FreshPorts -- The Place For Ports If you buy from Amazon USA, please support us by using this link.
Follow us
Blog
Twitter

Please give me your LTO-4 or better tape library and I'll put it to good use.
Port details
py-defusedxml XML bomb protection for Python stdlib modules
0.4.1 devel on this many watch lists=0 search for ports that depend on this port Find issues related to this port Report an issue related to this port
Maintainer: wg@FreeBSD.org search for ports maintained by this maintainer
Port Added: 04 Aug 2013 13:40:26
Also Listed In: python textproc
License: PSFL
Defusing XML bombs and other exploits

The results of an attack on a vulnerable XML library can be fairly dramatic.
With just a few hundred Bytes of XML data an attacker can occupy several
Gigabytes of memory within seconds. An attacker can also keep CPUs busy for
a long time with a small to medium size request.  This library prevents
such issues.

WWW: https://bitbucket.org/tiran/defusedxml
SVNWeb : Homepage : Distfiles Availability : PortsMon

NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.

Build dependencies:
  1. py27-setuptools27>0 : devel/py-setuptools27
  2. python2.7 : lang/python27
Runtime dependencies:
  1. py27-setuptools27>0 : devel/py-setuptools27
  2. python2.7 : lang/python27

This port is required by:

for Run * - deleted ports are only shown under the This port is required by section. It was harder to do for the Required section. Perhaps later...

To install the port: cd /usr/ports/devel/py-defusedxml/ && make install clean
To add the package: pkg install devel/py-defusedxml


Configuration Options
===> The following configuration options are available for py27-defusedxml-0.4.1:
     DOCS=on: Build and/or install documentation
===> Use 'make config' to modify these settings

USES:
python

Master Sites:
  1. http://distcache.FreeBSD.org/ports-distfiles/
  2. http://pypi.crate.io/packages/source/d/defusedxml/
  3. http://pypi.python.jp/defusedxml/
  4. http://pypi.python.org/packages/source/d/defusedxml/

Number of commits found: 5

Commit History - (may be incomplete: see SVNWeb link above for full details)
DateByDescription
20 Oct 2014 16:04:14
Original commit files touched by this commit  0.4.1
Revision:371280
mva search for other commits by this committer
- Convert ports of devel/ to USES=python

Approved by:	portmgr (implicit)
17 Dec 2013 14:29:42
Original commit files touched by this commit  0.4.1
Revision:336729
wg search for other commits by this committer
devel/py-defusedxml: use auto plist and remove py3k hack
25 Sep 2013 14:33:23
Original commit files touched by this commit  0.4.1
Revision:328296
wg search for other commits by this committer
devel/py-defusedxml: allow staging

- Allow staging
20 Sep 2013 17:13:47
Original commit files touched by this commit  0.4.1
Revision:327724
bapt search for other commits by this committer
Add NO_STAGE all over the place in preparation for the staging support (cat:
devel part 3)
04 Aug 2013 13:40:12
Original commit files touched by this commit  0.4.1
Revision:324232
wg search for other commits by this committer
devel/py-defusedxml: Defusing XML bombs and other exploits

The results of an attack on a vulnerable XML library can be fairly dramatic.
With just a few hundred Bytes of XML data an attacker can occupy several
Gigabytes of memory within seconds. An attacker can also keep CPUs busy for
a long time with a small to medium size request.  This library prevents
such issues.

WWW: https://bitbucket.org/tiran/defusedxml

Number of commits found: 5

Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD

This site
What is FreshPorts?
About the authors
FAQ
How big is it?
The latest upgrade!
Privacy
Forums
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
avidemuxSep 01
ffmpegSep 01
ffmpegSep 01
gstreamer1-libavSep 01
gstreamer1-libavSep 01
handbrakeSep 01
handbrakeSep 01
kodiSep 01
libavSep 01
libavSep 01
mencoderSep 01
mplayerSep 01
mythtvSep 01
mythtvSep 01
mythtv-frontendSep 01

28 vulnerabilities affecting 74 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds

Statistics
Graphs
NEW Graphs (Javascript)
Traffic

Calculated hourly:
Port count 25199
Broken 194
Deprecated 42
Ignore 498
Forbidden 1
Restricted 205
No CDROM 94
Vulnerable 45
Expired 10
Set to expire 26
Interactive 0
new 24 hours 6
new 48 hours17
new 7 days25
new fortnight97
new month215

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD
Valid HTML, CSS, and RSS.
Copyright © 2000-2014 Dan Langille. All rights reserved.