule changelog
    * Support for setting rules to Drop
    * Support for multi-line rules
    * Rule modification, i.e. disabling of specific rules within rule sets
    * Outputs changes in rules files if any rules have been added / modified
    * Compares new rules files with current rule sets
    * Automated retrieval of certain variables (Distro, Snort Version.. etc)
    * Downloads latest rules file
    * Verifies MD5 of local rules file
    * If MD5 has not changed from snort.org.. doesn't fetch files again
    * handle both rules and so_rules
    * Capability to generate stub files

WWW: http://code.google.com/p/pulledpork/

PR:             ports/146239
Submitted by:   Olli Hauer

13:08 tobez 

Add security/p5-Crypt-CAST5 0.05, a Perl module that implements
CAST5 block cipher.

03:36 cy 

Welcome the new fwbuilder-devel and libfwbuilder-devel ports.

10:45 miwi 

2010-04-30 audio/py-flac: has been marked IGNORE for past 24 months
2010-02-20 databases/mysql-connector-java50: Old version: please use
databases/mysql-connector-java instead
2010-04-15 databases/p5-DBIx-Class-HTML-FormFu: This module is obsoleted by
www/p5-HTML-FormFu-Model-DBIC
2010-04-29 devel/py-rbtree: "does not build with new pyrex and it's not active
maintained"
2010-04-08 devel/tavrasm: No longer maintained, use devel/avra instead
2010-04-27 mail/postfix23: it's no longer maintened by upstream developer
2010-04-30 math/libgmp4: Use math/gmp instead.
2010-04-04 misc/ezload: does not build with new USB stack in 8-STABLE
2010-01-31 misc/gkrellmbgchg: use misc/gkrellmbgchg2
2010-03-04 multimedia/kbtv: no longer under development by author
2010-02-16 net/plb: broken; abandoned by author; use net/relayd or www/nginx
instead
2010-04-30 security/vpnd: This software is no longer developed
2010-03-15 textproc/isearch: abandoned upstream, uses an obsolete version of
GCC, not used by any other port
2010-04-02 www/caudium12: No longer maintained upstream, please switch to
www/caudium14
2010-03-08 www/p5-Catalyst-Plugin-Cache-FileCache: Deprecated by module author
in favor of www/p5-Catalyst-Plugin-Cache

03:29 cy 

Krb5-17 has been merged into krb5 and a new krb5-appl has been repocopied
from krb5-l7. The old krb5-17 port has been removed. All this is in
preparation for the krb5 1.8.1 commit.

PR:             145968

16:19 dinoex 

- PHP 5.2 slave port
PR:             145772
Submitted by:   Alex Keda

16:05 dinoex 

- PHP 5.2 slave port
PR:             145772
Submitted by:   Alex Keda

16:02 dinoex 

- PHP 5.2 slave port
PR:             145772
Submitted by:   Alex Keda

15:49 dinoex 

- PHP 5.2 slave port
PR:             145772
Submitted by:   Alex Keda

15:40 dinoex 

- PHP 5.2 slave port
PR:             145772
Submitted by:   Alex Keda

21:12 niels 

JBroFuzz is a web application fuzzer for requests being made over
HTTP or HTTPS. Its purpose is to provide a single, portable application
that offers stable web protocol fuzzing capabilities.

WWW: http://www.owasp.org/index.php/Category:OWASP_JBroFuzz

Approved by:    itetcu (mentor)

11:12 niels 

New port: Fuzzdb is a comprehensive set of fuzzing patterns that
can be used during discovery or security testing of web applications.

WWW: http://code.google.com/p/fuzzdb/

Approved by:    itetcu (mentor)

07:38 niels 

New port: WhatWeb can be used to detect the software packages that
are used for a website. It can detect content management systems
(CMS), blogging platforms, stats/analytics packages, javascript
libraries, servers, etc..

WWW: http://www.morningstarsecurity.com/research/whatweb

Approved by:    itetcu (mentor)

09:34 ale 

Update to PHP 5.3.2 release!

16:45 amdmi3 

- Remove nmap-i18n-man - security/nmap now comes with translated manual pages

PR:             145439
Submitted by:   Daniel Roethlisberger <daniel@roe.ch> (maintainer)

22:13 miwi 

Python-otr is a set of python bindings for libotr. This gives
developers the flexibility to implement OTR encryption for
their python-based Instant Messaging clients.

WWW: http://python-otr.pentabarf.de/

Submitted by:   Frank Steinborn <steinex at nognu.de>

06:43 niels 

skipfish is a high-performance, easy, and sophisticated Web application
security testing tool. It features a single-threaded multiplexing
HTTP stack, heuristic detection of obscure Web frameworks, and
advanced, differential security checks capable of detecting blind
injection vulnerabilities, stored XSS, and so forth.

PR:     ports/144942
Submitted by:   Ryan Steinmetz <rpsfa@rit.edu>
Approved by:    itetcu (mentor)
WWW:    http://code.google.com/p/skipfish/

22:07 niels 

OWASP WebScarab is aframework for analysing HTTP and HTTPS web application
traffic

Approved by:    itetcu (mentor)
WWW:    http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project

22:34 miwi 

The clamav-unofficial-sigs script provides the capability to download, test,
and update the third-party ClamAV signature databases provided by
Sanesecurity, SecuriteInfo, MalwarePatrol, OITC, INetMsg and ScamNailer.

PR:             ports/144509
Submitted by:   Marko Njezic <sf at maxempire.com>

21:52 niels 

OWASP DirBuster is a multi threaded java application designed to
brute force directories and files names on web/application servers.

Approved by:    itetcu (mentor)
Feature safe:   yes
WWW:    http://www.owasp.org/index.php/Category:OWASP_DirBuster_Project

22:03 niels 

Burp Suite is an integrated platform for testing web applications

PR:     ports/144150
Submitted by:   niels
Approved by:    itetcu (mentor)
WWW:    http://www.portswigger.net/suite/

12:22 mandree 

Revive openvpn-devel port and pass maintainership to Eric F. Christ.

NOTE that the port is more of a development snapshot than it used to be,
so it should be used SOLELY for testing and development, NOT IN PRODUCTION.

PR: ports/144115
Approved by: mandree@ (previous maintainer)
Approved by: garga@ (mentor)
Feature safe: yes

13:43 miwi 

NmapSi4 is a complete Qt-based Gui with the design goals to provide a complete
nmap interface for Users, in order to management all options of this powerful
security net scanner!

WWW:    http://www.nmapsi4.org

PR:             ports/142118
Submitted by:   Gvozdikov Veniamin <g.veniamin at googlemail.com>

01:59 miwi 

2010-01-08 x11-toolkits/gtkada-gps: has been broken for 3 months
2010-01-08 x11-fm/velocity: has been broken for 7 months
2010-01-08 x11-drivers/xf86-video-nsc: has been broken for 5 months
2010-01-08 www/rubygem-merb: has been broken for 5 months
2010-01-08 security/shibboleth-sp: has been broken for 3 months

20:46 wxs 

isolate runs processes in a chroot-ed environment, with constrained resource
limits, as a random UID, and with limited access to the X server

WWW:    http://code.google.com/p/isolate/

PR:             ports/142350
Submitted by:   Steve Wills <steve@mouf.net>

06:02 amdmi3 

- Fix sorting and minor cleanups in category Makefiles

14:52 glarkin 

Provide a fast way to delete entries from OpenSSH's known_hosts
file. This is a simple automation of the things normally done by
the user when having an "offending key" in his/her known_hosts file
caused by a changing host key of the destination.

WWW:    http://unssh.sourceforge.net/

PR:             ports/137254
Submitted by:   Dax Labrador <semprix at bsdmail.org>

11:31 olgeni 

Add cl-md5-clisp, a native MD5 implementation in Common Lisp (CLISP
binaries).

11:30 olgeni 

Add cl-md5-sbcl, a native MD5 implementation in Common Lisp (SBCL
binaries).

11:28 olgeni 

Add cl-md5, a native MD5 implementation in Common Lisp.

23:27 pgj 

This Haskell library implements the SHA suite of message digest
functions, according to NIST FIPS 180-2 (with the SHA-224 addendum), as
well as the SHA-based HMAC routines. The functions have been tested
against most of the NIST and RFC test vectors for the various functions.
While some attention has been paid to performance, these do not
presently reach the speed of well-tuned libraries, like OpenSSL.

WWW: http://hackage.haskell.org/package/SHA

16:47 mandree 

Move security/openvpn to security/openvpn20 (after previous repocopy).
Update security/openvpn20 to 2.0.9, revising pkg-message.

Move security/openvpn-devel to security/openvpn and
update security/openvpn to 2.1.1.

Remove security/openvpn-devel, adding a MOVED entry.

Update security/Makefile to remove openvpn-devel and add openvpn20 to
SUBDIRS.

Add a UPDATING entry for this shuffle.  Currently without upgrade
instructions since neither portupgrade nor portmaster are up to the
task (because of the CONFLICTS).

Approved by:  garga@ (mentor)

12:23 miwi 

PAM module which permits authentication for arbitrary services via
ssh-agent. Written with sudo in mind, but like any auth PAM module,
can be used for for many purposes.

WWW: http://pamsshagentauth.sourceforge.net/

10:31 miwi 

SoftHSM is an implementation of a cryptographic store accessible
through a PKCS #11 interface. You can use it to explore PKCS #11
without having a Hardware Security Module. It is being developed
as a part of the OpenDNSSEC project. SoftHSM uses Botan for its
cryptographic operations.

WWW: http://www.opendnssec.org/

PR:             ports/141932
Submitted by:   Jaap Akkerhuis <jaap at NLnetLabs.nl

20:38 miwi 

misc/bsdiff||2009-12-24|Incorporated into base system long ago
security/freebsd-update||2009-12-24|Incorporated into base system long ago
sysutils/est||2009-12-24|Incorporated into base system long ago
sysutils/estctrl||2009-12-24|Incorporated into base system long ago
sysutils/freebsd-sha1||2009-12-24|Incorporated into base system long ago
sysutils/freebsd-sha256||2009-12-24|Incorporated into base system long ago

08:26 wen 

The Net_Portscan package allows one to perform basic portscanning
functions with PHP. It supports checking an individual port or
checking a whole range of ports on a machine.

WWW: http://pear.php.net/package/Net-Portscan/

08:48 cy 

Add sudosh3.

16:29 garga 

Remove security/pfw, it's no longer maintainer by author

12:32 dinoex 

PolarSSL is a light-weight open source cryptographic and SSL/TLS library
written in C. PolarSSL is written with embedded systems in mind and has
been ported on a number of architectures, including ARM, PowerPC, MIPS
and Motorola 68000.

Features include:
 * Small memory footprint
 * Clean and simple API for integration
 * Loose coupling of cryptographic code.
 * Symmetric encryption algorithms: AES, Triple-DES, DES, ARC4, Camellia, XTEA
 * Hash algorithms: MD2, MD4, MD5, SHA-1, SHA-224, SHA-256, SHA-384, SHA-512
 * HAVEGE random number generator
 * RSA with PKCS#1 v1.5 padding
 * SSL version 3 and TLS version 1 client support
 * X.509 certificate and CRL reading from memory or disk in PEM and DER formats
 * Over 900 regression and code coverage tests
 * Example applications

LICENSE: GPL2

WWW: http://polarssl.org/

12:31 dinoex 

Cyassl is an embedded SSL Library for programmers building security
functionality into their applications and devices.

Features
  SSL version 3 and TLS versions 1, 1.1 and 1.2 (client and server)
  Minimum size of 60-100kb, depending on build options
  Runtime memory usage between 5-50kb
  DTLS support (client and server)
  OpenSSL compatibility layer
  zlib compression support
  integration in MySQL, stunnel, Lighttpd availible.
  MD2, MD4, MD5, SHA-1, RIPEMD, HMAC, DES, 3DES, AES, ARC4, TWOFISH, BLOWFISH,
  RSA, DSS, DH, and PKCS#5 PBKDF2
  ia32 assembly for AES, 3DES, BLOWFISH, TWOFISH, ARC4, MD5, SHA, and RIPEMD
  SSE2 instructions for Large Integers
  Simple API
  Interchangeable crypto and certificate libraries
  PEM and DER certificate support
  Very fast

LICENSE: GPL2 with FOSS extension

WWW: http://www.yassl.com/

12:31 wen 

- Remove the entry of pear-Crypt_HMAC

PR:             ports/140822
Submitted by:   wen@ (myself)
Approved by:    miwi@ (maintainer)

09:47 wen 

- Add entry for pear-Crypt_HMAC2

13:45 miwi 

All ports depending on the nettle library have been updated
to use nettle 2.0, and there is no longer any reason to keep
separate ports for nettle versions 1.x and 2.x.

PR:             139482 139484
Submitted by:   Charlie Kester <corky1951@comcast.net> (maintainer)

06:28 wen 

pecl-pam provides PAM (Pluggable Authentication Modules) integration.
PAM is a system of libraries that handle the authentication tasks of
applications and services. The library provides a stable API for
applications to defer to for authentication tasks.

WWW: http://pecl.php.net/package/PAM/

20:06 marcus 

Presenting GNOME 2.28.1 for FreeBSD.  The official release notes for this
release can be found at http://library.gnome.org/misc/release-notes/2.28/ .
Officially, this is mostly a polishing release in preparation for GNOME 3.0
due in about a year.

On the FreeBSD front, though, a lot went into this release.  Major thanks
goes to kwm and avl who did a lot of the porting work for this release.
In particular, kwm brought in Evolution MAPI support for better Microsoft
Exchange integration.  Avl made sure that the new gobject introspection
repository ports were nicely compartmentalized so that large dependencies
aren't brought in wholesale.

But, every GNOME team member (ahze, avl, bland, kwm, mezz, and myself)
contributed to this release.

Other major improvements include an updated HAL with better volume
probing code, ufsid integration, and support for volume names containing
spaces (big thanks to J.R. Oldroyd); a new WebKit; updated AbiWord;
an updated Gimp; and a preview of the new GNOME Shell project (thanks to
Pawel Worach).

The FreeBSD GNOME Team would like to that the following additional
contributors to this release whose patches and testing really helped
make it a success:

Andrius Morkunas
Dominique Goncalves
Eric L. Chen
J.R. Oldroyd
Joseph S. Atkinson
Li
Pawel Worach
Romain Tartière
Thomas Vogt
Yasuda Keisuke
Rui Paulo
Martin Wilke
(and an extra shout out to miwi and pav for pointyhat runs)

We would like to send this release out to Alexander Loginov (avl) in
hopes that he feels better soon.

PR:             136676
                136967
                138872 (obsolete with new epiphany-webkit)
                139160
                134737
                139941
                140097
                140838
                140929

15:21 tdb 

- Update f-prot to 6.2.1. Based on ports/132074.

PR:             ports/132074
Submitted by:   Cristiano Rolim Pereira <cristianorolim@hotmail.com>

11:43 miwi 

- Connect security/nettle2

Feature safe: yes

15:55 pav 

Net::Radius::Server provides an extensible framework to create RADIUS
servers suitable for non-standard scenarios where authentication
needs to consider multiple factors. The RADIUS responses may be
created by arbitrarily complex rules that process the request packet
as well as any external data accessible to Perl.

WWW:    http://search.cpan.org/dist/Net-Radius-Server/

PR:             ports/138164
Submitted by:   Gea-Suan Lin <gslin@gslin.org>
Feature safe:   yes

01:42 amdmi3 

Barnyard is a critical tool for the parsing of Snort's unified binary files,
processing and on-forwarding to a variety of output plugins. Unfortunately
it has not seen an updated in over 4 years and is not going to be maintained
by the original developers. With the new version of the unified format
(ie. unified2) arriving we need something to bridge this gap.

The SXL team love barnyard. So much so that we want it to stay and have been
tinkering around with the code to give it a breath of new life. Here is what
we have achieved to far for this reinvigorated code base:

    * Parsing of the new unified2 log files.
    * Maintaining majority of the command syntax of barnyard.
    * Addressed all associated bug reports and feature requests arising since
                barnyard-0.2.0.
    * Completely rewritten code based on the GPLv2 Snort making it entirely
                GPLv2.

This is an effort to fuse the awesome work of Snort and the original concept
of barnyard giving it a fresh update along the way. We've come a long way so
far and have a very stable build that we've integrated into our NSMnow
framework.  If you have any feature requests, bugs or gripes then send them
our way.

WWW: http://www.securixlive.com/barnyard2/

PR:             138326
Submitted by:   Paul Schmehl <pauls@utdallas.edu>

21:04 miwi 

The Python keyring lib provides an easy way to access the system keyring
service from Python. It can be used in any application that needs safe password
storage. It supports OSX, KDE, Gnome and Windows's native password storing
services. Besides this, it is shipped with kinds of Python implemented keyring
for the left environments.

WWW: http://pypi.python.org/pypi/keyring

PR:             ports/138513
Submitted by:   Douglas Thrift

23:37 cy 

Welcome the new krb5-17.

PR:             138246

19:54 miwi 

MailZu is a simple and intuitive web interface to manage Amavisd-new
quarantine. Users can view their own quarantine, release/delete messages
or request the release of messages. MailZu is written in PHP and requires
Amavisd-new version greater than 2.3.0.

WWW: http://sourceforge.net/projects/mailzu/

PR:             ports/137197
Submitted by:   Sahil Tandon <sahil at tandon.net>

13:20 erwin 

security/dns-proxy-tor
security/trans-proxy-tor: trans-proxy-tor is rendered obsolete by Tor\'s
TransPort option  (currently only available in tor-devel)

Approved by:    maintainer

17:54 miwi 

AuthCAS aims at providing a Perl API to Yale's Central Authentication
System (CAS). Only a basic Perl library is provided with CAS whereas
AuthCAS is a full object-oriented library.

WWW:    http://cpan.uwinnipeg.ca/dist/AuthCAS

PR:             ports/136956
Submitted by:   Frank Wall <fw at moov.de>

09:01 miwi 

2009-07-28 games/amy: mastersite disappeared, does not build on recent version
2009-07-28 security/hashish: "does not compile"
2009-07-19 security/smtpmap: depends on GCC 2.95 which has not been available
for 9+ months

18:31 shaun 

Remove this port, as its only mirror (operated by me) is about to be
vanish. The port is pretty useless anyway.

06:07 pgollucci 

LuaSec is a binding for OpenSSL library to provide TLS/SSL communication. This
version delegates to LuaSocket the TCP connection establishment between the
client and server. Then LuaSec uses this connection to start a secure TLS/SSL
session.

WWW: http://www.inf.puc-rio.br/~brunoos/luasec/

PR:             ports/136266
Submitted by:   Andrew Lewis <dru at silenceisdefeat.net>

20:56 nox 

This is a Linux Fedora 10 infrastructure port for...

The Cyrus SASL (Simple Authentication and Security Layer)

SASL is the Simple Authentication and Security Layer, a method
for adding authentication support to connection-based protocols.
To use SASL, a protocol includes a command for identifying and
authenticating a user to a server and for optionally negotiating
protection of subsequent protocol interactions. If its use is
negotiated, a security layer is inserted between the protocol
and the connection.

WWW: http://cyrusimap.web.cmu.edu/

Obtained from:  Peter Jeremy <peterjeremy@optushome.com.au>

08:27 makc 

Connect pinentry-qt4 to build

05:35 miwi 

Jifty::Plugin::OpenID is a perl module provides OpenID
authentication for your jifty app.

WWW:    http://search.cpan.org/dist/Jifty-Plugin-OpenID/

PR:             ports/135558
Submitted by:   Wen Heping <wenheping at gmail.com>

05:28 miwi 

ranpwd uses /dev/random or /dev/urandom to generate cryptographically secure
passwords.

Generated passwords may consist of any specified length and any combination of
upper- or lower-case alphanumeric characters or punctuation.  ranpwd can also
generate passwords consisting of hexadecimal, decimal, octal or binary numbers,
and format these as valid C constants for inclusion in source code.

WWW: http://freshmeat.net/projects/ranpwd

PR:             ports/135540
Submitted by:   corky1951 at comcast.net

21:46 miwi 

The netpgp command can digitally sign files and verify that the
signatures attached to files were signed by a given user identifier.
netpgp can also encrypt files using the public or private keys of
users and, in the same manner, decrypt files which were encrypted.

The netpgp utility can also be used to generate a new key-pair for a
user.  This key is in two parts, the public key (which can be used by
other people) and a private key.

In addition to these primary uses, the third way of using netpgp is to
maintain keyrings.  Keyrings are collections of public keys belonging
to other users.  By using other means of identification, it is
possible to establish the bona fides of other users.  Once trust has
been established, the public key of the other user will be signed.
The other user's public key can be added to our keyring.  The other
user will add our public key to their keyring.

WWW:    http://www.NetBSD.org/

PR:             ports/134997
Submitted by:   bapt <baptiste.daroussin at gmail.com>

22:48 miwi 

OpenConnect is a client for Cisco's AnyConnect SSL VPN, which is
supported by IOS 12.4(9)T or later on Cisco SR500, 870, 880,
1800, 2800, 3800, 7200 Series and Cisco 7301 Routers.

Like vpnc, OpenConnect is not officially supported by, or
associated in any way with, Cisco Systems. It just happens to
interoperate with their equipment.

WWW: http://www.infradead.org/openconnect.html

PR:             ports/135274
Submitted by:   Damian Gerow

17:26 bsam 

Here are new Linux Fedora 10 infrastructure ports.

Those ports are intended to be used with 8-CURRENT at least
with SVN r192206.

If you want to switch to linux-f10 ports, please define at /etc/make.conf:
  OVERRIDE_LINUX_BASE_PORT=f10
  OVERRIDE_LINUX_NONBASE_PORTS=f10

An upgrading procedure is shown at /usr/ports/UPDATING, entries 20090401
and 20070327.

For the first time all tested linux ports work as expected(!):
. acroread8;
. google-earth;
. skype;
. seamonkey.

Many thanks for kernel folks who really did the main work
(and I wrote only some lines of ports).

There is a good chance that those ports may become a default
for 8.0-RELEASE. Please, test and report back to emulation@ ML.

11:56 miwi 

The scrypt key derivation function was originally developed for use in
the Tarsnap online backup system and is designed to be far more secure
against hardware brute-force attacks than alternative functions such as
PBKDF2 or bcrypt.

WWW:   http://www.tarsnap.com/scrypt/

PR:             ports/134961
Submitted by:   Wen Heping <wenheping at gmail.com>