FreshPorts -- The Place For Ports If you buy from Amazon USA, please support us by using this link.
Follow us
Blog
Twitter

non port: head/devel/xmltooling/distinfo
SVNWeb

Number of commits found: 8

Thu, 23 Jul 2015
[ 13:21 girgen ] Original commit   Revision:392720
392720 devel/xmltooling/Makefile
392720 devel/xmltooling/distinfo
392720 devel/xmltooling/files/patch-doc_Makefile.in
392720 devel/xmltooling/pkg-plist
392720 security/opensaml2/Makefile
392720 security/opensaml2/distinfo
392720 security/opensaml2/files/patch-doc_Makefile.in
392720 security/opensaml2/pkg-plist
392720 security/shibboleth2-sp/Makefile
392720 security/shibboleth2-sp/distinfo

(Only the first 10 of 12 ports in this commit are shown above. View all ports for this commit)
Shibboleth SP software crashes on well-formed but invalid XML.

The Service Provider software contains a code path with an uncaught
exception that can be triggered by an unauthenticated attacker by
supplying well-formed but schema-invalid XML in the form of SAML
metadata or SAML protocol messages. The result is a crash and so
causes a denial of service.

You must rebuild opensaml and shibboleth with xmltooling-1.5.5 or later.
The easiest way to do so is to update the whole chain including
shibboleth-2.5.5 an opensaml2.5.5.

URL:    	http://shibboleth.net/community/advisories/secadv_20150721.txt
Security:	CVE-2015-2684
Tue, 18 Jun 2013
[ 15:15 girgen ] Original commit   Revision:321194
321194 devel/xmltooling/Makefile
321194 devel/xmltooling/distinfo
321194 security/apache-xml-security-c/Makefile
321194 security/apache-xml-security-c/distinfo
321194 security/opensaml2/Makefile
321194 security/opensaml2/distinfo
321194 security/shibboleth2-sp/Makefile
321194 security/shibboleth2-sp/distinfo
321194 security/vuxml/vuln.xml
Security update for apache-xml-security-c.
Dependant ports, especially shibboleth2-sp, opensaml2, xmltooling
and log4shib should all be updated.

Security: CVE-2013-2156
Tue, 4 Jun 2013
[ 17:29 girgen ] Original commit   Revision:319885
319885 GIDs
319885 UIDs
319885 devel/log4shib/Makefile
319885 devel/log4shib/distinfo
319885 devel/xmltooling/Makefile
319885 devel/xmltooling/distinfo
319885 devel/xmltooling/pkg-plist
319885 security/apache-xml-security-c/Makefile
319885 security/apache-xml-security-c/distinfo
319885 security/apache-xml-security-c/pkg-plist

(Only the first 10 of 21 ports in this commit are shown above. View all ports for this commit)
Update Shibboleth-sp and its tool chain to 2.5.1.

Note that from 2.5, shibd is run as the user shibd.  The port tries to fix the
key file ownership but if you have changed the file name of the key from the
default sp-key.pem, make sure you chown your key file(s) to user shibd.

Also, take maintainership of the entire tool chain (approved by all previous
maintainers).

Incorporates the ideas suggested by Craig Leres [177668], making sure that the
ssl key is not added to the package.

PR:	177668, 178694
Thu, 28 Jul 2011
[ 11:53 swills ] Original commit 
1.8 devel/xmltooling/Makefile
1.5 devel/xmltooling/distinfo
1.3 devel/xmltooling/files/patch-doc_Makefile.in
1.2 devel/xmltooling/pkg-descr
- Update to 1.4.2
- Update home page while here
- Take maintainership

PR:             ports/159195
Approved by:    linimon
Mon, 27 Jun 2011
[ 02:57 swills ] Original commit 
1.7 devel/xmltooling/Makefile
1.4 devel/xmltooling/distinfo
1.2 devel/xmltooling/files/patch-doc_Makefile.in
1.5 devel/xmltooling/pkg-plist
1.6 security/apache-xml-security-c/Makefile
1.3 security/apache-xml-security-c/distinfo
1.3 security/apache-xml-security-c/pkg-plist
1.12 security/opensaml2/Makefile
1.8 security/opensaml2/distinfo
1.7 security/opensaml2/pkg-plist

(Only the first 10 of 13 ports in this commit are shown above. View all ports for this commit)
- Update to latest versions

PR:             ports/157822
Submited by:    Palle Girgensohn <girgen@FreeBSD.org>
Approved by:    maintainer timeout
Fri, 8 Jan 2010
[ 01:24 pgollucci ] Original commit 
1.4 devel/xmltooling/Makefile
1.3 devel/xmltooling/distinfo
1.1 devel/xmltooling/files/patch-doc_Makefile.in
1.3 devel/xmltooling/pkg-plist
- Update to 2.3

PR:             ports/142324
Submitted by:   Steve Wills <steve@mouf.net>
Approved by:    Mohacsi Janos <janos.mohacsi@bsd.hu> (maintainer)
Fri, 10 Jul 2009
[ 01:15 wxs ] Original commit 
1.3 devel/xmltooling/Makefile
1.2 devel/xmltooling/distinfo
1.2 devel/xmltooling/pkg-plist
- Update to 1.2

PR:             ports/136033
Submitted by:   Steve Wills <steve@mouf.net>
Approved by:    maintainer
Sat, 22 Nov 2008
[ 15:15 miwi ] Original commit 
1.3264 devel/Makefile
1.1 devel/xmltooling/Makefile
1.1 devel/xmltooling/distinfo
1.1 devel/xmltooling/pkg-descr
1.1 devel/xmltooling/pkg-plist
Shibboleth 2.x relies on OpenSAML 2, which in turn requires this
lower-level library that provides a higher level interface to XML
processing, particularly in light of signing and encryption.

WWW: https://spaces.internet2.edu/display/OpenSAML/XMLTooling-C

PR:             ports/127326
Submitted by:   Janos Mohacsi

Number of commits found: 8

Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD

This site
What is FreshPorts?
About the authors
Issues
FAQ
How big is it?
The latest upgrade!
Privacy
Forums
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
bind9-develSep 28
bind910Sep 28
bind911Sep 28
bind99Sep 28
libresslSep 26
libressl-develSep 26
opensslSep 26
openssl-develSep 26
openssl*Sep 23
openssl-devel*Sep 23
irssi*Sep 22
irssi*Sep 22
firefoxSep 20
firefox*Sep 20
firefox-esrSep 20

11 vulnerabilities affecting 36 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds

Statistics
Graphs
NEW Graphs (Javascript)
Traffic

Calculated hourly:
Port count 26278
Broken 375
Deprecated 218
Ignore 639
Forbidden 0
Restricted 199
No CDROM 83
Vulnerable 61
Expired 14
Set to expire 204
Interactive 0
new 24 hours 3
new 48 hours12
new 7 days34
new fortnight66
new month122

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD
Valid HTML, CSS, and RSS.
Copyright © 2000-2014 Dan Langille. All rights reserved.