| non port: security/shibboleth2-sp/pkg-plist |
Number of commits found: 20 |
|
Wednesday, 15 Nov 2017
|
17:21 girgen 
Shibboleth Service Provider Security Advisory [15 November 2017]
An updated version of the Shibboleth Service Provider software
is available which corrects a critical security issue in the
"Dynamic" metadata provider plugin.
Deployers making use of the affected feature should apply the
relevant update at the soonest possible moment.
Security: b4b7ec7d-ca27-11e7-a12d-6cc21735f730
  |
|
Thursday, 2 Feb 2017
|
16:34 girgen
Add options for fastcgi and memcached and make odbc and apache optional.
Fastcgi allows simple use with NGINX. Memcached is similar to ODBC, in that it
offers another option for more persistent session storage than in-memory.
|
|
Sunday, 11 Sep 2016
|
21:52 girgen
Upgrade shibboleth-sp 2.6 and its tool chain
|
|
Sunday, 28 Feb 2016
|
18:55 girgen
Update xerces-c3 and shibboleth to latest versions
The update in xerces fixes a buffer overflow security problem that exposes the
possibility of a denial of service attack, and could conceivably result in
remote code execution.
Users of Shibboleth or any other service usingi the xerces-c3 xml library are
recommended to upgrade promptly.
URL: http://xerces.apache.org/xerces-c/secadv/CVE-2016-0729.txt
Security: CVE-2016-0729
|
|
Saturday, 26 Sep 2015
|
21:02 antoine
- Convert to @sample
- Cleanup plist
|
|
Thursday, 23 Jul 2015
|
13:21 girgen
Shibboleth SP software crashes on well-formed but invalid XML.
The Service Provider software contains a code path with an uncaught
exception that can be triggered by an unauthenticated attacker by
supplying well-formed but schema-invalid XML in the form of SAML
metadata or SAML protocol messages. The result is a crash and so
causes a denial of service.
You must rebuild opensaml and shibboleth with xmltooling-1.5.5 or later.
The easiest way to do so is to update the whole chain including
shibboleth-2.5.5 an opensaml2.5.5.
URL: http://shibboleth.net/community/advisories/secadv_20150721.txt
Security: CVE-2015-2684
|
|
Friday, 22 May 2015
|
22:24 girgen
Update Shibboleth and opensaml to latest version.
|
|
Tuesday, 20 May 2014
|
21:09 girgen
revert r354688 and fix the error instead, it should be @owner, not @user...
|
20:59 girgen
remove @user @group since it does not work with old pkg_tools
[https://wiki.freebsd.org/ports/StageDir] recommends using them, but I see no
point in using both
Reported by: Peter Olsson
|
|
Thursday, 8 May 2014
|
01:35 girgen
Update Shibboleth to 2.5.3, a bug fix release.
Change the cache directory back to the built-in default, /var/cache, and
force mode 755 on that directory. (see r258664 in head why this is a good
thing).
Add odbc support as suggested in ports/189410.
|
|
Monday, 29 Jul 2013
|
14:49 girgen
Move /var/cache/shibboleth to /var/db/shibboleth, since /var/cache has mode 750
and cannot be read by the www user. According to hier(7):
db/ misc. automatically generated system-specific database files
so /var/db seems like the best choice
|
|
Wednesday, 19 Jun 2013
|
15:21 miwi
- Don't remove directories not created by this port
Reported by: pkg (DEVELOPER_MODE)
|
|
Wednesday, 5 Jun 2013
|
09:02 girgen
Don't remove /var/*/shibboleth with rm -rf, so we don't "pull out the carpet
from underneath" a running shibd. Hence allow updating while the old shibd is
still running.
|
|
Tuesday, 4 Jun 2013
|
17:29 girgen
Update Shibboleth-sp and its tool chain to 2.5.1.
Note that from 2.5, shibd is run as the user shibd. The port tries to fix the
key file ownership but if you have changed the file name of the key from the
default sp-key.pem, make sure you chown your key file(s) to user shibd.
Also, take maintainership of the entire tool chain (approved by all previous
maintainers).
Incorporates the ideas suggested by Craig Leres [177668], making sure that the
ssl key is not added to the package.
PR: 177668, 178694
|
|
Friday, 1 Jun 2012
|
15:02 swills
- Fix permissions on /var/run/shibboleth
|
|
Thursday, 28 Jul 2011
|
11:55 swills
- Update to 2.4.3
- Update home page while here
- Take maintainership while here
PR: ports/159195
Approved by: linimon
|
|
Monday, 27 Jun 2011
|
02:57 swills
- Update to latest versions
PR: ports/157822
Submited by: Palle Girgensohn <girgen@FreeBSD.org>
Approved by: maintainer timeout
|
|
Friday, 15 Apr 2011
|
20:47 swills
- Don't overwrite/remove config files on package installation/uninstall
- Obey shibboleth_sp_flags, shibboleth_sp_program and shibboleth_sp_pidfile
PR: ports/155876
Submitted by: Craig Leres <leres at ee.lbl.gov>
Approved by: maintainer timeout
|
|
Tuesday, 26 Jan 2010
|
02:35 wxs
- Update to 2.3.1.
PR: ports/136034
Submitted by: Steve Wills <steve@mouf.net>
Approved by: janos.mohacsi@bsd.hu (maintainer timeout)
|
|
Tuesday, 21 Jul 2009
|
03:58 pgollucci
- forced commit to note repo copy
security/shibboleth-sp -> security/shibboleth2-sp
Repocopy by: marcus
|
Number of commits found: 20 |
As an Amazon Associate I earn from qualifying purchases.