FreshPorts -- The Place For Ports If you buy from Amazon USA, please support us by using this link.
Follow us
Blog
Twitter

Port details
py-defusedxml XML bomb protection for Python stdlib modules
0.4.1 devel on this many watch lists=0 search for ports that depend on this port Find issues related to this port Report an issue related to this port
Maintainer: wg@FreeBSD.org search for ports maintained by this maintainer
Port Added: 04 Aug 2013 13:40:26
Also Listed In: python textproc
License: PSFL
Defusing XML bombs and other exploits

The results of an attack on a vulnerable XML library can be fairly dramatic.
With just a few hundred Bytes of XML data an attacker can occupy several
Gigabytes of memory within seconds. An attacker can also keep CPUs busy for
a long time with a small to medium size request.  This library prevents
such issues.

WWW: https://bitbucket.org/tiran/defusedxml
SVNWeb : Homepage : PortsMon

To install the port: cd /usr/ports/devel/py-defusedxml/ && make install clean
To add the package: pkg install py27-defusedxml

PKGNAME: py27-defusedxml


NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.

Build dependencies:
  1. py27-setuptools27>0 : devel/py-setuptools27
  2. python2.7 : lang/python27
Runtime dependencies:
  1. py27-setuptools27>0 : devel/py-setuptools27
  2. python2.7 : lang/python27

This port is required by:

for Run * - deleted ports are only shown under the This port is required by section. It was harder to do for the Required section. Perhaps later...
Configuration Options
===> The following configuration options are available for py27-defusedxml-0.4.1:
     DOCS=on: Build and/or install documentation
===> Use 'make config' to modify these settings

USES:
python

Master Sites:
  1. http://distcache.FreeBSD.org/ports-distfiles/
  2. http://pypi.crate.io/packages/source/d/defusedxml/
  3. http://pypi.python.jp/defusedxml/
  4. http://pypi.python.org/packages/source/d/defusedxml/

Number of commits found: 5

Commit History - (may be incomplete: see SVNWeb link above for full details)
DateByDescription
20 Oct 2014 16:04:14
Original commit files touched by this commit  0.4.1
Revision:371280
mva search for other commits by this committer
- Convert ports of devel/ to USES=python

Approved by:	portmgr (implicit)
17 Dec 2013 14:29:42
Original commit files touched by this commit  0.4.1
Revision:336729
wg search for other commits by this committer
devel/py-defusedxml: use auto plist and remove py3k hack
25 Sep 2013 14:33:23
Original commit files touched by this commit  0.4.1
Revision:328296
wg search for other commits by this committer
devel/py-defusedxml: allow staging

- Allow staging
20 Sep 2013 17:13:47
Original commit files touched by this commit  0.4.1
Revision:327724
bapt search for other commits by this committer
Add NO_STAGE all over the place in preparation for the staging support (cat:
devel part 3)
04 Aug 2013 13:40:12
Original commit files touched by this commit  0.4.1
Revision:324232
wg search for other commits by this committer
devel/py-defusedxml: Defusing XML bombs and other exploits

The results of an attack on a vulnerable XML library can be fairly dramatic.
With just a few hundred Bytes of XML data an attacker can occupy several
Gigabytes of memory within seconds. An attacker can also keep CPUs busy for
a long time with a small to medium size request.  This library prevents
such issues.

WWW: https://bitbucket.org/tiran/defusedxml

Number of commits found: 5

Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD

This site
What is FreshPorts?
About the authors
Issues
FAQ
How big is it?
The latest upgrade!
Privacy
Forums
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
openvswitchMay 29
cactiMay 28
chromiumMay 28
chromiumMay 28
chromiumMay 28
php55May 28
php55-gdMay 28
php55-pharMay 28
php56May 28
php56-gdMay 28
php70-gdMay 28
php70-intlMay 28
mediawiki123May 24
mediawiki124May 24
mediawiki125May 24

10 vulnerabilities affecting 20 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds

Statistics
Graphs
NEW Graphs (Javascript)
Traffic

Calculated hourly:
Port count 26085
Broken 287
Deprecated 59
Ignore 552
Forbidden 0
Restricted 202
No CDROM 85
Vulnerable 53
Expired 16
Set to expire 47
Interactive 0
new 24 hours 6
new 48 hours13
new 7 days31
new fortnight71
new month125

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD
Valid HTML, CSS, and RSS.
Copyright © 2000-2014 Dan Langille. All rights reserved.