Sat, 25 Apr 2009

11:28 PM - New Samba 3.3 port

mports/net/samba33 is a new Samba 3.3 port.  It is under the GPLv3.  The previous port will stay for some time. (samba3)  We have no plans to port 3.2.

mports/net/smbldap-tools will aid users wishing to use ldap with the new samba 3.3.

We also updated cups to correct a security vulnerability today. 

tags: mports samba cups security new

()

Wed, 29 Jul 2009

11:40 AM - BIND security update

For the few people using MidnightBSD as a server platform instead of a desktop, there is a security update available for named(8).  A denial of service attack is possible against BIND using dynamic update packets.  It causes named to exit. 

tags: named bind security

()

Fri, 16 Oct 2009

9:04 AM - mports status

 I've spent the last week getting the mports tree back in order.  We let a number of ports get stale while working on other projects.  It's time to get caught up.  

These results are poor, but roughly 100 ports now work that did not before.  We had some X.org dependancies fail; I checked in the corrections for those ports.  A new run was just started.  We should have the results in about two days.

Ports such as libdvdread, libtool, gtk, and browser 3 all had some tlc this week.  We're also updating PHP, Apache HTTPD, Lighttpd, and a few other web related ports.  Many perl ports have been updated, particularly database related.  Bind 9.5 was removed in favor of 9.6.  Some of these changes are not present in the results below.  

Ports we need to get updated or working:

virtualbox, firefox 3.5 unbranded, p5-DBD-Pg, remaining gnome ports (50% of 2.26 is in), KDE4, GNUstep (updates), Etoile, postgres (updates)

Here are the last results from Magus on AMD64 0.2.1-p10

tags: updates mports desktop security web

()

Thu, 17 Nov 2011

8:27 PM - BIND security

 If you're running BIND on MidnightBSD 0.3 or lower, I strongly recommend switching to the mports version. There are a few security issues with the base system bind.

I've patched it tonight in 0.4-CURRENT, but it's not fun to backport.  

Also, our resolver has been patched to allow underscores in names.

tags: bind named security

()