Subject: Changes to the NetBSD Packages Collection in September 2000
To: None <netbsd-announce@netbsd.org>
From: Alistair G. Crooks <agc@ftp.netbsd.org>
List: tech-pkg
Date: 10/23/2000 08:16:14
Changes to the NetBSD Packages Collection in September 2000
===========================================================

Many thanks to everyone for the feedback on the new format - most
considered it a forward step, so I'll retain it.

My apologies for the lateness of this summary, which has been done in
the background whilst we prepare to tag pkgsrc for the upcoming 1.4.3
and 1.5 releases.

In the month of September, we called a freeze to new functionality,
and concentrated on making pkgsrc compile successfully for as many
packages as possible, for as many platforms as possible.

Notable additions to the packages collection include: audit-packages,
gpart, netscape, some more Perl5 utility programs, netscape (a wrapper),
wml, and xfstt.

Notable packages which were updated were:  ap-ssl, apache, bind9,
ethereal, imap-uw, inn, isakmpd, perl5 to version 5.6 (thanks,
Johnny), mouse-pppoe, mp, ns-remote, ntop, openssh, pine, ptl2,
racoon, samba, screen, wv, xforms, xscreensaver, and xview.  Please
note also the rearrangement of the tcl/tk packages (to 8.3.2, thanks,
Jim).

Due to a number of exploits in various packages, Bill Sommerfeld
prevailed upon me to introduce some form of automatic vulnerability
checking, and that is what the audit-packages package does
(pkgsrc/security/audit-packages) - please forgive the quirky
implementation.  It downloads a list of known vulnerabilities from
ftp.netbsd.org, and checks the installed packages on the current
machine, to see if any are known to be vulnerable.  This could be run
as part of a cron job, and alerts could be sent using SMS or mail, by
using qpage, for example.  Much though it pains me to nominate
something I wrote as Package of the Month (I'm really not that vain),
it has to be so - instead of waiting for my summaries (which can be
very late in coming), you can get an up-to-date listing of any known
package vulnerabilities "as they happen".  The packages collection
will also warn you if you attempt to install a package with a known
security vulnerability, and vulnerabilities are placed in the generated
README.html files.

Alistair G. Crooks (agc@pkgsrc.org)
Mon Oct 23 07:17:45 BST 2000



Changes to the Packages Collection Infrastructure
=================================================

	bsd.pkg.mk: Introduce new mechanism for handling "crypto" packages.
		Now, setting MKCRYPTO=no in /etc/mk.conf disables download
		and build for any package which defines either USE_SSL or
		CRYPTO. Packages which contain strong encryption technology
		should set CRYPTO if not USE_SSL, rather than RESTRICTED.
		[fredb 2000-09-09]


Packages Added to the Packages Collection
=========================================

	Added audit-packages-1.0 [agc 2000-09-19]
Path: security/audit-packages
Package URL: ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/security/audit-packages/README.html
Comment: tools to show vulnerabilities in installed packages

	Added gpart-0.1g [veego 2000-09-01]
Path: sysutils/gpart
Package URL: ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/sysutils/gpart/README.html
Comment: Tool to show the partitions on a PC type harddisk

	Added netscape-4.75 [abs 2000-09-03]
Path: www/netscape
Package URL: ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/www/netscape/README.html
Comment: Open new communicator or navigator window

	Added p5-Text-DelimMatch-1.03 [kim 2000-09-04]
Path: textproc/p5-Text-DelimMatch
Package URL: ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/textproc/p5-Text-DelimMatch/README.html
Comment: Find regexp delimited strings with proper nesting

	Added p5-Term-ReadKey-2.14 [kim 2000-09-04]
Path: devel/p5-Term-ReadKey
Package URL: ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/devel/p5-Term-ReadKey/README.html
Comment: Change terminal modes and perform non-blocking reads

	Added perl5-base-5.6.0 [jlam 2000-09-05]
Path: lang/perl5-base
Package URL: ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/lang/perl5-base/README.html
Comment: base installation of Perl

	Added tcl-expect-5.32.1 [jwise 2000-09-05]
Path: lang/tcl-expect
Package URL: ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/lang/tcl-expect/README.html
Comment: extensions to Tcl to support scripting of interactive programs

	Added tcl-tclX-8.2.0 [jwise 2000-09-06]
Path: lang/tcl-tclX
Package URL: ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/lang/tcl-tclX/README.html
Comment: Extended Tcl (TclX), a set of Tcl extensions for system programming

	Added tcl-scotty-2.1.10 [jwise 2000-09-07]
Path: net/tcl-scotty
Package URL: ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/net/tcl-scotty/README.html
Comment: network management extensions to TCL

	Added tk-expect-5.32.1 [jwise 2000-09-05]
Path: lang/tk-expect
Package URL: ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/lang/tk-expect/README.html
Comment: a tcl interpreter with both the expect and tk extensions built in.

	Added tk-tclX-8.2.0 [jwise 2000-09-06]
Path: lang/tk-tclX
Package URL: ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/lang/tk-tclX/README.html
Comment: Extended Tcl (TclX), a set of Tcl extensions for system programming

	Added tkined-1.4.10 [jwise 2000-09-07]
Path: net/tkined
Package URL: ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/net/tkined/README.html
Comment: graphical network discovery and monitoring tool based on scotty.

	Added wml-2.0.2 [kim 2000-09-04]
Path: www/wml
Package URL: ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/www/wml/README.html
Comment: Web Meta Language

	Added xfstt-1.1 [kim 2000-09-04]
Path: x11/xfstt
Package URL: ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/x11/xfstt/README.html
Comment: TrueType font server for X11


Updated Packages in the Packages Collection
===========================================

	Updated ap-ssl to 2.6.6 [jlam 2000-09-12]
Path: www/ap-ssl
Package URL: ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/www/ap-ssl/README.html
Comment: Secure Sockets Layer module for Apache

	Updated apache to use EAPI from mod_ssl-2.6.6-1.3.12 [jlam 2000-09-12]
Path: www/apache
Package URL: ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/www/apache/README.html
Comment: The Apache web server (http://www.apache.org/)

	Updated bind9 to 9.0.0 [rh 2000-09-18]
Path: net/bind9
Package URL: ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/net/bind9/README.html
Comment: Version 9 of the Berkeley Internet Name Daemon, implementation of DNS

	Updated dsssl-docbook-modular to 1.57 [hubertf 2000-09-04]
Path: textproc/dsssl-docbook-modular
Package URL: ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/textproc/dsssl-docbook-modular/README.html
Comment: DSSSL stylesheets for the DocBook DTD by Norman Walsh

	Updated ethereal to 0.8.12 [hubertf 2000-09-15]
Path: net/ethereal
Package URL: ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/net/ethereal/README.html
Comment: Network protocol analyzer

	Updated gnocatan to 0.6.1 [veego 2000-09-03]
Path: games/gnocatan
Package URL: ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/games/gnocatan/README.html
Comment: gnome version of the Settlers of Catan board game

	Updated imap-uw to 4.7rc6 to fix some security problems described
		in http://www.securityfocus.com/advisories/2646
		[hubertf 2000-09-19]
Path: mail/imap-uw
Package URL: ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/mail/imap-uw/README.html
Comment: University of Washington's IMAP, POP2, and POP3 servers

	Updated inn to 2.2.3 [veego 2000-09-01]
Path: news/inn
Package URL: ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/news/inn/README.html
Comment: the public release of InterNet News (INN)

	Updated isakmpd to 20000915 [fredb 2000-09-25]
Path: security/isakmpd
Package URL: ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/security/isakmpd/README.html
Comment: OpenBSD IKE daemon

	Updated jisx0208fonts to 20000904.  repair a glyph in kaname font.
		From SUNAGAWA Keiki.  [itojun 2000-09-05]
Path: fonts/jisx0208fonts
Package URL: ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/fonts/jisx0208fonts/README.html
Comment: X11 fonts for JIS X0208 standard

	Updated lftp to 2.2.6 [hubertf 2000-09-24]
Path: net/lftp
Package URL: ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/net/lftp/README.html
Comment: powerful command line ftp client

	Updated libperl to 5.6.0nb1, which includes a shared dynamic loader
		needed by certain packages, e.g. www/ap-perl [jlam 2000-09-06]
Path: lang/libperl
Package URL: ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/lang/libperl/README.html
Comment: PERL core library and DynaLoader as a shared object

	Updated mouse-pppoe to 20000912 [wiz 2000-09-15]
Path: net/mouse-pppoe
Package URL: ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/net/mouse-pppoe/README.html
Comment: derMouse's PPP over Ethernet program

	Updated mp to 3.5.2 [kim 2000-09-04]
Path: print/mp
Package URL: ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/print/mp/README.html
Comment: PostScript pretty printer

	Updated ns-remote to 1.3 [abs 2000-09-01]
Path: www/ns-remote
Package URL: ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/www/ns-remote/README.html
Comment: remote-control Netscape Navigator and Communicator

	Updated ntop to 1.1, to workaround some security problems described
		in http://www.securityfocus.com/advisories/2520
		[agc 2000-09-19]
Path: net/ntop
Package URL: ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/net/ntop/README.html
Comment: shows network usage (similar to "top" for processes)

	Updated openssh to 2.2.0p1 [itojun 2000-09-04]
Path: security/openssh
Package URL: ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/security/openssh/README.html
Comment: Open Source Secure shell client and server (remote login program)

	Updated perl5 to 5.6.0nb3, which is now a meta-pkg which installs
		perl5-base and several other modules from a standard
		installation of perl-5.6.0. [jlam 2000-09-05]
Path: lang/perl5
Package URL: ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/lang/perl5/README.html
Comment: Practical Extraction and Report Language

	Updated pine to 4.21nb1 to fix some security problems described
		in http://www.securityfocus.com/advisories/2646
		[hubertf 2000-09-19]
Path: mail/pine
Package URL: ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/mail/pine/README.html
Comment: Program for Internet E-mail and News

	Updated pkglint to 2.16 [hubertf 2000-09-04]
	Updated pkglint to 2.20. .include lines are honoured now, and
		FILESDIR, PATCHESDIR, PKGDIR, SCRIPTSDIR, MD5_FILE, and
		PATCH_SUM_FILE aren't hardcoded anymore, but the
		corresponding Makefile variables are used. Some cleanup.
		[wiz 2000-09-05]
	Updated pkglint to 2.21 [abs 2000-09-11]
	Updated pkglint to 2.22 [abs 2000-09-20]
	Updated pkglint to 2.23 [abs 2000-09-21]
	Updated pkglint to 2.24 [abs 2000-09-22]
	Updated pkglint to 2.25 [abs 2000-09-26]
Path: pkgtools/pkglint
Package URL: ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/pkgtools/pkglint/README.html
Comment: Verifier for NetBSD packages and complete pkgsrc tree

	Updated ptl2 to 2.1.5 [msaitoh 2000-09-24]
Path: devel/ptl2
Package URL: ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/devel/ptl2/README.html
Comment: Portable user-level Thread Library 2 written by Kota Abe

	Updated racoon to 20000913b [itojun 2000-09-13]
	Updated racoon to 20000923a.  if you are using previous releases
		of racoon, i suggest an upgrade due to possible security
		issue (admin tcp port was open without authentication).
		[itojun 2000-09-23]
Path: security/racoon
Package URL: ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/security/racoon/README.html
Comment: KAME racoon IKE daemon

	Updated samba to 2.0.7.1.2a [kei 2000-09-03]
Path: net/samba
Package URL: ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/net/samba/README.html
Comment: SMB/CIFS protocol server suite for UNIX

	Updated screen to 3.9.8 [itojun 2000-09-11]
Path: misc/screen
Package URL: ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/misc/screen/README.html
Comment: Multi-screen window manager

	Updated teTeX-bin to 1.0.7nb1, which removes texi2html from the
		installation and depends on textproc/texi2html.
		[jlam 2000-09-12]
Path: print/teTeX-bin
Package URL: ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/print/teTeX-bin/README.html
Comment: TeX distribution for UNIX compatible systems - executables

	Updated uvscan-dat to 4094 [jlam 2000-09-07]
Path: security/uvscan-dat
Package URL: ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/security/uvscan-dat/README.html
Comment: AntiVirus DAT file for uvscan

	Updated wml to 2.0.3 [kim 2000-09-04]
Path: www/wml
Package URL: ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/www/wml/README.html
Comment: Web Meta Language

	Updated wv to 0.5.44 [wiz 2000-09-02]
Path: converters/wv
Package URL: ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/converters/wv/README.html
Comment: Microsoft Word 6, 7, and 8 (95/97/2000) doc to HTML/LaTeX converter

	Updated xchat to 1.5.7 [wennmach 2000-09-01]
Path: net/xchat
Package URL: ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/net/xchat/README.html
Comment: X11 (X Window System) IRC client, using the GTK+ toolkit

	Updated xforms to 0.88nb1, to reflect loss of shared library on a.out
		[fredb 2000-09-28]
Path: x11/xforms
Package URL: ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/x11/xforms/README.html
Comment: Graphical user interface toolkit for X Window System

	Updated xscreensaver to 3.25nb1, in order to discriminate against older
		binary packages, use of which would lead to a circular
		dependency on and for control-panel [fredb 2000-09-11]
Path: x11/xscreensaver
Package URL: ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/x11/xscreensaver/README.html
Comment: Screen saver and locker for the X window system

	Updated xview-config to 3.2.1nb1 [jlam 2000-09-13]
Path: x11/xview-config
Package URL: ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/x11/xview-config/README.html
Comment: OpenLook Toolkit config files

	Updated xview-lib to 3.2.1nb1 [jlam 2000-09-13]
Path: x11/xview-lib
Package URL: ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/x11/xview-lib/README.html
Comment: OpenLook Toolkit libs, includes, and man pages


Other Changes to the NetBSD Packages Collection
===============================================

	Removed expect [jwise 2000-09-05]
	Deleted japanese/samba which is merged into net/samba.
		[kei 2000-09-03]
	Renamed mozilla pkg back to Mozilla-1.0m17
		[martin 2000-09-03]
	Removed scotty [jwise 2000-09-07]
	Removed tclX [jwise 2000-09-06]