FreshPorts -- The Place For Ports If you buy from Amazon USA, please support us by using this link.
Follow us
Blog
Twitter

Please give me your LTO-4 or better tape library and I'll put it to good use.
Port details
shibboleth2-sp C++ Shibboleth Service Provider (Internet2) for Apache
2.5.5_1 security on this many watch lists=1 search for ports that depend on this port An older version of this port was marked as vulnerable. Find issues related to this port Report an issue related to this port
Maintainer: girgen@FreeBSD.org search for ports maintained by this maintainer
Port Added: 21 Jul 2009 03:59:42
Also Listed In: www
License: not specified in port
Shibboleth is standards-based, open source middleware software which
provides Web Single SignOn (SSO) across or within organizational
boundaries. It allows sites to make informed authorization decisions
for individual access of protected online resources in a
privacy-preserving manner.

This software is a C++ implementation of the Service Provider version 2
component of the Shibboleth can be used in Apache Web servers.  The
service provider manages secured resources. User access to resources
is based on assertions received by the service provider (SP) from
an identity provider.

WWW: http://shibboleth.internet2.edu/
SVNWeb : Homepage : Distfiles Availability : PortsMon

NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.

Build dependencies:
  1. boost-libs>=0 : devel/boost-libs
  2. libcrypto.so.8 : security/openssl
  3. apxs : www/apache24
  4. gmake : devel/gmake
Runtime dependencies:
  1. libcrypto.so.8 : security/openssl
  2. apxs : www/apache24
Library dependencies:
  1. libsaml.so.8 : security/opensaml2
  2. libodbc.so : databases/unixODBC
There are no ports dependent upon this port

To install the port: cd /usr/ports/security/shibboleth2-sp/ && make install clean
To add the package: pkg install security/shibboleth2-sp


Configuration Options
     No options to configure

USES:
gmake

Master Sites:
  1. http://distcache.FreeBSD.org/ports-distfiles/
  2. http://shibboleth.net/downloads/service-provider/2.5.5/

Number of commits found: 32

Commit History - (may be incomplete: see SVNWeb link above for full details)
DateByDescription
17 Aug 2015 14:20:41
Original commit files touched by this commit  2.5.5_1
Revision:394508
mat search for other commits by this committer
Remove UNIQUENAME and LATEST_LINK.

UNIQUENAME was never unique, it was only used by USE_LDCONFIG and now,
we won't have conflicts there.

Use PKGBASE instead of LATEST_LINK in PKGLATESTFILE, the *only* consumer
is pkg-devel, and it works just fine without LATEST_LINK as pkg-devel
has the correct PKGNAME anyway.

Now that UNIQUENAME is gone, OPTIONSFILE is too. (it's been called
OPTIONS_FILE now.)

Reviewed by:	antoine, bapt
Exp-run by:	antoine
Sponsored by:	Absolight
Differential Revision:	https://reviews.freebsd.org/D3336
24 Jul 2015 10:54:42
Original commit files touched by this commit  2.5.5_1
Revision:392817
girgen search for other commits by this committer
The new shibboleth will refuse to accept -u when it was
already su:ed to that user. Trust shibboleth to change user.
23 Jul 2015 13:21:06
Original commit files touched by this commit  2.5.5
Revision:392720
girgen search for other commits by this committer
Shibboleth SP software crashes on well-formed but invalid XML.

The Service Provider software contains a code path with an uncaught
exception that can be triggered by an unauthenticated attacker by
supplying well-formed but schema-invalid XML in the form of SAML
metadata or SAML protocol messages. The result is a crash and so
causes a denial of service.

You must rebuild opensaml and shibboleth with xmltooling-1.5.5 or later.
The easiest way to do so is to update the whole chain including
shibboleth-2.5.5 an opensaml2.5.5.

URL:    	http://shibboleth.net/community/advisories/secadv_20150721.txt
Security:	CVE-2015-2684
22 May 2015 22:24:40
Original commit files touched by this commit  2.5.4
Revision:387087 This port version is marked as vulnerable.
girgen search for other commits by this committer
Update Shibboleth and opensaml to latest version.
22 May 2015 20:34:29
Original commit files touched by this commit  2.5.3_2
Revision:387082 This port version is marked as vulnerable.
mat search for other commits by this committer
Remove $FreeBSD$ from patches files everywhere.

With hat:	portmgr
Sponsored by:	Absolight
01 Jul 2014 14:27:12
Original commit files touched by this commit  2.5.3_2
Revision:360018 This port version is marked as vulnerable.
girgen search for other commits by this committer
into the fire... last commit didnt't really help, it has to be part of SUB_LIST
as well
30 Jun 2014 14:13:29
Original commit files touched by this commit  2.5.3_1
Revision:359847 This port version is marked as vulnerable.
girgen search for other commits by this committer
Spelling error, WWWGROUP is really WWWGRP
PR:	191118
20 May 2014 21:09:29
Original commit files touched by this commit  2.5.3
Revision:354689 This port version is marked as vulnerable.
girgen search for other commits by this committer
revert r354688 and fix the error instead, it should be @owner, not @user...
20 May 2014 20:59:35
Original commit files touched by this commit  2.5.3
Revision:354688 This port version is marked as vulnerable.
girgen search for other commits by this committer
remove @user @group since it does not work with old pkg_tools
[https://wiki.freebsd.org/ports/StageDir] recommends using them, but I see no
point in using both
Reported by: Peter Olsson
08 May 2014 01:35:13
Original commit files touched by this commit  2.5.3
Revision:353234 This port version is marked as vulnerable.
girgen search for other commits by this committer
Update Shibboleth to 2.5.3, a bug fix release.

Change the cache directory back to the built-in default, /var/cache, and
force mode 755 on that directory. (see r258664 in head why this is a good
thing).

Add odbc support as suggested in ports/189410.
20 Sep 2013 22:55:26
Original commit files touched by this commit  2.5.2_1
Revision:327769 This port version is marked as vulnerable.
bapt search for other commits by this committer
Add NO_STAGE all over the place in preparation for the staging support (cat:
security)
14 Aug 2013 22:35:54
Original commit files touched by this commit  2.5.2_1
Revision:324744  Sanity Test Failure
ak search for other commits by this committer
- Remove MAKE_JOBS_SAFE variable

Approved by:	portmgr (bdrewery)
29 Jul 2013 14:49:11
Original commit files touched by this commit  2.5.2_1
Revision:323889 This port version is marked as vulnerable.
girgen search for other commits by this committer
Move /var/cache/shibboleth to /var/db/shibboleth, since /var/cache has mode 750
and cannot be read by the www user. According to hier(7):
   db/   misc. automatically generated system-specific database files
so /var/db seems like the best choice
19 Jun 2013 15:21:03
Original commit files touched by this commit  2.5.2
Revision:321280 This port version is marked as vulnerable.
miwi search for other commits by this committer
- Don't remove directories not created by this port

Reported by:	pkg (DEVELOPER_MODE)
18 Jun 2013 15:15:48
Original commit files touched by this commit  2.5.2
Revision:321194 This port version is marked as vulnerable.
girgen search for other commits by this committer
Security update for apache-xml-security-c.
Dependant ports, especially shibboleth2-sp, opensaml2, xmltooling
and log4shib should all be updated.

Security: CVE-2013-2156
09 Jun 2013 14:41:25
Original commit files touched by this commit  2.5.1_1
Revision:320338 This port version is marked as vulnerable.
girgen search for other commits by this committer
Add build dependency on boost for shibboleth and opensaml.
PR:	ports/179431
05 Jun 2013 09:02:10
Original commit files touched by this commit  2.5.1_1
Revision:319964 This port version is marked as vulnerable.
girgen search for other commits by this committer
Don't remove /var/*/shibboleth with rm -rf, so we don't "pull out the carpet
from underneath" a running shibd. Hence allow updating while the old shibd is
still running.
04 Jun 2013 17:29:21
Original commit files touched by this commit  2.5.1
Revision:319885 This port version is marked as vulnerable.
girgen search for other commits by this committer
Update Shibboleth-sp and its tool chain to 2.5.1.

Note that from 2.5, shibd is run as the user shibd.  The port tries to fix the
key file ownership but if you have changed the file name of the key from the
default sp-key.pem, make sure you chown your key file(s) to user shibd.

Also, take maintainership of the entire tool chain (approved by all previous
maintainers).

Incorporates the ideas suggested by Craig Leres [177668], making sure that the
ssl key is not added to the package.

PR:	177668, 178694
28 Apr 2013 21:02:40
Original commit files touched by this commit  2.4.3_1
Revision:316749  Sanity Test Failure
bapt search for other commits by this committer
Convert security to new options framework
18 Aug 2012 14:29:11
Original commit files touched by this commit  2.4.3_1
 This port version is marked as vulnerable.
ohauer search for other commits by this committer
- remove www/apache20 and devel/apr0
- s/USE_APACHE= 20+/USE_APACHE= 22+/
- unify s/YES/yes/
- cleanup APACHE_VERSION <= 22 usage
- add entry to MOVED

with hat apache@
01 Jun 2012 15:02:49
Original commit files touched by this commit  2.4.3_1
 This port version is marked as vulnerable.
swills search for other commits by this committer
- Fix permissions on /var/run/shibboleth
14 Jan 2012 08:57:23
Original commit files touched by this commit  2.4.3
 This port version is marked as vulnerable.
dougb search for other commits by this committer
In the rc.d scripts, change assignments to rcvar to use the
literal name_enable wherever possible, and ${name}_enable
when it's not, to prepare for the demise of set_rcvar().

In cases where I had to hand-edit unusual instances also
modify formatting slightly to be more uniform (and in
some cases, correct). This includes adding some $FreeBSD$
tags, and most importantly moving rcvar= to right after
name= so it's clear that one is derived from the other.
28 Jul 2011 11:55:02
Original commit files touched by this commit  2.4.3
 This port version is marked as vulnerable.
swills search for other commits by this committer
- Update to 2.4.3
- Update home page while here
- Take maintainership while here

PR:             ports/159195
Approved by:    linimon
27 Jun 2011 02:57:29
Original commit files touched by this commit  2.4.2
 This port version is marked as vulnerable.
swills search for other commits by this committer
- Update to latest versions

PR:             ports/157822
Submited by:    Palle Girgensohn <girgen@FreeBSD.org>
Approved by:    maintainer timeout
15 Apr 2011 20:47:15
Original commit files touched by this commit  2.3.1_2
 This port version is marked as vulnerable.
swills search for other commits by this committer
- Don't overwrite/remove config files on package installation/uninstall
- Obey shibboleth_sp_flags, shibboleth_sp_program and shibboleth_sp_pidfile

PR:             ports/155876
Submitted by:   Craig Leres <leres at ee.lbl.gov>
Approved by:    maintainer timeout
04 Dec 2010 07:34:27
Original commit files touched by this commit  2.3.1_1
 This port version is marked as vulnerable.
ade search for other commits by this committer
Sync to new bsd.autotools.mk
16 Oct 2010 11:52:47
Original commit files touched by this commit  2.3.1_1
 This port version is marked as vulnerable.
ade search for other commits by this committer
Punt autoconf267->autoconf268
05 Oct 2010 19:57:56
Original commit files touched by this commit  2.3.1_1
 This port version is marked as vulnerable.
ade search for other commits by this committer
Round one migration of ports from automake{19,110} to automake111
15 Sep 2010 18:35:24
Original commit files touched by this commit  2.3.1_1
 This port version is marked as vulnerable.
ade search for other commits by this committer
Autotools update.   Read ports/UPDATING 20100915 for details.

Approved by:    portmgr (for Mk/bsd.port.mk part)
Tested by:      Multiple -exp runs
27 Mar 2010 00:15:24
Original commit files touched by this commit  2.3.1
 This port version is marked as vulnerable.
dougb search for other commits by this committer
Begin the process of deprecating sysutils/rc_subr by
s#. %%RC_SUBR%%#. /etc/rc.subr#
26 Jan 2010 02:35:37
Original commit files touched by this commit  2.3.1
 This port version is marked as vulnerable.
wxs search for other commits by this committer
- Update to 2.3.1.

PR:             ports/136034
Submitted by:   Steve Wills <steve@mouf.net>
Approved by:    janos.mohacsi@bsd.hu (maintainer timeout)
21 Jul 2009 03:58:40
Original commit files touched by this commit  1.3f
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- forced commit to note repo copy

  security/shibboleth-sp -> security/shibboleth2-sp

Repocopy by:    marcus

Number of commits found: 32

Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD

This site
What is FreshPorts?
About the authors
FAQ
How big is it?
The latest upgrade!
Privacy
Forums
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
firefoxAug 28
firefox*Aug 28
firefox-esrAug 28
firefox-esr*Aug 28
libxul*Aug 28
linux-firefoxAug 28
linux-firefox*Aug 28
linux-seamonkey*Aug 28
linux-thunderbird*Aug 28
seamonkey*Aug 28
thunderbird*Aug 28
libpgf*Aug 26
goAug 25
go14Aug 25
libtremor*Aug 25

30 vulnerabilities affecting 67 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds

Statistics
Graphs
NEW Graphs (Javascript)
Traffic

Calculated hourly:
Port count 25179
Broken 195
Deprecated 42
Ignore 499
Forbidden 1
Restricted 204
No CDROM 94
Vulnerable 42
Expired 2
Set to expire 26
Interactive 0
new 24 hours 4
new 48 hours4
new 7 days26
new fortnight90
new month204

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD
Valid HTML, CSS, and RSS.
Copyright © 2000-2014 Dan Langille. All rights reserved.