notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)
Want a good monitor light? See my photosAll times are UTC
Ukraine
This referral link gives you 10% off a Fastmail.com account and gives me a discount on my Fastmail account.

Get notified when packages are built

A new feature has been added. FreshPorts already tracks package built by the FreeBSD project. This information is displayed on each port page. You can now get an email when FreshPorts notices a new package is available for something on one of your watch lists. However, you must opt into that. Click on Report Subscriptions on the right, and New Package Notification box, and click on Update.

FInally, under Watch Lists, click on ABI Package Subscriptions to select your ABI (e.g. FreeBSD:14:amd64) & package set (latest/quarterly) combinatio for a given watch list. This is what FreshPorts will look for.

non port: devel/xmltooling/pkg-plist

Number of commits found: 22

Monday, 12 Jun 2023
15:09 Palle Girgensohn (girgen) search for other commits by this committer
devel/xmltooling: update to 3.2.4

An updated version of the XMLTooling library that is part of the
OpenSAML and Shibboleth Service Provider software is now available
which corrects a server-side request forgery (SSRF) vulnerability.

Security:	f7e9a1cc-0931-11ee-94b4-6cc21735f730
commit hash: 37548fca60c3733e77d6020dcacabd1540f39e64 commit hash: 37548fca60c3733e77d6020dcacabd1540f39e64 commit hash: 37548fca60c3733e77d6020dcacabd1540f39e64 commit hash: 37548fca60c3733e77d6020dcacabd1540f39e64 37548fc
Wednesday, 11 Jan 2023
14:46 Palle Girgensohn (girgen) search for other commits by this committer
shibboleth-sp: Update to 3.4.1

A patch release of the Service Provider, V3.4.1, is now available. This
release fixes a couple of small bugs and adds a warning requested by one
of our member organizations in the absence of the redirectLimit setting,
which leads to SPs being abused as open redirectors.

Notably, this release includes an update to the xmltooling library that
hardens the code base against the sorts of attacks reported against the
IdP in the recent advisory. The SP is, as far as can be determined, not
impacted directly by that vulnerability, but this is a precautionary
change.

Release
notes:	https://shibboleth.atlassian.net/wiki/spaces/SP3/pages/2065335693/ReleaseNotes
commit hash: a9e71595d93377de9af87a999cd128f3f43069e5 commit hash: a9e71595d93377de9af87a999cd128f3f43069e5 commit hash: a9e71595d93377de9af87a999cd128f3f43069e5 commit hash: a9e71595d93377de9af87a999cd128f3f43069e5 a9e7159
Monday, 7 Nov 2022
17:03 Palle Girgensohn (girgen) search for other commits by this committer
security/shibboleth-sp: update to 3.4.0

This is a minor update containing a new setting suggested by a
contributor (thus the unplanned minor version change) controlling
retries when TCP connections to shibd are used. The other changes are
minimal in nature.

Update the toolchain as well:

devel/xmltooling
textproc/xerces-c3

and bump PORTREVISION for security/opensaml due to dependencies'
updates.

Release notes:	https://wiki.shibboleth.net/confluence/display/SP3/ReleaseNotes
commit hash: b4e7dc9bf4a25f8fb4858b55d811f2b001a49602 commit hash: b4e7dc9bf4a25f8fb4858b55d811f2b001a49602 commit hash: b4e7dc9bf4a25f8fb4858b55d811f2b001a49602 commit hash: b4e7dc9bf4a25f8fb4858b55d811f2b001a49602 b4e7dc9
Tuesday, 30 Nov 2021
14:42 Palle Girgensohn (girgen) search for other commits by this committer
devel/xmltooling: update to 3.2.1
commit hash: 8de027017663e95f66026d5e42c4e9472443538a commit hash: 8de027017663e95f66026d5e42c4e9472443538a commit hash: 8de027017663e95f66026d5e42c4e9472443538a commit hash: 8de027017663e95f66026d5e42c4e9472443538a 8de0270
Friday, 18 Dec 2020
08:51 girgen search for other commits by this committer
Update xmltooling to 3.2.0

Bump dependant ports. xmltooling is only used as a dependency for
security/shibboleth-sp.

Release notes:	https://wiki.shibboleth.net/confluence/display/SP3/ReleaseNotes
Original commitRevision:558359 
Monday, 13 Apr 2020
22:15 girgen search for other commits by this committer
The Shibboleth Project has released V3.1.0 of the Service Provider software.

Release notes:	https://wiki.shibboleth.net/confluence/display/SP3/ReleaseNotes
Original commitRevision:531638 
Monday, 11 Mar 2019
17:02 girgen search for other commits by this committer
Update Shibboleth and its tool chain to 3.0.4

The security problem was patched alreadyin 3.0.3p1, but all users are
recommended to update to the latest version at next service window.

Security:	CVE-2019-9628
		https://shibboleth.net/community/advisories/secadv_20190311.txt
Release notes:	https://wiki.shibboleth.net/confluence/display/SP3/ReleaseNotes
Original commitRevision:495367 
Sunday, 23 Dec 2018
10:54 girgen search for other commits by this committer
Update to version 3.0.3

The update corrects a denial of service vulnerability.

Security:	4f8665d0-0465-11e9-b77a-6cc21735f730
Original commitRevision:488188 
Tuesday, 7 Aug 2018
13:24 girgen search for other commits by this committer
Update Shibboleth to 3.0.2

Also update the toolchain to latest versions. This includes a security fix for
apache-xml-security-c.

Releaseinfo:    https://wiki.shibboleth.net/confluence/display/SP3/ReleaseNotes
Security:       5786185a-9a43-11e8-b34b-6cc21735f730
Security:       https://shibboleth.net/community/advisories/secadv_20180803.txt
Original commitRevision:476595 
Tuesday, 27 Feb 2018
15:37 girgen search for other commits by this committer
Shibboleth SP software vulnerable to additional data forgery flaws

The XML processing performed by the Service Provider software has been
found to be vulnerable to new flaws similar in nature to the one
addressed in an advisory last month.

Security:	22438240-1bd0-11e8-a2ec-6cc21735f730
URL:		https://shibboleth.net/community/advisories/secadv_20180227.txt
Original commitRevision:463146 
Friday, 17 Nov 2017
10:37 girgen search for other commits by this committer
Update to latest version

This is a fix for a regression in the latest security fix for
security/shibboleth2-sp.

Security:	b4b7ec7d-ca27-11e7-a12d-6cc21735f730
Original commitRevision:454371 
Sunday, 11 Sep 2016
21:52 girgen search for other commits by this committer
Upgrade shibboleth-sp 2.6 and its tool chain
Original commitRevision:421878 
Thursday, 23 Jul 2015
13:21 girgen search for other commits by this committer
Shibboleth SP software crashes on well-formed but invalid XML.

The Service Provider software contains a code path with an uncaught
exception that can be triggered by an unauthenticated attacker by
supplying well-formed but schema-invalid XML in the form of SAML
metadata or SAML protocol messages. The result is a crash and so
causes a denial of service.

You must rebuild opensaml and shibboleth with xmltooling-1.5.5 or later.
The easiest way to do so is to update the whole chain including
shibboleth-2.5.5 an opensaml2.5.5.

URL:    	http://shibboleth.net/community/advisories/secadv_20150721.txt
Security:	CVE-2015-2684
Original commitRevision:392720 
Friday, 16 Jan 2015
16:17 tijl search for other commits by this committer
Add USES=libtool
Original commitRevision:377187 
Monday, 27 Oct 2014
11:09 bapt search for other commits by this committer
Cleanup plist
Original commitRevision:371553 
Monday, 23 Jun 2014
13:38 amdmi3 search for other commits by this committer
- Use new LIB_DEPENDS syntax
- Remove redundant docs plist entries (handled by PORTDOCS=*)

Approved by:	portmgr blanket
Original commitRevision:358942 
Tuesday, 4 Jun 2013
17:29 girgen search for other commits by this committer
Update Shibboleth-sp and its tool chain to 2.5.1.

Note that from 2.5, shibd is run as the user shibd.  The port tries to fix the
key file ownership but if you have changed the file name of the key from the
default sp-key.pem, make sure you chown your key file(s) to user shibd.

Also, take maintainership of the entire tool chain (approved by all previous
maintainers).

Incorporates the ideas suggested by Craig Leres [177668], making sure that the
ssl key is not added to the package.

PR:	177668, 178694
Original commitRevision:319885 
Monday, 27 Jun 2011
02:57 swills search for other commits by this committer
- Update to latest versions

PR:             ports/157822
Submited by:    Palle Girgensohn <girgen@FreeBSD.org>
Approved by:    maintainer timeout
Original commit
Saturday, 11 Dec 2010
22:08 pgollucci search for other commits by this committer
- Fix pkg-plist in NOPORTDOCS case

Reported by:    QAT
Original commit
Friday, 8 Jan 2010
01:24 pgollucci search for other commits by this committer
- Update to 2.3

PR:             ports/142324
Submitted by:   Steve Wills <steve@mouf.net>
Approved by:    Mohacsi Janos <janos.mohacsi@bsd.hu> (maintainer)
Original commit
Friday, 10 Jul 2009
01:15 wxs search for other commits by this committer
- Update to 1.2

PR:             ports/136033
Submitted by:   Steve Wills <steve@mouf.net>
Approved by:    maintainer
Original commit
Saturday, 22 Nov 2008
15:15 miwi search for other commits by this committer
Shibboleth 2.x relies on OpenSAML 2, which in turn requires this
lower-level library that provides a higher level interface to XML
processing, particularly in light of signing and encryption.

WWW: https://spaces.internet2.edu/display/OpenSAML/XMLTooling-C

PR:             ports/127326
Submitted by:   Janos Mohacsi
Original commit

Number of commits found: 22