head 1.44;
access;
symbols
pkgsrc-2026Q1:1.42.0.2
pkgsrc-2026Q1-base:1.42
pkgsrc-2025Q4:1.38.0.2
pkgsrc-2025Q4-base:1.38
pkgsrc-2025Q3:1.34.0.2
pkgsrc-2025Q3-base:1.34
pkgsrc-2025Q2:1.32.0.2
pkgsrc-2025Q2-base:1.32
pkgsrc-2025Q1:1.30.0.2
pkgsrc-2025Q1-base:1.30
pkgsrc-2024Q4:1.28.0.4
pkgsrc-2024Q4-base:1.28
pkgsrc-2024Q3:1.28.0.2
pkgsrc-2024Q3-base:1.28
pkgsrc-2024Q2:1.25.0.2
pkgsrc-2024Q2-base:1.25
pkgsrc-2024Q1:1.21.0.2
pkgsrc-2024Q1-base:1.21
pkgsrc-2023Q4:1.18.0.2
pkgsrc-2023Q4-base:1.18
pkgsrc-2023Q3:1.12.0.2
pkgsrc-2023Q3-base:1.12
pkgsrc-2023Q2:1.5.0.2
pkgsrc-2023Q2-base:1.5
pkgsrc-2023Q1:1.1.0.2
pkgsrc-2023Q1-base:1.1;
locks; strict;
comment @# @;
1.44
date 2026.05.07.18.50.05; author bsiegert; state Exp;
branches;
next 1.43;
commitid MMrI2EXGAt3HJUEG;
1.43
date 2026.04.08.05.45.07; author bsiegert; state Exp;
branches;
next 1.42;
commitid FFJx9trbRMg7k7BG;
1.42
date 2026.03.06.21.08.01; author bsiegert; state Exp;
branches
1.42.2.1;
next 1.41;
commitid AQtIeR1eh5qvuXwG;
1.41
date 2026.02.24.08.45.36; author bsiegert; state Exp;
branches;
next 1.40;
commitid IrpU9bGVDwSIHBvG;
1.40
date 2026.01.15.19.54.53; author bsiegert; state Exp;
branches;
next 1.39;
commitid Zuo9UmMrkrU4HwqG;
1.39
date 2026.01.07.19.54.24; author leot; state Exp;
branches;
next 1.38;
commitid LYWAqdirvJsRWupG;
1.38
date 2025.12.12.10.36.55; author leot; state Exp;
branches;
next 1.37;
commitid XQLOaeUXIEwxH6mG;
1.37
date 2025.12.02.19.25.19; author bsiegert; state Exp;
branches;
next 1.36;
commitid 269raRGxaHJBWRkG;
1.36
date 2025.10.16.17.59.59; author bsiegert; state Exp;
branches;
next 1.35;
commitid RAGpkHmyeYCUYOeG;
1.35
date 2025.10.08.06.54.35; author bsiegert; state Exp;
branches;
next 1.34;
commitid 5p46uH9RJXSFyJdG;
1.34
date 2025.09.06.13.17.08; author bsiegert; state Exp;
branches;
next 1.33;
commitid cojusOdnRBFGHE9G;
1.33
date 2025.08.31.10.00.39; author leot; state Exp;
branches;
next 1.32;
commitid sJqRAGMW5qGlOR8G;
1.32
date 2025.06.06.14.01.36; author bsiegert; state Exp;
branches;
next 1.31;
commitid JbNcx43ItkrmUPXF;
1.31
date 2025.04.05.18.51.25; author bsiegert; state Exp;
branches;
next 1.30;
commitid 5KX0APffNjdlvTPF;
1.30
date 2025.03.07.20.54.28; author bsiegert; state Exp;
branches
1.30.2.1;
next 1.29;
commitid rfTPfnLphAPl7bMF;
1.29
date 2025.03.02.19.02.20; author leot; state Exp;
branches;
next 1.28;
commitid 44D2s44647hTEwLF;
1.28
date 2024.09.06.18.48.55; author bsiegert; state Exp;
branches;
next 1.27;
commitid sM1YPLxu37gUgMoF;
1.27
date 2024.08.11.15.57.09; author bsiegert; state Exp;
branches;
next 1.26;
commitid Q02ZqKpOSdvP9qlF;
1.26
date 2024.07.03.06.59.30; author bsiegert; state Exp;
branches;
next 1.25;
commitid clKUvbmZS6C5rmgF;
1.25
date 2024.06.13.13.47.07; author bsiegert; state Exp;
branches;
next 1.24;
commitid JAoDOmAvI7TNkPdF;
1.24
date 2024.06.01.14.03.00; author bsiegert; state Exp;
branches;
next 1.23;
commitid ffwNZJIDPPV5OhcF;
1.23
date 2024.05.27.20.34.03; author leot; state Exp;
branches;
next 1.22;
commitid kJje9f5qeqKm8GbF;
1.22
date 2024.04.05.19.14.08; author bsiegert; state Exp;
branches;
next 1.21;
commitid eg3d1kDRSryvmZ4F;
1.21
date 2024.03.24.20.44.59; author leot; state Exp;
branches;
next 1.20;
commitid iJo0lQnXMLlEfs3F;
1.20
date 2024.02.07.14.50.58; author bsiegert; state Exp;
branches;
next 1.19;
commitid 7gDVHFycBNsGLvXE;
1.19
date 2024.01.10.19.14.38; author bsiegert; state Exp;
branches;
next 1.18;
commitid UV9PAPQbNGpZ7WTE;
1.18
date 2023.12.23.20.14.46; author bsiegert; state Exp;
branches;
next 1.17;
commitid pE4Q1iPo8A1s1DRE;
1.17
date 2023.12.05.19.46.14; author bsiegert; state Exp;
branches;
next 1.16;
commitid U47ig27ZDVHCsjPE;
1.16
date 2023.11.10.15.45.19; author bsiegert; state Exp;
branches;
next 1.15;
commitid o3oFzjmXZZyOV4ME;
1.15
date 2023.10.30.21.11.21; author leot; state Exp;
branches;
next 1.14;
commitid IAqKTAOBfMn15HKE;
1.14
date 2023.10.29.14.48.19; author bsiegert; state Exp;
branches;
next 1.13;
commitid jWdavz5Nyqs70xKE;
1.13
date 2023.10.15.12.04.30; author bsiegert; state Exp;
branches;
next 1.12;
commitid ty8v2zrF0XsQxIIE;
1.12
date 2023.09.17.12.12.58; author leot; state Exp;
branches
1.12.2.1;
next 1.11;
commitid uMZ6YZtckfCGu7FE;
1.11
date 2023.09.08.19.06.10; author bsiegert; state Exp;
branches;
next 1.10;
commitid c6lIkxn2TQcc40EE;
1.10
date 2023.08.26.16.31.36; author bsiegert; state Exp;
branches;
next 1.9;
commitid g2P4Ffplg5e8DjCE;
1.9
date 2023.07.23.16.06.48; author leot; state Exp;
branches;
next 1.8;
commitid A7B5q0u4xYprAWxE;
1.8
date 2023.07.23.16.04.48; author leot; state Exp;
branches;
next 1.7;
commitid kRjOwJp3iQLEzWxE;
1.7
date 2023.07.23.16.02.22; author leot; state Exp;
branches;
next 1.6;
commitid 4W2fzN8YpyhOyWxE;
1.6
date 2023.07.15.10.53.05; author bsiegert; state Exp;
branches;
next 1.5;
commitid AvpTGe7iqymJ6TwE;
1.5
date 2023.05.05.19.37.36; author bsiegert; state Exp;
branches;
next 1.4;
commitid QnXJTC5u3Ar9iOnE;
1.4
date 2023.04.24.13.33.10; author leot; state Exp;
branches;
next 1.3;
commitid 8J9k2DyrmYgbDmmE;
1.3
date 2023.04.05.20.47.51; author bsiegert; state Exp;
branches;
next 1.2;
commitid otfbJh3QwD1ZDXjE;
1.2
date 2023.04.04.13.25.23; author leot; state Exp;
branches;
next 1.1;
commitid 9SJDG2PqgXDkeNjE;
1.1
date 2023.03.19.11.22.34; author leot; state Exp;
branches;
next ;
commitid IqTEnLuOiBh94JhE;
1.42.2.1
date 2026.04.22.14.32.13; author maya; state Exp;
branches;
next ;
commitid iDHLLUhOplH6NXCG;
1.30.2.1
date 2025.04.05.20.45.10; author maya; state Exp;
branches;
next ;
commitid ts1uPa8RLrwE7UPF;
1.12.2.1
date 2023.10.22.18.44.17; author spz; state Exp;
branches;
next 1.12.2.2;
commitid F5xCMl0v6Vo6xEJE;
1.12.2.2
date 2023.12.06.12.08.50; author spz; state Exp;
branches;
next ;
commitid fLEciuttqVQKToPE;
desc
@@
1.44
log
@Revbump all Go packages after go126 security update
@
text
@# $NetBSD: Makefile,v 1.43 2026/04/08 05:45:07 bsiegert Exp $
DISTNAME= nuclei-3.6.2
PKGREVISION= 5
CATEGORIES= security
MASTER_SITES= ${MASTER_SITE_GITHUB:=projectdiscovery/}
GITHUB_TAG= v${PKGVERSION_NOREV}
MAINTAINER= leot@@NetBSD.org
HOMEPAGE= https://nuclei.projectdiscovery.io/
COMMENT= Fast and customizable vulnerability scanner
LICENSE= mit
GO_BUILD_PATTERN+= ./cmd/nuclei
.include "go-modules.mk"
.include "../../lang/go/go-module.mk"
.include "../../mk/bsd.pkg.mk"
@
1.43
log
@Revbump all Go packages after security update
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.42 2026/03/06 21:08:01 bsiegert Exp $
d4 1
a4 1
PKGREVISION= 4
@
1.42
log
@Revbump all Go packages after go126 update
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.41 2026/02/24 08:45:36 bsiegert Exp $
d4 1
a4 1
PKGREVISION= 3
@
1.42.2.1
log
@Revbump all Go packages after go126 security fix
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.42 2026/03/06 21:08:01 bsiegert Exp $
d4 1
a4 1
PKGREVISION= 4
@
1.41
log
@Revbump all Go packages after default version bump
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.40 2026/01/15 19:54:53 bsiegert Exp $
d4 1
a4 1
PKGREVISION= 2
@
1.40
log
@Revbump all Go packages after go125 update
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.39 2026/01/07 19:54:24 leot Exp $
d4 1
a4 1
PKGREVISION= 1
@
1.39
log
@nuclei: Update to 3.6.2
Changes:
v3.6.2
* Enabled TLS session caching in the client pool to improve connection
reuse and reduce handshake overhead (internal)
* Added support for providing a custom Jira server URL (`site-url`)
when using OAuth authentication
* Bug fixes
* Performance improvements
v3.6.1
* Bug fixes
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.38 2025/12/12 10:36:55 leot Exp $
d4 1
@
1.38
log
@nuclei: Update to 3.6.0
Changes:
v3.6.0
- Write resume file specified by flag
- Javascript Multi-Port Support
- Direct fuzzing using target URL for OpenAPI/Swagger
- Bump DSL with .NET deserialization helpers
- Implement persistent metadata cache in loader
- Check for undefined params for lazy evaluation in variables
- Bug fixes
v3.5.1
* Remove genproto replace directives from go.mod
v3.5.0
* Adding json + xpath headless extractors
* Adding VNC auth
* Feat(templating): add vars templating into yaml inputs (ytt)
* Feat: added new text/template syntax to jira custom fields
* Feat(fuzz): enhance `MultiPartForm` with metadata APIs
* Feat: http(s) probing optimization
* Add option to control number of concurrent templates loaded on startup
* CheckRDPEncryption function
* SSH keyboard-interactive
* Feat(templates): add file metadata fields to `parsedTemplate`
* Add env variable for nuclei templates dir
* Adding support for execution in docker
* Bug fixes
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.37 2025/12/02 19:25:19 bsiegert Exp $
d3 1
a3 1
DISTNAME= nuclei-3.6.0
@
1.37
log
@Revbump all Go packages after go125 update
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.36 2025/10/16 17:59:59 bsiegert Exp $
d3 1
a3 2
DISTNAME= nuclei-3.4.10
PKGREVISION= 4
@
1.36
log
@Revbump all Go packages after go125 update
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.35 2025/10/08 06:54:35 bsiegert Exp $
d4 1
a4 1
PKGREVISION= 3
@
1.35
log
@Revbump all Go packages after go125 update
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.34 2025/09/06 13:17:08 bsiegert Exp $
d4 1
a4 1
PKGREVISION= 2
@
1.34
log
@Revbump all Go packages after go125 security update
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.33 2025/08/31 10:00:39 leot Exp $
d4 1
a4 1
PKGREVISION= 1
@
1.33
log
@nuclei: Update to 3.4.10
Changes:
v3.4.10
* fix: segfault in template caching logic
v3.4.9
* feat: fixed output event for skipped hosts
v3.4.8
- Remove singletons from Nuclei engine (continuation of 6210)
- Bug fixes and improvements
v3.4.7
* Fixed issue with go install
v3.4.6
* Fixed context leak in flow
v3.4.5
* Bug fixes
v3.4.4
* Bug fixes
v3.4.3
* Bug fixes
v3.4.2
* Added bearer support to Jira reporting for self-hosted environments
v3.4.1
* Updated Docker image templates to fix release issues
v3.4.0
* Added support for AWS_PROFILE in S3 loadConfig using ~/.aws/credentials
v3.3.10
* added support to generate CPU & PGO profiles
* added escape code blocks for markdown formatting
* bug fixes
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.32 2025/06/06 14:01:36 bsiegert Exp $
d4 1
@
1.32
log
@Revbump all Go packages after go124 update
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.31 2025/04/05 18:51:25 bsiegert Exp $
d3 1
a3 2
DISTNAME= nuclei-3.3.9
PKGREVISION= 3
@
1.31
log
@Belated revbump for all Go packages after go124 update
I forgot to do the revbump again, sorry for doing it so late after the
update.
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.30 2025/03/07 20:54:28 bsiegert Exp $
d4 1
a4 1
PKGREVISION= 2
@
1.30
log
@Revbump all Go packages after go124 update
I realize I forgot to do the revbump after updating the default Go
version to 1.24, so let's do that now.
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.29 2025/03/02 19:02:20 leot Exp $
d4 1
a4 1
PKGREVISION= 1
@
1.30.2.1
log
@Pulup ticket #6952 - Update PKGREVISION for all Go packages.
Go had a security update to one of the builtin libraries.
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.30 2025/03/07 20:54:28 bsiegert Exp $
d4 1
a4 1
PKGREVISION= 2
@
1.29
log
@nuclei: Update to 3.3.9
Changes:
v3.3.9
* Added `-ai` option to generate and run nuclei templates on the fly in
natural langauge
* Added initial Live DAST Server API implementation (experimental)
* Added support for DSL expression evaluation in headless args
* Bug fixes
v3.3.8
* Bug fixes
v3.3.7
* Added `OS_MAX_THREADS_ENV` environment variable to control the
maximum number of OS threads the Go program can utilize
* Added `-enable-global-matchers`option to control the execution of
global matchers
* Bug fixes
v3.3.6
* (Breaking change) The `-enable-self-contained` or `-esc` flag is now
required to load self-contained templates.
* (Breaking change) The `-file` flag must be used to enable loading
file templates.
* Added analyzer support and time based delay analyzer for DAST mode
* Added batch output support for JSONL output format
* Added ENV variable handling in dynamic secret file
* Bug fixes
v3.3.5
* Added support for global matchers / extractors in http templates
* Added support for MongoDB for results reporting
* Added support for `stop-at-first-match` in network templates
* Bug fixes
v3.3.4
* Fixed (hopefully) skipping target list as found unresponsive erroneously
v3.3.3
* Added linear issue tracker support
* Added support for additional headless lifecycle events
* Bug fixes
v3.3.2
* Fixed security issue in template `signer` package
* Added `ActionWaitDialog` type in headless protocol to simplify XSS detection
v3.3.1
* Added `team-id` option to upload results to specific team workspace
* Added redaction support in output file
* Added support for multiple auth strategies per target from secret file
* Added support to generate matcher-status event for javascript protocol
* Added `skip-secret-file` template attribute to disable auth per template
* Bug fixes
v3.3.0
* Bug fixes
v3.2.9
* Fuzzing feature enhancements
- Added `part: request` to fuzz all the keys in request with fuzzing
templates.
- Added `-fuzz-aggression` CLI option to control fuzz aggression via
template.
- Added `-fuzz-param-frequency` option to control counter for skipping
uninteresting parameter.
- Added `-display-fuzz-points` option to display fuzzing points
(for debugging).
* PDCP Team ID input support via environment variable to upload results into
team account
* Bug fixes
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.28 2024/09/06 18:48:55 bsiegert Exp $
d4 1
@
1.28
log
@Revbump all Go packages after go122 update
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.27 2024/08/11 15:57:09 bsiegert Exp $
d3 1
a3 2
DISTNAME= nuclei-3.2.8
PKGREVISION= 5
@
1.27
log
@Revbump all Go packages after update
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.26 2024/07/03 06:59:30 bsiegert Exp $
d4 1
a4 1
PKGREVISION= 4
@
1.26
log
@Revbump all Go packages after go122 security update
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.25 2024/06/13 13:47:07 bsiegert Exp $
d4 1
a4 1
PKGREVISION= 3
@
1.25
log
@Revbump all Go packages after go122 update
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.24 2024/06/01 14:03:00 bsiegert Exp $
d4 1
a4 1
PKGREVISION= 2
@
1.24
log
@Revbump all Go packages, default Go version is now 1.22.
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.23 2024/05/27 20:34:03 leot Exp $
d4 1
a4 1
PKGREVISION= 1
@
1.23
log
@nuclei: Update to 3.2.8
Changes:
v3.2.8
- Bug Fixes
v3.2.7
- Added support for multiple search query in templates to run with
`-uncover` option
- Added `-scan-name` input support for pdcp result upload
- Bug Fixes
v3.2.6
- Fixed goroutine leaks causing spike in memory uses
- Added `-profile` and `-profile-list` option to run template using
template profile
- Added template tags list (`-tgl`) option
- Added fuzzing output enhancements
v3.2.5
- Added query variable to read param values
- Added SRV query in dns protocol
- Added response read timeout flag for network request
- Added networkpolicy to httpx probes
- Added context vars in code and multi protocol
- Added nuclei stats / chart utils
- Added support for context cancellation to engine (SDK)
- Added support for user provided catalog (SDK)
- Added embedded api for settings control in CLI modality (WIP)
- Added initial refactor for speed control (WIP)
- Bug fixes
v3.2.4
- Fixed an issue for templates with dynamic extractor + payloads edgecase
- Bug fixes
v3.2.3
- Added `-dast` option to run all and only dast (fuzz) templates
- Added `pre-condition` attribute in Code and DAST templates
- Bug fixes
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.22 2024/04/05 19:14:08 bsiegert Exp $
d4 1
@
1.22
log
@Revbump all Go packages after go121 update
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.21 2024/03/24 20:44:59 leot Exp $
d3 1
a3 2
DISTNAME= nuclei-3.2.2
PKGREVISION= 1
@
1.21
log
@nuclei: Update to 3.2.2
Changes:
v3.2.2
## What's Changed
* Fixed `panic: assignment to entry in nil map` and create default map
v3.2.1
## What's Changed
* Added memguardian + various optimizations
* Fixed overriding the predefined ratelimiter
* Fixed issue with javascript protocol
* Updated templates loader/parser caches (refactor)
v3.2.0
## What's Changed
### New Features
* Added fuzzing support in http protocol
* Added authenticated scaning support
* Added `-fuzz` option for loading fuzzing templates
* Added Gitea reporting
* Added transparent memoization via func annotation
* Added issue tracker JSONL output + CLI summary
* Added `self-contained` request at http request level
* Added `-payload-concurrency` option
* Added `disable-unsigned-templates` option
* Added ldap protocol enhancements
### Bug Fixes
* Fixed issue to purge cache on global callback set
* Fixed network layer should not have forceful read
* Fixed workflow to publish docs
* Fixed `stop-at-first-match` issue in http protocol
* Fixed header nil check
* Fixed issue to use maxsize in template
* Fixed issue to validate code template in workflows
* Fixed issue with temp file cleanup
* Fixed issue with nuclei loading ignored templates
* Fixed multiple bugs
### Other Changes
* Added more granular, issue tracker level filtering
* Added callback support to StandardWriter
* switched dependency for kerberos js module (ropnop/gorkb5 -> jcmturner/gokrb5)
* use system resolver first with system-resolvers
* javascript bindings + docs generation enhancements
v3.1.10
## What's Changed
* Fixed concurrent map writes in tmplexec package
* Added more `NetworkConfig` options to the SDK
v3.1.9
## What's Changed
* Added hybrid tech detection (wappalyzer + tech templates) with automatic scan (`-as`)
* Added projectdiscovery/useragent
* Added passive option support in SDK
* Fixed issue with long running scans at the end of scan
* Fixed issue in javascript protocol with connection pooling
v3.1.8
## What's Changed
* Fixed multiple memory leaks and optimizations
* Fixed issue with not resolving hosts from `/etc/hosts` file
* Fixed issue of array iteration in flow
* Fixed panic in smb javascript template
* Fixed an issue with case sensitive dns interaction with interactsh
* Fixed issue with reporting with optional support of `-or` option
* Fixed issue with mysql module in JavaScript
v3.1.7
## What's Changed
* Added support to upload result to existing pdpc scan using `-scan-id` option
* Fixed issue with pdcp result upload with large output file
* Fixed issue with pdcp result upload when using with env variable
v3.1.6
## What's Changed
* Added `GetServiceTicket` method to the kerberos module
* Added `GetKerberoastableUsers` method in ldap module
* Added support to dump resume files when a runner hangs
* Fixed multiple memory leaks + optimizations
* Fixed timeout issue + added custom timeout support in js protocol
* Fixed variables merge order in code templates
* Fixed issue with dynamic extractors in flow
* Fixed panic in interactsh process interaction ( nil check on compiled operators)
* Fixed panic error + support offlinehttp in flow templates
v3.1.5
## What's Changed
### Other Changes
* Fixed a bug introduced in previous version
v3.1.4
## What's Changed
### New Features
* Added `self-contained` input support to fuzzing templates
* Added support to include additional custom tags with `-as` option
* Added internal matchers (to hide match results in flow) using `internal: true`
* Added exclude list support to layer 4 via fastdialer
### Bug Fixes
* Fixed issue with dynamic extracted variable to make it reusable
* Fixed early exit issue for non zero status code in code protocol
* Fixed missing results issue in flow based template
### Other Changes
* deprecate(remove): file write in extractor using `to` attribute for security
reasons
* Using network policy everywhere
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.20 2024/02/07 14:50:58 bsiegert Exp $
d4 1
@
1.20
log
@Revbump all Go packages after go121 update
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.19 2024/01/10 19:14:38 bsiegert Exp $
d3 1
a3 2
DISTNAME= nuclei-3.1.3
PKGREVISION= 2
@
1.19
log
@Revbump all Go packages after go121 update
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.18 2023/12/23 20:14:46 bsiegert Exp $
d4 1
a4 1
PKGREVISION= 1
@
1.18
log
@nuclei: update to 3.1.3 (security)
This fixes the following vulnerability:
Vulnerability #1: GO-2023-2402
Man-in-the-middle attacker can compromise integrity of secure channel in
golang.org/x/crypto
More info: https://pkg.go.dev/vuln/GO-2023-2402
Module: golang.org/x/crypto
Found in: golang.org/x/crypto@@v0.14.0
Fixed in: golang.org/x/crypto@@v0.17.0
v3.1.3
- Added email support to SMTP client in javascript protocol
- Added Interface in Networkconfig (SDK)
v3.1.2
Fixed bug with network protocol: revert full buffer size read
v3.1.1
- Added support for arbitrary string input for TLS SNI annotation
- Fixed panic + refactor headless waitevent action
- Fixed wait time + added timeout for ssh connection
- Fixed issue with headless result upload
v3.1.0
- Added support to upload / view results into PDCP Dashboard
- Added support to exclude target from scan input list
- Added support for multiple ports in network template
- Added port, scheme and url field in json(l) output
- Added support to execute commands via ssh client in javascript protocol
- Added support to set dialer timeout
- Added connection reset by peer to include error used for host exclusion
- Added support to include failed matches for errored hosts with -ms option
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.17 2023/12/05 19:46:14 bsiegert Exp $
d4 1
@
1.17
log
@Revbump all Go packages after go121 update
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.16 2023/11/10 15:45:19 bsiegert Exp $
d3 1
a3 2
DISTNAME= nuclei-3.0.2
PKGREVISION= 2
@
1.16
log
@Revbump all Go packages after go121 update
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.15 2023/10/30 21:11:21 leot Exp $
d4 1
a4 1
PKGREVISION= 1
@
1.15
log
@nuclei: Update to 3.0.2
pkgsrc changes:
- (not documented or enforced in any way but...) nuclei since 3.0.0 now
needs Go 1.21.x
- No longer adjust WRKSRC: no longer needed, now default value is fine
Changes:
v3.0.2
## What's Changed
### Other Changes
* Fixed relative path issue for template loading
v3.0.1
## What's Changed
### Bug Fixes
* Fixed issues with template preprocessor + multi request variables indexing
v3.0.0
Nuclei v3 is now live and kicking!
We're excited to announce a variety of new features, enhancements, and
bug fixes for seamless vulnerability identification!
- For an in-depth understanding and details of the new elements, visit our v3 release blog:
.
- Looking to get started with these features? Our Nuclei Docs:
will guide you
through everything you need to know.
## What's Changed
### New Features
* Added support for code templates
* Added support for template signing + verification
* Added support for multi protocol execution
* Added support for template flow control in template (i.e javascript scripting)
* Added support for javascript protocol for scripting (includes 15+ protocol
libs)
* Added support for abstracted SDK to use nuclei as library
### Bug Fixes
* Fixed issue with `-fh2` option to make http2 connection request
* Added support to avoid duplicate issue creation in GitHub reporting
* Added support to avoid duplicate issue creation in GitLab reporting
### Maintenance
* Added support to use OS specific default config location
### Other Changes
* Added header fuzzing support in http templates (WIP)
* Added examples in help menu
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.13 2023/10/15 12:04:30 bsiegert Exp $
d4 1
@
1.14
log
@Revbump all Go packages because go121 is now the default
@
text
@d3 1
a3 2
DISTNAME= nuclei-2.9.15
PKGREVISION= 2
a14 2
WRKSRC= ${WRKDIR}/${DISTNAME}/v2
@
1.13
log
@Revbump all Go packages after go120 security update
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.12 2023/09/17 12:12:58 leot Exp $
d4 1
a4 1
PKGREVISION= 1
@
1.12
log
@nuclei: Update to 2.9.15
Changes:
v2.9.15
* Bug fixes
v2.9.14
* Added `impact` field under template information block
v2.9.13
* Added support to run public / shared template from templates.nuclei.sh with `-t` option
* Added `xpath` as new matcher type
* Added file read restriction in headless protocol similar to other protocols
v2.9.12
* Bug fixes
v2.9.11
* Added request/response in JSONL output for failed match with `-ms` option
v2.9.10
* Added markdown export sorting options via env variable
* Added headless options input
* Added wildcard filter for `-id` option
* Added path/query automerge and other improvements in headless protocol
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.11 2023/09/08 19:06:10 bsiegert Exp $
d4 1
@
1.12.2.1
log
@Pullup ticket #6812 - requested by bsiegert
lang/go120: security update
lang/go: version info update
audio/gospt: RevBump
audio/ymuse: RevBump
chat/coyim: RevBump
chat/gomuks: RevBump
chat/matterircd: RevBump
chat/senpai: RevBump
chat/ssh-chat: RevBump
databases/go-ldap: RevBump
databases/influxdb: RevBump
databases/mongo-tools: RevBump
databases/mysqld_exporter: RevBump
databases/postgres_exporter: RevBump
databases/prometheus: RevBump
databases/promscale: RevBump
databases/sqlc: RevBump
databases/timescaledb-tune: RevBump
devel/asmfmt: RevBump
devel/conftest: RevBump
devel/errcheck: RevBump
devel/fq: RevBump
devel/git-lfs: RevBump
devel/go-ed25519: RevBump
devel/go-gocode: RevBump
devel/go-golang-lru: RevBump
devel/go-gopkgs: RevBump
devel/go-goptlib: RevBump
devel/go-goreturns: RevBump
devel/go-gox: RevBump
devel/go-impl: RevBump
devel/go-logrus: RevBump
devel/go-nbreader: RevBump
devel/go-pty: RevBump
devel/go-review: RevBump
devel/go-siphash: RevBump
devel/go-staticcheck: RevBump
devel/go-swagger: RevBump
devel/go-sys: RevBump
devel/go-tools: RevBump
devel/go-wire: RevBump
devel/go-xerrors: RevBump
devel/golangci-lint: RevBump
devel/golint: RevBump
devel/gomodifytags: RevBump
devel/gopls: RevBump
devel/goredo: RevBump
devel/gotags: RevBump
devel/gotests: RevBump
devel/govulncheck: RevBump
devel/lazygit: RevBump
devel/mob: RevBump
devel/nancy: RevBump
devel/opa: RevBump
devel/packr: RevBump
devel/reftools: RevBump
devel/regal: RevBump
devel/revive: RevBump
devel/shfmt: RevBump
devel/syft: RevBump
editors/micro: RevBump
filesystems/kubo: RevBump
graphics/gif2png: RevBump
lang/joker: RevBump
mail/opensmtpd-filter-rspamd: RevBump
mail/opensmtpd-filter-senderscore: RevBump
mail/postforward: RevBump
meta-pkgs/bulk-test-essential: RevBump
misc/exercism: RevBump
net/amazon-ecs-cli: RevBump
net/amfora: RevBump
net/bombadillo: RevBump
net/croc: RevBump
net/czds: RevBump
net/dnscontrol: RevBump
net/dnscrypt-proxy2: RevBump
net/gh: RevBump
net/go-dnstap: RevBump
net/go-net: RevBump
net/go-websocket: RevBump
net/gunison: RevBump
net/gvproxy: RevBump
net/hub: RevBump
net/ipget: RevBump
net/kubectl: RevBump
net/libquic: RevBump
net/mangos: RevBump
net/nats-server: RevBump
net/obfs4proxy: RevBump
net/rclone: RevBump
net/stern: RevBump
net/syncthing: RevBump
net/terraform-provider-archive: RevBump
net/terraform-provider-aws: RevBump
net/terraform-provider-kubernetes: RevBump
net/terraform-provider-local: RevBump
net/terraform-provider-null: RevBump
net/terraform-provider-random: RevBump
net/terraform-provider-template: RevBump
net/terraform-provider-vultr: RevBump
net/terraform: RevBump
net/tut: RevBump
net/vultr-cli: RevBump
pkgtools/pkglint: RevBump
security/2fa: RevBump
security/age: RevBump
security/amass: RevBump
security/authelia: RevBump
security/cfssl: RevBump
security/dnsx: RevBump
security/go-asn1-ber: RevBump
security/go-crypto: RevBump
security/go-getpass: RevBump
security/go-mkcert: RevBump
security/gopass: RevBump
security/httpx: RevBump
security/nuclei: RevBump
security/oauth2c: RevBump
security/osv-scanner: RevBump
security/subfinder: RevBump
security/tlsx: RevBump
security/trufflehog: RevBump
security/vault: RevBump
shells/elvish: RevBump
shells/oh-my-posh: RevBump
sysutils/beats: RevBump
sysutils/consul: RevBump
sysutils/direnv: RevBump
sysutils/fzf: RevBump
sysutils/goreman: RevBump
sysutils/lf: RevBump
sysutils/node_exporter: RevBump
sysutils/packer: RevBump
sysutils/podman: RevBump
sysutils/restic: RevBump
sysutils/vultr: RevBump
textproc/glow: RevBump
textproc/go-kr-text: RevBump
textproc/go-md2man: RevBump
textproc/go-mmark: RevBump
textproc/go-text: RevBump
textproc/miller: RevBump
textproc/sift: RevBump
www/apisprout: RevBump
www/caddy: RevBump
www/gitea: RevBump
www/go-ffuf: RevBump
www/go-minify: RevBump
www/gotosocial: RevBump
www/grafana: RevBump
www/hugo: RevBump
www/jira-cli: RevBump
www/mycorrhiza: RevBump
www/pup: RevBump
www/restish: RevBump
www/shoutrrr: RevBump
Revisions pulled up:
- lang/go/version.mk 1.190,1.192
- lang/go120/PLIST 1.9
- lang/go120/distinfo 1.10-1.11
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: bsiegert
Date: Sat Oct 7 18:09:35 UTC 2023
Modified Files:
pkgsrc/lang/go: version.mk
pkgsrc/lang/go120: PLIST distinfo
Log Message:
go120: update to 1.20.9 (security).
cmd/go: line directives allows arbitrary execution during build
"//line" directives can be used to bypass the restrictions on "//go:cgo_"
directives, allowing blocked linker and compiler flags to be passed during
compliation. This can result in unexpected execution of arbitrary code when
running "go build". The line directive requires the absolute path of the file in
which the directive lives, which makes exploting this issue significantly more
complex.
This is CVE-2023-39323 and Go issue https://go.dev/issue/63211.
View the release notes for more information:
https://go.dev/doc/devel/release#go1.20.9
To generate a diff of this commit:
cvs rdiff -u -r1.189 -r1.190 pkgsrc/lang/go/version.mk
cvs rdiff -u -r1.8 -r1.9 pkgsrc/lang/go120/PLIST
cvs rdiff -u -r1.9 -r1.10 pkgsrc/lang/go120/distinfo
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: bsiegert
Date: Sun Oct 15 11:02:08 UTC 2023
Modified Files:
pkgsrc/lang/go: version.mk
pkgsrc/lang/go120: distinfo
Log Message:
go120: update to 1.20.10 (security)
net/http: rapid stream resets can cause excessive work
A malicious HTTP/2 client which rapidly creates requests and
immediately resets them can cause excessive server resource consumption.
While the total number of requests is bounded to the
http2.Server.MaxConcurrentStreams setting, resetting an in-progress
request allows the attacker to create a new request while the existing
one is still executing.
HTTP/2 servers now bound the number of simultaneously executing
handler goroutines to the stream concurrency limit. New requests
arriving when at the limit (which can only happen after the client
has reset an existing, in-flight request) will be queued until a
handler exits. If the request queue grows too large, the server
will terminate the connection.
This issue is also fixed in golang.org/x/net/http2 v0.17.0,
for users manually configuring HTTP/2.
The default stream concurrency limit is 250 streams (requests)
per HTTP/2 connection. This value may be adjusted using the
golang.org/x/net/http2 package; see the Server.MaxConcurrentStreams
setting and the ConfigureServer function.
This is CVE-2023-39325 and Go issue https://go.dev/issue/63417.
This is also tracked by CVE-2023-44487.
To generate a diff of this commit:
cvs rdiff -u -r1.191 -r1.192 pkgsrc/lang/go/version.mk
cvs rdiff -u -r1.10 -r1.11 pkgsrc/lang/go120/distinfo
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.12 2023/09/17 12:12:58 leot Exp $
a3 1
PKGREVISION= 1
@
1.12.2.2
log
@Pullup ticket #6822 - requested by bsiegert
lang/go120: security update
lang/go121: security update
lang/go: metadata update
audio/gospt: revision bump
audio/ymuse: revision bump
chat/coyim: revision bump
chat/gomuks: revision bump
chat/matterircd: revision bump
chat/senpai: revision bump
chat/ssh-chat: revision bump
databases/go-ldap: revision bump
databases/influxdb: revision bump
databases/mongo-tools: revision bump
databases/mysqld_exporter: revision bump
databases/postgres_exporter: revision bump
databases/prometheus: revision bump
databases/promscale: revision bump
databases/sqlc: revision bump
databases/timescaledb-tune: revision bump
devel/asmfmt: revision bump
devel/conftest: revision bump
devel/errcheck: revision bump
devel/fq: revision bump
devel/git-lfs: revision bump
devel/go-ed25519: revision bump
devel/go-gocode: revision bump
devel/go-golang-lru: revision bump
devel/go-gopkgs: revision bump
devel/go-goptlib: revision bump
devel/go-goreturns: revision bump
devel/go-gox: revision bump
devel/go-impl: revision bump
devel/go-logrus: revision bump
devel/go-nbreader: revision bump
devel/go-pty: revision bump
devel/go-review: revision bump
devel/go-siphash: revision bump
devel/go-staticcheck: revision bump
devel/go-swagger: revision bump
devel/go-sys: revision bump
devel/go-tools: revision bump
devel/go-wire: revision bump
devel/go-xerrors: revision bump
devel/golangci-lint: revision bump
devel/golint: revision bump
devel/gomodifytags: revision bump
devel/gopls: revision bump
devel/goredo: revision bump
devel/gotags: revision bump
devel/gotests: revision bump
devel/govulncheck: revision bump
devel/lazygit: revision bump
devel/mob: revision bump
devel/nancy: revision bump
devel/opa: revision bump
devel/packr: revision bump
devel/reftools: revision bump
devel/regal: revision bump
devel/revive: revision bump
devel/shfmt: revision bump
devel/syft: revision bump
editors/micro: revision bump
filesystems/kubo: revision bump
graphics/gif2png: revision bump
lang/joker: revision bump
mail/opensmtpd-filter-rspamd: revision bump
mail/opensmtpd-filter-senderscore: revision bump
mail/postforward: revision bump
misc/exercism: revision bump
net/amazon-ecs-cli: revision bump
net/amfora: revision bump
net/bombadillo: revision bump
net/croc: revision bump
net/czds: revision bump
net/dnscontrol: revision bump
net/dnscrypt-proxy2: revision bump
net/gh: revision bump
net/go-dnstap: revision bump
net/go-net: revision bump
net/go-websocket: revision bump
net/gunison: revision bump
net/gvproxy: revision bump
net/hub: revision bump
net/ipget: revision bump
net/kubectl: revision bump
net/libquic: revision bump
net/mangos: revision bump
net/nats-server: revision bump
net/obfs4proxy: revision bump
net/rclone: revision bump
net/stern: revision bump
net/syncthing: revision bump
net/terraform-provider-archive: revision bump
net/terraform-provider-aws: revision bump
net/terraform-provider-kubernetes: revision bump
net/terraform-provider-local: revision bump
net/terraform-provider-null: revision bump
net/terraform-provider-random: revision bump
net/terraform-provider-template: revision bump
net/terraform-provider-vultr: revision bump
net/terraform: revision bump
net/tut: revision bump
net/vultr-cli: revision bump
pkgtools/pkglint: revision bump
security/2fa: revision bump
security/age: revision bump
security/amass: revision bump
security/authelia: revision bump
security/cfssl: revision bump
security/dnsx: revision bump
security/go-asn1-ber: revision bump
security/go-crypto: revision bump
security/go-getpass: revision bump
security/go-mkcert: revision bump
security/gopass: revision bump
security/httpx: revision bump
security/nuclei: revision bump
security/oauth2c: revision bump
security/osv-scanner: revision bump
security/subfinder: revision bump
security/tlsx: revision bump
security/trufflehog: revision bump
security/vault: revision bump
shells/elvish: revision bump
shells/oh-my-posh: revision bump
sysutils/beats: revision bump
sysutils/consul: revision bump
sysutils/direnv: revision bump
sysutils/fzf: revision bump
sysutils/goreman: revision bump
sysutils/lf: revision bump
sysutils/node_exporter: revision bump
sysutils/packer: revision bump
sysutils/podman: revision bump
sysutils/restic: revision bump
sysutils/vultr: revision bump
textproc/glow: revision bump
textproc/go-kr-text: revision bump
textproc/go-md2man: revision bump
textproc/go-mmark: revision bump
textproc/go-text: revision bump
textproc/miller: revision bump
textproc/sift: revision bump
www/apisprout: revision bump
www/caddy: revision bump
www/gitea: revision bump
www/go-ffuf: revision bump
www/go-minify: revision bump
www/gotosocial: revision bump
www/grafana: revision bump
www/hugo: revision bump
www/jira-cli: revision bump
www/mycorrhiza: revision bump
www/pup: revision bump
www/restish: revision bump
www/shoutrrr: revision bump
Revisions pulled up:
- lang/go/version.mk 1.194
- lang/go120/PLIST 1.10
- lang/go120/distinfo 1.12
- lang/go121/PLIST 1.4
- lang/go121/distinfo 1.4
- audio/gospt/Makefile by patch
- audio/ymuse/Makefile by patch
- chat/coyim/Makefile by patch
- chat/gomuks/Makefile by patch
- chat/matterircd/Makefile by patch
- chat/senpai/Makefile by patch
- chat/ssh-chat/Makefile by patch
- databases/go-ldap/Makefile by patch
- databases/influxdb/Makefile by patch
- databases/mongo-tools/Makefile by patch
- databases/mysqld_exporter/Makefile by patch
- databases/postgres_exporter/Makefile by patch
- databases/prometheus/Makefile by patch
- databases/promscale/Makefile by patch
- databases/sqlc/Makefile by patch
- databases/timescaledb-tune/Makefile by patch
- devel/asmfmt/Makefile by patch
- devel/conftest/Makefile by patch
- devel/errcheck/Makefile by patch
- devel/fq/Makefile by patch
- devel/git-lfs/Makefile by patch
- devel/go-ed25519/Makefile by patch
- devel/go-gocode/Makefile by patch
- devel/go-golang-lru/Makefile by patch
- devel/go-gopkgs/Makefile by patch
- devel/go-goptlib/Makefile by patch
- devel/go-goreturns/Makefile by patch
- devel/go-gox/Makefile by patch
- devel/go-impl/Makefile by patch
- devel/go-logrus/Makefile by patch
- devel/go-nbreader/Makefile by patch
- devel/go-pty/Makefile by patch
- devel/go-review/Makefile by patch
- devel/go-siphash/Makefile by patch
- devel/go-staticcheck/Makefile by patch
- devel/go-swagger/Makefile by patch
- devel/go-sys/Makefile by patch
- devel/go-tools/Makefile by patch
- devel/go-wire/Makefile by patch
- devel/go-xerrors/Makefile by patch
- devel/golangci-lint/Makefile by patch
- devel/golint/Makefile by patch
- devel/gomodifytags/Makefile by patch
- devel/gopls/Makefile by patch
- devel/goredo/Makefile by patch
- devel/gotags/Makefile by patch
- devel/gotests/Makefile by patch
- devel/govulncheck/Makefile by patch
- devel/lazygit/Makefile by patch
- devel/mob/Makefile by patch
- devel/nancy/Makefile by patch
- devel/opa/Makefile by patch
- devel/packr/Makefile by patch
- devel/reftools/Makefile by patch
- devel/regal/Makefile by patch
- devel/revive/Makefile by patch
- devel/shfmt/Makefile by patch
- devel/syft/Makefile by patch
- editors/micro/Makefile by patch
- filesystems/kubo/Makefile by patch
- graphics/gif2png/Makefile by patch
- lang/joker/Makefile by patch
- mail/opensmtpd-filter-rspamd/Makefile by patch
- mail/opensmtpd-filter-senderscore/Makefile by patch
- mail/postforward/Makefile by patch
- misc/exercism/Makefile by patch
- net/amazon-ecs-cli/Makefile by patch
- net/amfora/Makefile by patch
- net/bombadillo/Makefile by patch
- net/croc/Makefile by patch
- net/czds/Makefile by patch
- net/dnscontrol/Makefile by patch
- net/dnscrypt-proxy2/Makefile by patch
- net/gh/Makefile by patch
- net/go-dnstap/Makefile by patch
- net/go-net/Makefile by patch
- net/go-websocket/Makefile by patch
- net/gunison/Makefile by patch
- net/gvproxy/Makefile by patch
- net/hub/Makefile by patch
- net/ipget/Makefile by patch
- net/kubectl/Makefile by patch
- net/libquic/Makefile by patch
- net/mangos/Makefile by patch
- net/nats-server/Makefile by patch
- net/obfs4proxy/Makefile by patch
- net/rclone/Makefile by patch
- net/stern/Makefile by patch
- net/syncthing/Makefile by patch
- net/terraform-provider-archive/Makefile by patch
- net/terraform-provider-aws/Makefile by patch
- net/terraform-provider-kubernetes/Makefile by patch
- net/terraform-provider-local/Makefile by patch
- net/terraform-provider-null/Makefile by patch
- net/terraform-provider-random/Makefile by patch
- net/terraform-provider-template/Makefile by patch
- net/terraform-provider-vultr/Makefile by patch
- net/terraform/Makefile by patch
- net/tut/Makefile by patch
- net/vultr-cli/Makefile by patch
- pkgtools/pkglint/Makefile by patch
- security/2fa/Makefile by patch
- security/age/Makefile by patch
- security/amass/Makefile by patch
- security/authelia/Makefile by patch
- security/cfssl/Makefile by patch
- security/dnsx/Makefile by patch
- security/go-asn1-ber/Makefile by patch
- security/go-crypto/Makefile by patch
- security/go-getpass/Makefile by patch
- security/go-mkcert/Makefile by patch
- security/gopass/Makefile by patch
- security/httpx/Makefile by patch
- security/nuclei/Makefile by patch
- security/oauth2c/Makefile by patch
- security/osv-scanner/Makefile by patch
- security/subfinder/Makefile by patch
- security/tlsx/Makefile by patch
- security/trufflehog/Makefile by patch
- security/vault/Makefile by patch
- shells/elvish/Makefile by patch
- shells/oh-my-posh/Makefile by patch
- sysutils/beats/Makefile by patch
- sysutils/consul/Makefile by patch
- sysutils/direnv/Makefile by patch
- sysutils/fzf/Makefile by patch
- sysutils/goreman/Makefile by patch
- sysutils/lf/Makefile by patch
- sysutils/node_exporter/Makefile by patch
- sysutils/packer/Makefile by patch
- sysutils/podman/Makefile by patch
- sysutils/restic/Makefile by patch
- sysutils/vultr/Makefile by patch
- textproc/glow/Makefile by patch
- textproc/go-kr-text/Makefile by patch
- textproc/go-md2man/Makefile by patch
- textproc/go-mmark/Makefile by patch
- textproc/go-text/Makefile by patch
- textproc/miller/Makefile by patch
- textproc/sift/Makefile by patch
- www/apisprout/Makefile by patch
- www/caddy/Makefile by patch
- www/gitea/Makefile by patch
- www/go-ffuf/Makefile by patch
- www/go-minify/Makefile by patch
- www/gotosocial/Makefile by patch
- www/grafana/Makefile by patch
- www/hugo/Makefile by patch
- www/jira-cli/Makefile by patch
- www/mycorrhiza/Makefile by patch
- www/pup/Makefile by patch
- www/restish/Makefile by patch
- www/shoutrrr/Makefile by patch
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: bsiegert
Date: Fri Nov 10 15:39:34 UTC 2023
Modified Files:
pkgsrc/lang/go: version.mk
pkgsrc/lang/go120: PLIST distinfo
pkgsrc/lang/go121: PLIST distinfo
Log Message:
Update go120 to 1.20.11 and go121 to 1.21.4 (security).
These minor releases include 2 security fixes following the security policy:
- path/filepath: recognize \??\ as a Root Local Device path prefix.
On Windows, a path beginning with \??\ is a Root Local Device path equivalent
to a path beginning with \\?\. Paths with a \??\ prefix may be used to access
arbitrary locations on the system. For example, the path \??\c:\x is
equivalent to the more common path c:\x.
The filepath package did not recognize paths with a \??\ prefix as special.
Clean could convert a rooted path such as \a\..\??\b into
the root local device path \??\b. It will now convert this
path into .\??\b.
IsAbs did not report paths beginning with \??\ as absolute.
It now does so.
VolumeName now reports the \??\ prefix as a volume name.
Join(`\`, `??`, `b`) could convert a seemingly innocent
sequence of path elements into the root local device path
\??\b. It will now convert this to \.\??\b.
This is CVE-2023-45283 and https://go.dev/issue/63713.
- path/filepath: recognize device names with trailing spaces and superscripts
The IsLocal function did not correctly detect reserved names in some cases:
reserved names followed by spaces, such as "COM1 ".
"COM" or "LPT" followed by a superscript 1, 2, or 3.
IsLocal now correctly reports these names as non-local.
This is CVE-2023-45284 and https://go.dev/issue/63713.
To generate a diff of this commit:
cvs rdiff -u -r1.193 -r1.194 pkgsrc/lang/go/version.mk
cvs rdiff -u -r1.9 -r1.10 pkgsrc/lang/go120/PLIST
cvs rdiff -u -r1.11 -r1.12 pkgsrc/lang/go120/distinfo
cvs rdiff -u -r1.3 -r1.4 pkgsrc/lang/go121/PLIST pkgsrc/lang/go121/distinfo
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.12.2.1 2023/10/22 18:44:17 spz Exp $
d4 1
a4 1
PKGREVISION= 2
@
1.11
log
@Revbump all Go packages after go120 update
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.10 2023/08/26 16:31:36 bsiegert Exp $
d3 1
a3 2
DISTNAME= nuclei-2.9.9
PKGREVISION= 2
@
1.10
log
@Revbump all Go packages after go120 update
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.9 2023/07/23 16:06:48 leot Exp $
d4 1
a4 1
PKGREVISION= 1
@
1.9
log
@nuclei: Remove XXX comment
It was used only as an excuse to provide the right commit message.
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.8 2023/07/23 16:04:48 leot Exp $
d4 1
@
1.8
log
@nuclei: Update to 2.9.9
(Previous commit was wrong, add an XXX comment just as an excuse to
provide right commit message, sorry!)
Changes:
v2.9.9 (Security Update)
## What's Changed
### Features
* Added env variable support to disable automatic template update from specifc source:
```console
export DISABLE_NUCLEI_TEMPLATES_PUBLIC_DOWNLOAD=true # Disable download from the default nuclei-templates project
export DISABLE_NUCLEI_TEMPLATES_GITHUB_DOWNLOAD=true # Disable download from public / private GitHub project(s)
export DISABLE_NUCLEI_TEMPLATES_GITLAB_DOWNLOAD=true # Disable download from public / private GitLab project(s)
export DISABLE_NUCLEI_TEMPLATES_AWS_DOWNLOAD=true # Disable download from public / private AWS Bucket(s)
export DISABLE_NUCLEI_TEMPLATES_AZURE_DOWNLOAD=true # Disable download from public / private Azure Blob Storage
```
* Added helper function to calculate jarm hash:
```yaml
{{jarm("1.1.1.1:443")}}
```
* Added support for `disable-path-automerge` in unsafe mode
* Added request/reponse in include in result as default
* Added `epss-percentile` attribute template classification section
```yaml
classification:
epss-percentile: 0.00064
```
* Added option to optionally exclude request/reponse in results
```console
-or, -omit-raw omit request/response pairs in the JSON, JSONL, and
Markdown outputs (for findings only)
```
* Added automatic target merge in network templates
### Bugs
* Fixed issue in workflow concurrency
### Maintenance
* Fixed issue in the payload generator
### Other Changes
* Added ztls fallback support as default for tls connection
### Security (breaking change)
* Fixed issue with payloads loading in sandbox mode
* Disabled payload loading from arbitrary location as default
* Added option to disable network connection to local / private
```
-lfa, -allow-local-file-access allows file (payload) access anywhere on the system
-lna, -restrict-local-network-access blocks connections to the local / private network
```
### Deprecated
- `-sandbox` option (now brokedown into two new option `-lfa`, `-lna`)
- `-irr, -include-rr` option (now enabled as default)
v2.9.8
## What's Changed
### Bugs
* Fixed issue to preserve the order of query parameters
* Fixed with network connection read and write deadline
* Fixed issue with showing multiple matches per template with `-ms` option
v2.9.7
## What's Changed
### Features
* Added tls client hello (ja3) randomization
```
-tlsi, -tls-impersonate enable experimental client hello (ja3) tls randomization
```
* Added query fuzzing support in headless protocol
* Added cookie reuse in workflow for headless template
* Added `header` and `status` matchers to headless protocol
* Added `{{public_ip()}}` helper function
* Added template option (`disable-path-automerge: true`) to disable path
automerge in raw request
### Bugs
* Fixed issue with tls protocol causing scan to stuck
* Fixed `panic: runtime error`
* Fixed issue in file protocol with matchers and condition
* Fixed output path in unsafe mode
* Fixed rendering issues with markdown and jira exporter
* Fixed issue custom client certificate input
### Maintenance
* Added better debug message formatting
* Fixed `deprecatedProtocolNameTemplates` concurrent map writes
* Enabled `-no-httpx` implicitly when `-passive` scan is launched
v2.9.6
## What's Changed
### Bug Fixes
* Fixed issue with uncover config loader
* Fixed issue with template update option
### Breaking Change
* Fixed typo (breaking change for using as SDK)
### Maintenance
* Updated TCP protocol
v2.9.5
## What's Changed
* Added payloads support in dns protocol
* Added `any` type query support in dns protocol
* Added support for constants
* Added utility to write `max-requests` counter to templates
* Fixed memory leak (high memory uses)
* Fixed issue with interactsh (probably evicted due to inactivity)
* Fixed issue with removing semicolon from raw request
* Fixed typos
* Fixed oob ruleindex
* Fixed updates to docs references
* Updated uncover integration logic
* Removed `.yml` extension support for template input as URL
v2.9.4
## What's Changed
* Added option for nuclei templates / config reset
```console
-reset reset removes all nuclei configuration and data files (including nuclei-templates)
```
v2.9.3 (bugfix release)
## What's Changed
* Added support to expose DNS response as dsl field
* Added support to filter templates based on classification
* Added check to make `severity` as a mandatory field
* Added support to load templates deprecated path
* Added warning message for templates loaded
* Added warning message for templates loaded with deprecated protocol syntax
* Added option to save extractor result to file
* Fixed nil pointer crash in interactsh client
* Fixed crash with tlsx integration
* Fixed crash with `no-interactsh` option
* Fixed panic while parsing tlsx response
* Fixed issue with params in self-contained template
* Fixed issue with aws signer
* Fixed issue with os permission check
* Fixed issue with no color in windows
* Fixed issue with variables evaluation
* Fixed issue to support headless template on OpenBSD
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.7 2023/07/23 16:02:22 leot Exp $
a2 1
# XXX: excuse to commit, remove this comment next time!
@
1.7
log
@httpx: Update to 1.3.4
Changes:
v1.3.4
### Features
* Added error page classifier with automatic filtering
```console
-fep, -filter-error-page filter response with ML based error page detection
```
* Added support for multiple output format
```console
-oa, -output-all filename to write output results in all formats
```
* Added html index (`screenshot.html`) file for screenshots
* Added custom config input support
```console
-config string path to the httpx configuration file (default $HOME/.config/httpx/config.yaml)
### Bugs
* Fixed `-tls-grab` option issue in ztls mode
* Fixed issue with `-sr` option when used with `-x` option
### Maintenance
* Made output response fields public
### Other Changes
* Fixed github.com/bxcodec/faker/v4 is deprecated
v1.3.3
### Features
* Added Support for TLS ClientHello randomization (experimental)
```console
-tlsi, -tls-impersonate enable experimental client hello (ja3) tls randomization
```
### Bugs
* Fixed issue with `rateLimiter` not stop
* Fixed issue to skip body read with status code 304
* Fixed issue to remove duplicate `onresult` option
v1.3.2
### Bugs
* Fixed issue ignoring http path with port option
* Fixed issue to write missing screenshots to index file
### Other Changes
* Added `-no-stdin` option
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.6 2023/07/15 10:53:05 bsiegert Exp $
d3 1
@
1.6
log
@Revbump all Go packages after go120 update
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.5 2023/05/05 19:37:36 bsiegert Exp $
d3 1
a3 2
DISTNAME= nuclei-2.9.2
PKGREVISION= 2
@
1.5
log
@Revbump all Go packages after go120 security update
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.4 2023/04/24 13:33:10 leot Exp $
d4 1
a4 1
PKGREVISION= 1
@
1.4
log
@nuclei: Update to 2.9.2
Changes:
2.9.2
-----
## What's Changed
* Added `llm_prompt` as dsl helper
* Added **azure blob storage** support for custom template download
* Added **gitlab project** support for custom template download
* Added CPE / EPSS Score information to cve-annotation
* Added variable evaluation support in payloads & variables
* Added config management + logic refactor
* Added JSONL(ine) Export (`-je, -json-export string` -- file to export
results in JSON format)
* Fixed bug in http race condition logic
* Fixed s3 argument typos
* Fixed integration test
* Fixed rate limit options not working with query fuzzing
* Fixed panic crash in tlsx
* Fixed panic with proxy input
* Updated `-nc` option
* Updated `ccache` with generic gcache
* Updated `-un` option to `-up` as a short flag of self-update option
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.3 2023/04/05 20:47:51 bsiegert Exp $
d4 1
@
1.3
log
@Revbump all Go packages after yesterday's go120 security update
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.2 2023/04/04 13:25:23 leot Exp $
d3 1
a3 2
DISTNAME= nuclei-2.9.1
PKGREVISION= 1
@
1.2
log
@nuclei: Update to 2.9.1
Changes:
v2.9.1
## Breaking Changes:
* Updated `-json` option to `-jsonl` to correctly reflect the output format
* Updated protocol attribute name (`requests`=> `http` & `network` => `tcp`)
in templates: Templates with the use of `requests` and `network`
will still work but will be deprecated completely in the future.
## What's New
* Added JSON output export support (`-json-export`)
* Added `cpe` and `epss-score` support in template classification
* Added `mkdir` support in headless screenshot
* Added support for jira custom fields
* Added AWS catalog for loading templates from bucket
* Fixed a crash in tlsx integration
* Fixed template link references
* Fixed an issue with the scanning strategy option
* Fixed AWS S3 bucket catalog path mismatch
* Moved DSL helper functions to dsl project
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.1 2023/03/19 11:22:34 leot Exp $
d4 1
@
1.1
log
@nuclei: Import nuclei-2.9.0 as security/nuclei
Nuclei is used to send requests across targets based on a template,
leading to zero false positives and providing fast scanning on a large
number of hosts. Nuclei offers scanning for a variety of protocols,
including TCP, DNS, HTTP, SSL, File, Whois, Websocket, Headless etc.
With powerful and flexible templating, Nuclei can be used to model all
kinds of security checks.
@
text
@d1 1
a1 1
# $NetBSD$
d3 1
a3 1
DISTNAME= nuclei-2.9.0
@