pkgsrc-changes: CVS commit: pkgsrc/security

Subject: CVS commit: pkgsrc/security
To: None <pkgsrc-changes@netbsd.org>
From: Thorsten Frueauf <frueauf@netbsd.org>
List: pkgsrc-changes
Date: 10/13/2002 12:11:54
Module Name:	pkgsrc
Committed By:	frueauf
Date:		Sun Oct 13 09:11:54 UTC 2002

Modified Files:
	pkgsrc/security/libnasl: PLIST distinfo
	pkgsrc/security/nessus: Makefile.common
	pkgsrc/security/nessus-core: distinfo
	pkgsrc/security/nessus-libraries: Makefile PLIST distinfo
	pkgsrc/security/nessus-plugins: PLIST distinfo

Log Message:
Update nessus{-libraries,-core,-plugins} and libnasl to 1.2.6.

Changes since 1.2.0:

1.2.6 :
. changes by Michael Slifcak (Michael.Slifcak@guardent.com)
- Added Bugtraq cross reference in the plugins
- Added support for BID in nessusd (this has yet to be done on the
  client side)
. changes by Axel Nennker (Axel.Nennker@t-systems.com)
- fixed the xml and html outputs
- fixed array issues in a couple of plugins
. changes by Michel Arboi (arboi@bigfoot.com)
- find_service now detects services protected by TCP wrappers or ACL
- find_service detects gnuserv
- ptyexecvp() replaced by nessus_popen() (*)
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- Fixed a bug which may make nasl interpret backquoted strings
  (\n and \r) received from the network (problem noted by Pavel Kankovsky)
- nmap_wrapper.nes calls _exit() instead of exit() (*)
- Solved the lack of bpf's on Free/Open/NetBSD and MacOSX by
  sharing _one_ among all the Nessus processes. As a result, Nessus's
  ping is much more effective on these platforms
- bugfix in plug_set_key() which would eventually make some scripts
  take too long when writing in the KB
- Plugins of family ACT_SETTINGS are run *after* plugins of family
  ACT_SCANNERS
- replaced the implementation of md5 which was used when OpenSSL is disabled
  by the one from RSA (the old one would not work on a big-endian host)
- Fixed plugins build issues on MacOS X
- The nessus client compiles and links against GTK+-2.0. Of course, it will
  be horrible and instable, as the GTK team does not care about backward
  compatibility
  (*) These two modifications solve the problems of nmap hanging under FreeBSD

1.2.5 :
. changes by Michel Arboi (arboi@bigfoot.com)
- find_service now displays unknown services that run on assigned ports
- read_stream_connection smarter (smaller timeout)
- find_service sometimes declared IDENT as "unknown"
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- Fixed a deadlock that would prevent some plugins from completing
- Fixed a possible (although rare) corruption issue in the reports
  (the script IDs could under some circumstances be random)
- Fixed a potential segfault in the execution of nasl scripts

1.2.4 :
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- Reverted back to autoconf 2.13.
- Bug fix in nessus-core/nessusd/pluginlaunch.c - under some circumstances,
  data might have be lost in the reports
- Fixed a bug in several plugins for web checks (under some circumstances,
  a plugin would do N x N checks against the remote web servers (where
  N equals to the number of web servers running on the remote host)

1.2.3 :
. changes by Isaac Dawson (idawson@securitymanagementpartners.com)
- New html output layout.
. changes by Pasi Eronen (pasi.eronen@nixu.com)
- fix in nmap_wrapper
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- Fixed a bug which could make, under some circumstances, make nessusd
  crash the host it is running on.
- If the option log_whole_attack is set to "no", then only the begining
  and the end of the attack is logged (and not the time each plugin takes)
- Improved no404.nasl to further reduce false positives
- Bug fix in nessusd - under some rare circumstances, report data could
  be lost (if many many plugins were enabled at the same time and were
  sending data at the same time).
- UDP packets are resent while we wait for a reply (avoids to loose packets
  en route)
- Fixed the option "auto_enable_dependencies" which would not always work
- Sending a SIGTERM to the nessus client during a command line scan
  forces it to save its result to the current test file
- Non-printables characters are not shown in the report any more

1.2.2 :
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- In the GUI, while running a scan, plugins names are only updated once
  in a while (saves CPU)
- Bugfix in the client : some host names would make the client crash
- Repaired the '-P' switch in the client

1.2.1 :
. changes by Simon Law (sfllaw@engmail.uwaterloo.ca)
- Made a manpage for nessus-mkcert-client(1) and have it installed by
  the Makefile
- Revised most other manpages for missing information and to increase
  clarity


To generate a diff of this commit:
cvs rdiff -r1.3 -r1.4 pkgsrc/security/libnasl/PLIST
cvs rdiff -r1.6 -r1.7 pkgsrc/security/libnasl/distinfo
cvs rdiff -r1.13 -r1.14 pkgsrc/security/nessus/Makefile.common
cvs rdiff -r1.6 -r1.7 pkgsrc/security/nessus-core/distinfo
cvs rdiff -r1.6 -r1.7 pkgsrc/security/nessus-libraries/Makefile
cvs rdiff -r1.3 -r1.4 pkgsrc/security/nessus-libraries/PLIST
cvs rdiff -r1.8 -r1.9 pkgsrc/security/nessus-libraries/distinfo
cvs rdiff -r1.4 -r1.5 pkgsrc/security/nessus-plugins/PLIST
cvs rdiff -r1.6 -r1.7 pkgsrc/security/nessus-plugins/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.