Re: security support

b...@openbsd.rutgers.edu wrote: On 31 March 2009 at 0:56, Stefan Sperling wrote: On Mon, Mar 30, 2009 at 07:22:08PM -0400, Aaron W. Hsu wrote: It's much easier for people in -STABLE to just run the stable packages. That is still probably the best advice for most people. Yes.

Re: NEW: security/fcrackzip

yeah. i agree. thanks 2009/3/31 Stuart Henderson : > On 2009/03/30 17:51, Jung wrote: >> Fcrackzip is a free, fast and featureful ZIP password cracker, written in >> portable C (and optional x86 assembly). It allows the user to recover >> forgotten ZIP archive passwords, using either a brute forc

Re: UPDATE: print/epdfview 0.1.7

On Mon, Mar 30, 2009 at 5:51 PM, Landry Breuil wrote: > This is wrong, remove the PKGNAME line, it will default to ${DISTNAME}. > No need to bump it for patches coming from upstream svn. > Other than that, reads fine, i'll do some testing laterz on sparc64/i386. > > Landry > Hi, Thanks for the a

Re: security support

On Mon, Mar 30, 2009 at 07:22:08PM -0400, Aaron W. Hsu wrote: > It's much easier for people in -STABLE to just run the stable packages. > That is still probably the best advice for most people. Yes. Also, due to various exploit mitigation techniques in OpenBSD, many bugs that show up in ports ar

NEW: lang/chez

The following is a package for Chez Scheme users on OpenBSD, which deals with issues such as FFI linking. This is for the commercial compiler, whereas petite-chez is the free interpreter. -- Aaron W. Hsu | "Government is the great fiction, through which everybody endeavo

Re: security support

David, Thanks for your message... > As a practical matter, I would prefer to see that information > featured prominently in the documentation, rather than strongly > encouraging people to rely on packages > (http://www.openbsd.org/faq/faq15.html#PkgVsPorts). I don't feel > that it's responsi

Re: NEW: security/fcrackzip

On 2009/03/30 17:51, Jung wrote: > Fcrackzip is a free, fast and featureful ZIP password cracker, written in > portable C (and optional x86 assembly). It allows the user to recover > forgotten ZIP archive passwords, using either a brute force or > dictionary attack on the provided files. > > Homep

Re: UPDATE: print/epdfview 0.1.7

On Mon, Mar 30, 2009 at 12:26:01AM -0400, Brynet wrote: > Hi, > > Here is the new version with revision 329 fixed, (bug #118).. version > 0.1.7 unintentionally broke the mouse scroll wheel. > > New features: > * Text selection and copying to clipboard > > I'd like to take over as maintainer for

Update: databases/ruby-pg 0.8.0

Simple update to databases/ruby-pg. Tested on i386. Jeremy Index: Makefile === RCS file: /cvs/ports/databases/ruby-pg/Makefile,v retrieving revision 1.2 diff -u -r1.2 Makefile --- Makefile28 Jan 2009 07:15:54 - 1.2 +++

Re: net/ngrep diff.

On Thu, Mar 26, 2009 at 10:36:26PM +, Stuart Henderson wrote: > any comments on this change to the ngrep port? > > - drop privs to a new _ngrep user rather than nobody, > - chroot to /var/empty, > - support pppoe, > - autoconf surgery (functional rather than pretty) to use a version > of pcre

Re: security support

Aaron, thank you for your feedback, and my apologies if my comments were interpreted negatively. It was not my intent to offend. As a practical matter, I would prefer to see that information featured prominently in the documentation, rather than strongly encouraging people to rely on packag

Re: UPDATE: print/epdfview 0.1.7

On Mon, Mar 30, 2009 at 3:53 AM, Edd Barrett wrote: > Hi, > > On Mon, Mar 30, 2009 at 12:26:01AM -0400, Brynet wrote: >> >> Note; I don't use the cups flavour, can someone look at that for me? >> > > A good starting point is to run: > "env FLAVOR=cups make port-lib-depends-check" Hey, I did that,

Re: thttpd blocks 'GET //bla HTTP/1.0'

I think you want to take this up with the thttpd developers. My personal opinion is that you should fix the client that's broken, not the server that does what it's told. //art x writes: > To reproduce the problem, have a thttpd on port 12345 and compare > ftp http://localhost:12345/index.ht

thttpd blocks 'GET //bla HTTP/1.0'

To reproduce the problem, have a thttpd on port 12345 and compare ftp http://localhost:12345/index.html with ftp http://localhost:12345//index.html The behaviour differs from httpd(8), and some clients trip over it. $ cat ports/www/thttpd/patches/patch-libthttpd_c --- libhttpd.c.orig Mon

NEW: security/fcrackzip

Fcrackzip is a free, fast and featureful ZIP password cracker, written in portable C (and optional x86 assembly). It allows the user to recover forgotten ZIP archive passwords, using either a brute force or dictionary attack on the provided files. Homepage - http://home.schmorp.de/marc/fcrackzip.h

net/iodine 0.5.1

Hi, this patch updates iodine to the latest version 0.5.1 Changelog: http://code.kryo.se/iodine/CHANGELOG.html Builds and passes regression tests on amd64, though I didn't test it there. I have a non ports version of 0.5.1 iodined running on sparc64 without problems so far. Please test and com

Re: security support

On 2009/03/29 14:45, dt...@drizzle.com wrote: > >> My advice to you would be to just follow -STABLE. > > So, it follows that your advice would be to not be really concerned > about security? no, just choose the software you run carefully. something which keeps having security problems fixed cert