diff options
Diffstat (limited to '')
92 files changed, 518 insertions, 314 deletions
diff --git a/security/Makefile b/security/Makefile index fbfc8471a1f5..4c01467ae32d 100644 --- a/security/Makefile +++ b/security/Makefile @@ -1066,6 +1066,7 @@ SUBDIR += py-securesystemslib SUBDIR += py-service-identity SUBDIR += py-signedjson + SUBDIR += py-signxml SUBDIR += py-social-auth-core SUBDIR += py-spake2 SUBDIR += py-ssh-audit diff --git a/security/aws-c-auth/Makefile b/security/aws-c-auth/Makefile index 77592156a966..bd723975d7a5 100644 --- a/security/aws-c-auth/Makefile +++ b/security/aws-c-auth/Makefile @@ -1,6 +1,6 @@ PORTNAME= aws-c-auth DISTVERSIONPREFIX= v -DISTVERSION= 0.9.0 +DISTVERSION= 0.9.1 CATEGORIES= security MAINTAINER= eduardo@FreeBSD.org diff --git a/security/aws-c-auth/distinfo b/security/aws-c-auth/distinfo index c3f580df1db8..b950bee4af3c 100644 --- a/security/aws-c-auth/distinfo +++ b/security/aws-c-auth/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1743191973 -SHA256 (awslabs-aws-c-auth-v0.9.0_GH0.tar.gz) = aa6e98864fefb95c249c100da4ae7aed36ba13a8a91415791ec6fad20bec0427 -SIZE (awslabs-aws-c-auth-v0.9.0_GH0.tar.gz) = 265696 +TIMESTAMP = 1757251762 +SHA256 (awslabs-aws-c-auth-v0.9.1_GH0.tar.gz) = adae1e725d9725682366080b8bf8e49481650c436b846ceeb5efe955d5e03273 +SIZE (awslabs-aws-c-auth-v0.9.1_GH0.tar.gz) = 265755 diff --git a/security/aws-lc/Makefile b/security/aws-lc/Makefile index b2c1dac66de6..99eff2b0deec 100644 --- a/security/aws-lc/Makefile +++ b/security/aws-lc/Makefile @@ -1,11 +1,8 @@ PORTNAME= aws-lc -PORTVERSION= 1.57.1 +PORTVERSION= 1.59.0 DISTVERSIONPREFIX= v CATEGORIES= security -PATCH_SITES= https://github.com/aws/aws-lc/commit/ -PATCHFILES= 125f94c2c26559ed93a22f1cc5880efe46f0b937.patch:-p1 - MAINTAINER= sunpoet@FreeBSD.org COMMENT= AWS libcrypto WWW= https://github.com/aws/aws-lc diff --git a/security/aws-lc/distinfo b/security/aws-lc/distinfo index 2327bcddd04b..ee331f192075 100644 --- a/security/aws-lc/distinfo +++ b/security/aws-lc/distinfo @@ -1,5 +1,5 @@ -TIMESTAMP = 1755062466 -SHA256 (aws-aws-lc-v1.57.1_GH0.tar.gz) = 1c434d294594a82f1c046aa4e172277b5b549f7b5c89225e3cb2222b94744ca8 -SIZE (aws-aws-lc-v1.57.1_GH0.tar.gz) = 127164147 +TIMESTAMP = 1757120534 +SHA256 (aws-aws-lc-v1.59.0_GH0.tar.gz) = fcc179ab0f7801b8416bf27cb16cfb8ee7dff78df364afdf432ba5eb50f42b22 +SIZE (aws-aws-lc-v1.59.0_GH0.tar.gz) = 127302583 SHA256 (125f94c2c26559ed93a22f1cc5880efe46f0b937.patch) = a07ef67b487b47168384d70b7f7bd2b6a8479e037e09087c34f9f083c88411f2 SIZE (125f94c2c26559ed93a22f1cc5880efe46f0b937.patch) = 2046 diff --git a/security/ca_root_nss/Makefile b/security/ca_root_nss/Makefile index 581eaf31b155..5a7cfdd6e5eb 100644 --- a/security/ca_root_nss/Makefile +++ b/security/ca_root_nss/Makefile @@ -1,5 +1,6 @@ PORTNAME= ca_root_nss PORTVERSION= ${VERSION_NSS} +PORTREVISION= 1 CATEGORIES= security MASTER_SITES= MOZILLA/security/nss/releases/${DISTNAME:tu:C/[-.]/_/g}_RTM/src DISTNAME= nss-${VERSION_NSS}${NSS_SUFFIX} @@ -18,6 +19,7 @@ WRKSRC_SUBDIR= nss OPTIONS_DEFINE= ETCSYMLINK OPTIONS_DEFAULT= ETCSYMLINK +OPTIONS_EXCLUDE_FreeBSD_15= ETCSYMLINK OPTIONS_SUB= yes diff --git a/security/cosign/Makefile b/security/cosign/Makefile index af140597692c..9766fa711a8b 100644 --- a/security/cosign/Makefile +++ b/security/cosign/Makefile @@ -1,7 +1,6 @@ PORTNAME= cosign DISTVERSIONPREFIX= v -DISTVERSION= 2.5.3 -PORTREVISION= 2 +DISTVERSION= 2.6.0 CATEGORIES= security MAINTAINER= bofh@FreeBSD.org @@ -24,7 +23,7 @@ GO_BUILDFLAGS= -ldflags="-buildid= \ PLIST_FILES= bin/${PORTNAME} -GIT_HASH= 488ef8ceed5ab5d77379e9077a124a0d0df41d06 +GIT_HASH= 37fbfc7018fb4d60a9a2c9175bd64c75dda5869a .include <bsd.port.pre.mk> diff --git a/security/cosign/distinfo b/security/cosign/distinfo index 162267863be7..04260adacbe1 100644 --- a/security/cosign/distinfo +++ b/security/cosign/distinfo @@ -1,5 +1,5 @@ -TIMESTAMP = 1752874321 -SHA256 (go/security_cosign/cosign-v2.5.3/v2.5.3.mod) = 3d3e90c2ad6b9f1dc45c9f83c5408d4296d80ae3728998504d9d3e077dd19afe -SIZE (go/security_cosign/cosign-v2.5.3/v2.5.3.mod) = 16693 -SHA256 (go/security_cosign/cosign-v2.5.3/v2.5.3.zip) = e0158a5721ba7c8e2b775af499c07d89957ae42177a1794c8382e1e91901b531 -SIZE (go/security_cosign/cosign-v2.5.3/v2.5.3.zip) = 1335557 +TIMESTAMP = 1757797254 +SHA256 (go/security_cosign/cosign-v2.6.0/v2.6.0.mod) = 5bdb0b024ddd7ed55330cccaf993f544d68917acac507d0f3c78e22be77afabb +SIZE (go/security_cosign/cosign-v2.6.0/v2.6.0.mod) = 17701 +SHA256 (go/security_cosign/cosign-v2.6.0/v2.6.0.zip) = 2952d765dacdaebf7c651cfbad99e4736a086a9732e3a42bf8e9ce963bc73ae3 +SIZE (go/security_cosign/cosign-v2.6.0/v2.6.0.zip) = 1366214 diff --git a/security/crowdsec/Makefile b/security/crowdsec/Makefile index 6def3753de60..00e137ea9782 100644 --- a/security/crowdsec/Makefile +++ b/security/crowdsec/Makefile @@ -1,7 +1,6 @@ PORTNAME= crowdsec DISTVERSIONPREFIX= v -DISTVERSION= 1.6.11 -PORTREVISION= 2 +DISTVERSION= 1.7.0 CATEGORIES= security MAINTAINER= marco@crowdsec.net @@ -15,7 +14,7 @@ LIB_DEPENDS= libabsl_base.so:devel/abseil \ libre2.so:devel/re2 USES= go:modules pkgconfig -_COMMIT= d64ee2ae +_COMMIT= c3036e21 _BUILD_DATE= $$(date -u "+%F_%T") USE_RC_SUBR= crowdsec @@ -86,6 +85,9 @@ do-install: @${MV} ${STAGEDIR}${ETCDIR}/acquis.yaml \ ${STAGEDIR}${ETCDIR}/acquis.yaml.sample + ${INSTALL_DATA} ${FILESDIR}/acquis.yaml.sample \ + ${STAGEDIR}${ETCDIR}/acquis.yaml.sample + @${MV} ${STAGEDIR}${ETCDIR}/config.yaml \ ${STAGEDIR}${ETCDIR}/config.yaml.sample diff --git a/security/crowdsec/distinfo b/security/crowdsec/distinfo index 47a7babd24af..27a1df0a8f93 100644 --- a/security/crowdsec/distinfo +++ b/security/crowdsec/distinfo @@ -1,5 +1,5 @@ -TIMESTAMP = 1754034506 -SHA256 (go/security_crowdsec/crowdsec-v1.6.11/v1.6.11.mod) = c4dcc18622d60438579ba803257295e8118772dd383825b72ee758800e282bb7 -SIZE (go/security_crowdsec/crowdsec-v1.6.11/v1.6.11.mod) = 10729 -SHA256 (go/security_crowdsec/crowdsec-v1.6.11/v1.6.11.zip) = ca01f1e1321075a0690b5a2378dbd4cc02eee104594fe71ab64c010df5b77591 -SIZE (go/security_crowdsec/crowdsec-v1.6.11/v1.6.11.zip) = 1780687 +TIMESTAMP = 1756721640 +SHA256 (go/security_crowdsec/crowdsec-v1.7.0/v1.7.0.mod) = fe6e9e56759a9f85b7b7946724b1d64421340aabb174b1c56a5140e5e35169bb +SIZE (go/security_crowdsec/crowdsec-v1.7.0/v1.7.0.mod) = 10467 +SHA256 (go/security_crowdsec/crowdsec-v1.7.0/v1.7.0.zip) = 8854689eea80df7d93437f05ec5fca7461a8444ddb3d09aed387be3a75452113 +SIZE (go/security_crowdsec/crowdsec-v1.7.0/v1.7.0.zip) = 1796649 diff --git a/security/crowdsec/files/acquis.yaml.sample b/security/crowdsec/files/acquis.yaml.sample new file mode 100644 index 000000000000..b994f31b0a6b --- /dev/null +++ b/security/crowdsec/files/acquis.yaml.sample @@ -0,0 +1,18 @@ +filenames: + - /var/log/nginx/*.log + - ./tests/nginx/nginx.log +#this is not a syslog log, indicate which kind of logs it is +labels: + type: nginx +--- +filenames: + - /var/log/auth.log + - /var/log/syslog +labels: + type: syslog +--- +filenames: + - /var/log/httpd-access.log + - /var/log/httpd-error.log +labels: + type: apache2 diff --git a/security/crowdsec/files/patch-config_acquis.yaml b/security/crowdsec/files/patch-config_acquis.yaml deleted file mode 100644 index 67b4ef3c693b..000000000000 --- a/security/crowdsec/files/patch-config_acquis.yaml +++ /dev/null @@ -1,12 +0,0 @@ ---- config/acquis.yaml.orig 2021-12-15 10:39:37 UTC -+++ config/acquis.yaml -@@ -11,6 +11,8 @@ filenames: - labels: - type: syslog - --- --filename: /var/log/apache2/*.log -+filenames: -+ - /var/log/httpd-access.log -+ - /var/log/httpd-error.log - labels: - type: apache2 diff --git a/security/doas/Makefile b/security/doas/Makefile index 58c1aa4b15fe..d0b419bd2f06 100644 --- a/security/doas/Makefile +++ b/security/doas/Makefile @@ -1,10 +1,11 @@ PORTNAME= doas -PORTVERSION= 6.3p12 +PORTVERSION= 6.3p13 CATEGORIES= security +MASTER_SITES= https://codeberg.org/thejessesmith/doas/archive/${PORTVERSION}${EXTRACT_SUFX}?dummy=/ MAINTAINER= jsmith@resonatingmedia.com COMMENT= Simple sudo alternative to run commands as another user -WWW= https://github.com/slicer69/doas/ +WWW= https://codeberg.org/thejessesmith/doas/ LICENSE= BSD2CLAUSE ISCL LICENSE_COMB= multi @@ -15,16 +16,16 @@ USES= cpe gmake CPE_VENDOR= doas_project CPE_VERSION= ${PORTVERSION:C/p.+//} CPE_UPDATE= ${PORTVERSION:C/[^p]*//} -USE_GITHUB= yes -GH_ACCOUNT= slicer69 MAKE_ENV+= TARGETPATH=-DGLOBAL_PATH='\"${_GLOBAL_PATH}\"' CONFLICTS= opendoas BINMODE= 4755 - SUB_FILES= pkg-message + +WRKSRC= ${WRKDIR}/${PORTNAME} + PLIST_FILES= bin/doas \ bin/doasedit \ bin/vidoas \ @@ -37,10 +38,6 @@ PLIST_FILES= bin/doas \ # These are upstream's default paths that are set for the GLOBAL_PATH variable # in doas.h since the 6.1 release. Those paths are then used for target user's # PATH variable instead of those of the original user. -# -# See also: -# * https://github.com/slicer69/doas/blob/6.1/doas.h#L36 -# * https://github.com/slicer69/doas/releases/tag/6.1 _GLOBAL_PATH?= ${LOCALBASE}/sbin:${LOCALBASE}/bin:/usr/sbin:/usr/bin:/sbin:/bin do-install: diff --git a/security/doas/distinfo b/security/doas/distinfo index 5a0be4612ac3..c611ad3751a8 100644 --- a/security/doas/distinfo +++ b/security/doas/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1715361640 -SHA256 (slicer69-doas-6.3p12_GH0.tar.gz) = e4f37745345c12d4e0c8c03c8237791729cf047dbd7b2455f8de60e2f82ac1b0 -SIZE (slicer69-doas-6.3p12_GH0.tar.gz) = 34396 +TIMESTAMP = 1757209805 +SHA256 (doas-6.3p13.tar.gz) = 2cca9003856e92ec0a50b3e559b7f3132bf8293dc8302613933f8ed06c8c7fc5 +SIZE (doas-6.3p13.tar.gz) = 34883 diff --git a/security/i2pd/Makefile b/security/i2pd/Makefile index b8e3ea48d5d1..b0baf476f5c3 100644 --- a/security/i2pd/Makefile +++ b/security/i2pd/Makefile @@ -1,5 +1,5 @@ PORTNAME= i2pd -DISTVERSION= 2.57.0 +DISTVERSION= 2.58.0 CATEGORIES= security net-p2p MAINTAINER= driesm@FreeBSD.org diff --git a/security/i2pd/distinfo b/security/i2pd/distinfo index 12bf6a23c325..33b74d6b2ade 100644 --- a/security/i2pd/distinfo +++ b/security/i2pd/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1749125900 -SHA256 (PurpleI2P-i2pd-2.57.0_GH0.tar.gz) = e2327f816d92a369eaaf9fd1661bc8b350495199e2f2cb4bfd4680107cd1d4b4 -SIZE (PurpleI2P-i2pd-2.57.0_GH0.tar.gz) = 712641 +TIMESTAMP = 1757487050 +SHA256 (PurpleI2P-i2pd-2.58.0_GH0.tar.gz) = 5ff650c6da8fda3522c10ec22889a7fd1c6b5d1af42c24531d84c36f6cc49019 +SIZE (PurpleI2P-i2pd-2.58.0_GH0.tar.gz) = 719564 diff --git a/security/i2pd/pkg-plist b/security/i2pd/pkg-plist index 3142b9953a5b..9de8997b4b92 100644 --- a/security/i2pd/pkg-plist +++ b/security/i2pd/pkg-plist @@ -14,7 +14,6 @@ share/man/man1/i2pd.1.gz %%DATADIR%%/certificates/family/volatile.crt %%DATADIR%%/certificates/reseed/acetone_at_mail.i2p.crt %%DATADIR%%/certificates/reseed/admin_at_stormycloud.org.crt -%%DATADIR%%/certificates/reseed/arnavbhatt288_at_mail.i2p.crt %%DATADIR%%/certificates/reseed/creativecowpat_at_mail.i2p.crt %%DATADIR%%/certificates/reseed/echelon3_at_mail.i2p.crt %%DATADIR%%/certificates/reseed/hankhill19580_at_gmail.com.crt @@ -25,7 +24,6 @@ share/man/man1/i2pd.1.gz %%DATADIR%%/certificates/reseed/r4sas-reseed_at_mail.i2p.crt %%DATADIR%%/certificates/reseed/rambler_at_mail.i2p.crt %%DATADIR%%/certificates/reseed/reseed_at_diva.exchange.crt -%%DATADIR%%/certificates/reseed/unixeno_at_cubicchaos.net.crt @dir %%ETCDIR%%/tunnels.d @dir(%%USER%%,%%GROUP%%,755) /var/db/i2pd @dir(%%USER%%,%%GROUP%%,755) /var/log/i2pd diff --git a/security/keysmith/distinfo b/security/keysmith/distinfo index 35f288229720..2b1d0859e6c8 100644 --- a/security/keysmith/distinfo +++ b/security/keysmith/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1754646550 -SHA256 (KDE/release-service/25.08.0/keysmith-25.08.0.tar.xz) = 0e5f21ebffb21856e22dfd2fa961f5d14c5c565a88002a32ce1f4117bad60987 -SIZE (KDE/release-service/25.08.0/keysmith-25.08.0.tar.xz) = 237728 +TIMESTAMP = 1757410252 +SHA256 (KDE/release-service/25.08.1/keysmith-25.08.1.tar.xz) = bf4aeda0e45993d3bd76deca5edc85216ddb0dbdcb309ebf5520f33d1cd572d3 +SIZE (KDE/release-service/25.08.1/keysmith-25.08.1.tar.xz) = 237656 diff --git a/security/kf6-kdesu/distinfo b/security/kf6-kdesu/distinfo index 8c98e35c7322..5e2b09c85181 100644 --- a/security/kf6-kdesu/distinfo +++ b/security/kf6-kdesu/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1754127975 -SHA256 (KDE/frameworks/6.17/kdesu-6.17.0.tar.xz) = 666899ad546b7bd002e3fc1697032f8920ce7261df2ef519e81d4aae91971123 -SIZE (KDE/frameworks/6.17/kdesu-6.17.0.tar.xz) = 57012 +TIMESTAMP = 1757408198 +SHA256 (KDE/frameworks/6.18/kdesu-6.18.0.tar.xz) = 3203b047113cf08bca3981ede657e45b417a7cd0f2879bb4f9e901ad4e594616 +SIZE (KDE/frameworks/6.18/kdesu-6.18.0.tar.xz) = 57020 diff --git a/security/kgpg/distinfo b/security/kgpg/distinfo index e639670f58dd..853712e77c9d 100644 --- a/security/kgpg/distinfo +++ b/security/kgpg/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1754646553 -SHA256 (KDE/release-service/25.08.0/kgpg-25.08.0.tar.xz) = c343f27b1d024a9497d6df81439fdfc5a6d13016725a225d7a1d195fdb002427 -SIZE (KDE/release-service/25.08.0/kgpg-25.08.0.tar.xz) = 3049812 +TIMESTAMP = 1757410254 +SHA256 (KDE/release-service/25.08.1/kgpg-25.08.1.tar.xz) = c3afee476c61ecd322502217ce97fa4dcc16dab39f7793c31be2bee8ac2455b5 +SIZE (KDE/release-service/25.08.1/kgpg-25.08.1.tar.xz) = 3049880 diff --git a/security/kleopatra/distinfo b/security/kleopatra/distinfo index 4264a1a02270..9a4e29e665f7 100644 --- a/security/kleopatra/distinfo +++ b/security/kleopatra/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1754646555 -SHA256 (KDE/release-service/25.08.0/kleopatra-25.08.0.tar.xz) = f3cba816041732ed915e4941f728f04ef9cb3129f31d845bfe8df3f4e0f0b3db -SIZE (KDE/release-service/25.08.0/kleopatra-25.08.0.tar.xz) = 2861400 +TIMESTAMP = 1757410257 +SHA256 (KDE/release-service/25.08.1/kleopatra-25.08.1.tar.xz) = 27081153cd29ff300454ca1bcd4da57541d07a52a9741bcd8fabc2a094b4bdf8 +SIZE (KDE/release-service/25.08.1/kleopatra-25.08.1.tar.xz) = 2861848 diff --git a/security/kpkpass/distinfo b/security/kpkpass/distinfo index ee3a7ed3c2ea..89a44718e1f4 100644 --- a/security/kpkpass/distinfo +++ b/security/kpkpass/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1754646557 -SHA256 (KDE/release-service/25.08.0/kpkpass-25.08.0.tar.xz) = 2ee2a25ff90f23026dd687e2b62ac1a908c1c55fdf685a42583d67472a1badbb -SIZE (KDE/release-service/25.08.0/kpkpass-25.08.0.tar.xz) = 31868 +TIMESTAMP = 1757410259 +SHA256 (KDE/release-service/25.08.1/kpkpass-25.08.1.tar.xz) = e75e339814e124203bb6205eb435d2283ff0828b08d13108bfc66ef454cfa7bb +SIZE (KDE/release-service/25.08.1/kpkpass-25.08.1.tar.xz) = 31864 diff --git a/security/kwalletmanager/distinfo b/security/kwalletmanager/distinfo index 84d27d4eab2b..1aa0b0bfc238 100644 --- a/security/kwalletmanager/distinfo +++ b/security/kwalletmanager/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1754646560 -SHA256 (KDE/release-service/25.08.0/kwalletmanager-25.08.0.tar.xz) = 0110bbc55733392f49d2de333082d29c1929a1073af27799f6c277289c8359a3 -SIZE (KDE/release-service/25.08.0/kwalletmanager-25.08.0.tar.xz) = 1052868 +TIMESTAMP = 1757410261 +SHA256 (KDE/release-service/25.08.1/kwalletmanager-25.08.1.tar.xz) = cd52e2746aabc52aa9e7918c6a2788b4f2777b1a19479b0af9364d4f714a8704 +SIZE (KDE/release-service/25.08.1/kwalletmanager-25.08.1.tar.xz) = 1052792 diff --git a/security/libkleo/distinfo b/security/libkleo/distinfo index e75aa8c676d4..d048235b3504 100644 --- a/security/libkleo/distinfo +++ b/security/libkleo/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1754646562 -SHA256 (KDE/release-service/25.08.0/libkleo-25.08.0.tar.xz) = 20c9553c7652f8bc59949cf4b92711c7b0e5a486fc4b10d851346439056d2bd4 -SIZE (KDE/release-service/25.08.0/libkleo-25.08.0.tar.xz) = 663320 +TIMESTAMP = 1757410264 +SHA256 (KDE/release-service/25.08.1/libkleo-25.08.1.tar.xz) = 6a9a2bef659a4294c6114ac2300fc62dc5e2d1b48eb29ef2ead9be59997d8baf +SIZE (KDE/release-service/25.08.1/libkleo-25.08.1.tar.xz) = 667908 diff --git a/security/libkleo/pkg-plist b/security/libkleo/pkg-plist index 25a2223e34e3..3d504d3d50ec 100644 --- a/security/libkleo/pkg-plist +++ b/security/libkleo/pkg-plist @@ -168,7 +168,7 @@ lib/libKPim6Libkleo.so.6 lib/libKPim6Libkleo.so.%%KDE_APPLICATIONS_SHLIB_VER%% share/KPim6Libkleo/find-modules/FindLibAssuan.cmake share/KPim6Libkleo/find-modules/FindLibGpgError.cmake -%%DATADIR%%patra/pics/smartcard.xpm +share/libkleopatra/pics/smartcard.xpm share/locale/ar/LC_MESSAGES/libkleopatra6.mo share/locale/ast/LC_MESSAGES/libkleopatra6.mo share/locale/be/LC_MESSAGES/libkleopatra6.mo diff --git a/security/netbird/Makefile b/security/netbird/Makefile index 9a0ac9619973..d018c374af81 100644 --- a/security/netbird/Makefile +++ b/security/netbird/Makefile @@ -1,6 +1,6 @@ PORTNAME= netbird DISTVERSIONPREFIX= v -DISTVERSION= 0.55.1 +DISTVERSION= 0.56.0 PORTREVISION= 1 CATEGORIES= security net net-vpn diff --git a/security/netbird/distinfo b/security/netbird/distinfo index cfabf2a6c0fe..842834e94dc7 100644 --- a/security/netbird/distinfo +++ b/security/netbird/distinfo @@ -1,5 +1,5 @@ -TIMESTAMP = 1756098278 -SHA256 (go/security_netbird/netbird-v0.55.1/v0.55.1.mod) = c2299db0600b77c686e27da4a20c0e4f391de2491c94fd331d3da7c366e30655 -SIZE (go/security_netbird/netbird-v0.55.1/v0.55.1.mod) = 12507 -SHA256 (go/security_netbird/netbird-v0.55.1/v0.55.1.zip) = 5c1564631d955f97bbb0d62e2f0adfefde9528aa6022b88ce249f602599f6306 -SIZE (go/security_netbird/netbird-v0.55.1/v0.55.1.zip) = 3102125 +TIMESTAMP = 1756099179 +SHA256 (go/security_netbird/netbird-v0.56.0/v0.56.0.mod) = e817264ac86111dbad8241ebaa0896fceeeb3c5aa2f8a1d36e84100e05975489 +SIZE (go/security_netbird/netbird-v0.56.0/v0.56.0.mod) = 12619 +SHA256 (go/security_netbird/netbird-v0.56.0/v0.56.0.zip) = 750c6be8736b9b960509f57d245711b0d7a4b97f15c0f2a1a3ac07aadf20ba63 +SIZE (go/security_netbird/netbird-v0.56.0/v0.56.0.zip) = 3126909 diff --git a/security/netbird/files/patch-vendor_golang.zx2c4.com_wireguard_wgctrl_internal_wgfreebsd_internal_nv_decode.go b/security/netbird/files/patch-vendor_golang.zx2c4.com_wireguard_wgctrl_internal_wgfreebsd_internal_nv_decode.go new file mode 100644 index 000000000000..3d89c7d66a97 --- /dev/null +++ b/security/netbird/files/patch-vendor_golang.zx2c4.com_wireguard_wgctrl_internal_wgfreebsd_internal_nv_decode.go @@ -0,0 +1,11 @@ +--- vendor/golang.zx2c4.com/wireguard/wgctrl/internal/wgfreebsd/internal/nv/decode.go.orig 2025-09-06 11:14:13 UTC ++++ vendor/golang.zx2c4.com/wireguard/wgctrl/internal/wgfreebsd/internal/nv/decode.go +@@ -13,7 +13,7 @@ func Unmarshal(d []byte, out List) error { + + // Unmarshal decodes a FreeBSD name-value list (nv(9)) to a Go map + func Unmarshal(d []byte, out List) error { +- sz := C.ulong(len(d)) ++ sz := C.size_t(len(d)) + dp := unsafe.Pointer(&d[0]) + nvl := C.nvlist_unpack(dp, sz, 0) + diff --git a/security/netbird/files/patch-vendor_golang.zx2c4.com_wireguard_wgctrl_internal_wgfreebsd_internal_nv_encode.go b/security/netbird/files/patch-vendor_golang.zx2c4.com_wireguard_wgctrl_internal_wgfreebsd_internal_nv_encode.go new file mode 100644 index 000000000000..54a18ac871bf --- /dev/null +++ b/security/netbird/files/patch-vendor_golang.zx2c4.com_wireguard_wgctrl_internal_wgfreebsd_internal_nv_encode.go @@ -0,0 +1,33 @@ +--- vendor/golang.zx2c4.com/wireguard/wgctrl/internal/wgfreebsd/internal/nv/encode.go.orig 2025-09-06 11:15:21 UTC ++++ vendor/golang.zx2c4.com/wireguard/wgctrl/internal/wgfreebsd/internal/nv/encode.go +@@ -44,7 +44,7 @@ func marshal(m List) (nvl *C.struct_nvlist, err error) + C.nvlist_add_bool(nvl, ckey, C.bool(value)) + + case uint64: +- C.nvlist_add_number(nvl, ckey, C.ulong(value)) ++ C.nvlist_add_number(nvl, ckey, C.uint64_t(value)) + + case []byte: + sz := len(value) +@@ -54,8 +54,8 @@ func marshal(m List) (nvl *C.struct_nvlist, err error) + + case []List: + sz := len(value) +- buf := C.malloc(C.size_t(C.sizeof_nvlist_ptr * sz)) +- items := (*[1<<30 - 1]*C.struct_nvlist)(buf) ++ buf := (**C.struct_nvlist)(C.malloc(C.size_t(C.sizeof_nvlist_ptr * sz))) ++ items := unsafe.Slice(buf, sz) + + for i, val := range value { + if items[i], err = marshal(val); err != nil { +@@ -64,8 +64,8 @@ func marshal(m List) (nvl *C.struct_nvlist, err error) + } + } + +- C.nvlist_add_nvlist_array(nvl, ckey, (**C.struct_nvlist)(buf), C.size_t(sz)) +- C.free(buf) ++ C.nvlist_add_nvlist_array(nvl, ckey, buf, C.size_t(sz)) ++ C.free(unsafe.Pointer(buf)) + } + + C.free(unsafe.Pointer(ckey)) diff --git a/security/node-sqlcipher/Makefile b/security/node-sqlcipher/Makefile index 203bde07839f..1154e081f29d 100644 --- a/security/node-sqlcipher/Makefile +++ b/security/node-sqlcipher/Makefile @@ -1,5 +1,5 @@ PORTNAME= node-sqlcipher -DISTVERSION= 2.2.2 +DISTVERSION= 2.4.4 CATEGORIES= security MASTER_SITES= https://github.com/signalapp/node-sqlcipher/archive/refs/tags/v${DISTVERSION}/:sqlcipher \ https://registry.npmjs.org/@esbuild/freebsd-arm64/-/:esbuildarm64 \ diff --git a/security/node-sqlcipher/distinfo b/security/node-sqlcipher/distinfo index 542021a3cf7f..f303ead4222c 100644 --- a/security/node-sqlcipher/distinfo +++ b/security/node-sqlcipher/distinfo @@ -1,9 +1,9 @@ -TIMESTAMP = 1755508730 +TIMESTAMP = 1757237368 SHA256 (freebsd-arm64-0.25.9.tgz) = ffa1616767d7660bc93d439c19d91a9b1e5751065c946d09382e330ea688f3f2 SIZE (freebsd-arm64-0.25.9.tgz) = 4016542 SHA256 (freebsd-x64-0.25.9.tgz) = 86d04ec7f0dc3fe07b91e625c283f07b82ef2da04809f9ba4193492743c7fcbc SIZE (freebsd-x64-0.25.9.tgz) = 4370517 -SHA256 (node-sqlcipher-2.2.2.tar.gz) = 924916f16f61a0448c8fa062963055d73ba7af104781e8848766a97c88b1662b -SIZE (node-sqlcipher-2.2.2.tar.gz) = 2714491 -SHA256 (node-sqlcipher-2.2.2-npm-cache.tar.gz) = 45b4c5bf67cd9f6eac4f02f1bbed0bbae57ca0d97733e0d4cbecf0ebb327cac8 -SIZE (node-sqlcipher-2.2.2-npm-cache.tar.gz) = 67597779 +SHA256 (node-sqlcipher-2.4.4.tar.gz) = b28b7a05d139edbf0a5aaf35caeb296ad3d90b107e0d3242451c6bf78e12f85f +SIZE (node-sqlcipher-2.4.4.tar.gz) = 2732706 +SHA256 (node-sqlcipher-2.4.4-npm-cache.tar.gz) = ead2a8db40b7bc84c4e4edf45f88f1e50be0302ed42efd3b870b005dd4e6bb0f +SIZE (node-sqlcipher-2.4.4-npm-cache.tar.gz) = 67535275 diff --git a/security/nss/Makefile b/security/nss/Makefile index c9a20263a864..525635c1e763 100644 --- a/security/nss/Makefile +++ b/security/nss/Makefile @@ -1,5 +1,5 @@ PORTNAME= nss -PORTVERSION= 3.115.1 +PORTVERSION= 3.116 CATEGORIES= security MASTER_SITES= MOZILLA/security/${PORTNAME}/releases/${DISTNAME:tu:C/[-.]/_/g}_RTM/src diff --git a/security/nss/distinfo b/security/nss/distinfo index 37d2ef7208b7..c913edb41197 100644 --- a/security/nss/distinfo +++ b/security/nss/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1755861627 -SHA256 (nss-3.115.1.tar.gz) = b8189c030b528e57dc5290023c07eea429ce242912a51a0388c184c75a257bcf -SIZE (nss-3.115.1.tar.gz) = 76656855 +TIMESTAMP = 1757695731 +SHA256 (nss-3.116.tar.gz) = 3938611de4ad1e3b71f27f3cd5ea717a5b5f83bffc9cd427e6d929dc67f2bb73 +SIZE (nss-3.116.tar.gz) = 76661970 diff --git a/security/nss/pkg-plist b/security/nss/pkg-plist index 54ad14fae62f..c815d71f45ca 100644 --- a/security/nss/pkg-plist +++ b/security/nss/pkg-plist @@ -50,6 +50,7 @@ include/nss/keythi.h include/nss/kyber.h include/nss/lowkeyi.h include/nss/lowkeyti.h +include/nss/ml_dsat.h include/nss/nss.h include/nss/nssb64.h include/nss/nssb64t.h diff --git a/security/nuclei/Makefile b/security/nuclei/Makefile index 14307cedd2a0..884ebf15b0e1 100644 --- a/security/nuclei/Makefile +++ b/security/nuclei/Makefile @@ -1,6 +1,6 @@ PORTNAME= nuclei DISTVERSIONPREFIX= v -DISTVERSION= 3.4.7 +DISTVERSION= 3.4.10 CATEGORIES= security MAINTAINER= dutra@FreeBSD.org @@ -9,7 +9,7 @@ WWW= https://github.com/projectdiscovery/nuclei LICENSE= MIT -USES= go:1.22,modules +USES= go:1.24,modules GO_MODULE= github.com/projectdiscovery/nuclei/v3 GO_TARGET= ./cmd/${PORTNAME} diff --git a/security/nuclei/distinfo b/security/nuclei/distinfo index e84c8fc80136..d08b4c74bfad 100644 --- a/security/nuclei/distinfo +++ b/security/nuclei/distinfo @@ -1,5 +1,5 @@ -TIMESTAMP = 1753317860 -SHA256 (go/security_nuclei/nuclei-v3.4.7/v3.4.7.mod) = bc1fb722b23218fe4ec211f30a80341a92e69f62fe0a5625afbb0a86599726fc -SIZE (go/security_nuclei/nuclei-v3.4.7/v3.4.7.mod) = 18779 -SHA256 (go/security_nuclei/nuclei-v3.4.7/v3.4.7.zip) = 0356b818c4d68bff08f690128ed089b37a83b43dfdea9a045c8f13500d52300e -SIZE (go/security_nuclei/nuclei-v3.4.7/v3.4.7.zip) = 12380996 +TIMESTAMP = 1757787405 +SHA256 (go/security_nuclei/nuclei-v3.4.10/v3.4.10.mod) = 0d3b692dbe6922d8bc13cbc334140df320f21650d7b5d073bcb2e4ae294ef913 +SIZE (go/security_nuclei/nuclei-v3.4.10/v3.4.10.mod) = 18905 +SHA256 (go/security_nuclei/nuclei-v3.4.10/v3.4.10.zip) = c42c0eb9f5727fca98aa5ee45fdeebd39c26292dcd500d3f5bf7cfb9ae552abd +SIZE (go/security_nuclei/nuclei-v3.4.10/v3.4.10.zip) = 12401381 diff --git a/security/openvpn/Makefile b/security/openvpn/Makefile index 44f30253b5b2..690ac26738d8 100644 --- a/security/openvpn/Makefile +++ b/security/openvpn/Makefile @@ -1,6 +1,6 @@ PORTNAME= openvpn DISTVERSION= 2.6.14 -PORTREVISION?= 2 +PORTREVISION?= 3 CATEGORIES= security net net-vpn MASTER_SITES= https://swupdate.openvpn.org/community/releases/ \ https://build.openvpn.net/downloads/releases/ \ diff --git a/security/openvpn/files/patch-src_openvpn_dco__freebsd.c b/security/openvpn/files/patch-src_openvpn_dco__freebsd.c index 22c24baa9ec3..686fc6584be7 100644 --- a/security/openvpn/files/patch-src_openvpn_dco__freebsd.c +++ b/security/openvpn/files/patch-src_openvpn_dco__freebsd.c @@ -1,6 +1,6 @@ --- src/openvpn/dco_freebsd.c.orig 2025-04-02 06:53:10 UTC +++ src/openvpn/dco_freebsd.c -@@ -72,6 +72,67 @@ sockaddr_to_nvlist(const struct sockaddr *sa) +@@ -72,6 +72,61 @@ sockaddr_to_nvlist(const struct sockaddr *sa) return (nvl); } @@ -32,10 +32,7 @@ + + in->sin_len = sizeof(*in); + data = nvlist_get_binary(nvl, "address", &len); -+ if (len != sizeof(in->sin_addr)) -+ { -+ return (false); -+ } ++ ASSERT(len == sizeof(in->sin_addr)); + memcpy(&in->sin_addr, data, sizeof(in->sin_addr)); + in->sin_port = nvlist_get_number(nvl, "port"); + break; @@ -49,10 +46,7 @@ + + in6->sin6_len = sizeof(*in6); + data = nvlist_get_binary(nvl, "address", &len); -+ if (len != sizeof(in6->sin6_addr)) -+ { -+ return (false); -+ } ++ ASSERT(len == sizeof(in6->sin6_addr)); + memcpy(&in6->sin6_addr, data, sizeof(in6->sin6_addr)); + in6->sin6_port = nvlist_get_number(nvl, "port"); + break; @@ -68,7 +62,7 @@ int dco_new_peer(dco_context_t *dco, unsigned int peerid, int sd, struct sockaddr *localaddr, struct sockaddr *remoteaddr, -@@ -570,6 +631,25 @@ dco_do_read(dco_context_t *dco) +@@ -570,6 +625,25 @@ dco_do_read(dco_context_t *dco) case OVPN_NOTIF_ROTATE_KEY: dco->dco_message_type = OVPN_CMD_SWAP_KEYS; break; diff --git a/security/openvpn/files/patch-src_openvpn_init.c b/security/openvpn/files/patch-src_openvpn_init.c new file mode 100644 index 000000000000..0d09e6050236 --- /dev/null +++ b/security/openvpn/files/patch-src_openvpn_init.c @@ -0,0 +1,22 @@ +--- src/openvpn/init.c.orig 2025-04-02 06:53:10 UTC ++++ src/openvpn/init.c +@@ -330,7 +330,7 @@ management_callback_remote_entry_count(void *arg) + static unsigned int + management_callback_remote_entry_count(void *arg) + { +- assert(arg); ++ ASSERT(arg); + struct context *c = (struct context *) arg; + struct connection_list *l = c->options.connection_list; + +@@ -340,8 +340,8 @@ management_callback_remote_entry_get(void *arg, unsign + static bool + management_callback_remote_entry_get(void *arg, unsigned int index, char **remote) + { +- assert(arg); +- assert(remote); ++ ASSERT(arg); ++ ASSERT(remote); + + struct context *c = (struct context *) arg; + struct connection_list *l = c->options.connection_list; diff --git a/security/osv-scanner/Makefile b/security/osv-scanner/Makefile index e1b4fc3acda3..c3f0fa16bbd3 100644 --- a/security/osv-scanner/Makefile +++ b/security/osv-scanner/Makefile @@ -1,7 +1,6 @@ PORTNAME= osv-scanner DISTVERSIONPREFIX= v -DISTVERSION= 2.2.1 -PORTREVISION= 1 +DISTVERSION= 2.2.2 CATEGORIES= security MAINTAINER= dutra@FreeBSD.org diff --git a/security/osv-scanner/distinfo b/security/osv-scanner/distinfo index 265d20a79f1b..1a2041a4e6ed 100644 --- a/security/osv-scanner/distinfo +++ b/security/osv-scanner/distinfo @@ -1,5 +1,5 @@ -TIMESTAMP = 1754949434 -SHA256 (go/security_osv-scanner/osv-scanner-v2.2.1/v2.2.1.mod) = 0dce5dbfafb99b5582b02777a4a2b0b806fde168be423da7ed1ac6f0d9529abd -SIZE (go/security_osv-scanner/osv-scanner-v2.2.1/v2.2.1.mod) = 9801 -SHA256 (go/security_osv-scanner/osv-scanner-v2.2.1/v2.2.1.zip) = d249264cb9bfef83ef63567466dd7321032e7e7c44532be933fc12b920151637 -SIZE (go/security_osv-scanner/osv-scanner-v2.2.1/v2.2.1.zip) = 5234820 +TIMESTAMP = 1757786339 +SHA256 (go/security_osv-scanner/osv-scanner-v2.2.2/v2.2.2.mod) = d54389929750cc4839c89a8f2083a8d735c105d2aac0a3d90cdfb9a5e8fc998f +SIZE (go/security_osv-scanner/osv-scanner-v2.2.2/v2.2.2.mod) = 9801 +SHA256 (go/security_osv-scanner/osv-scanner-v2.2.2/v2.2.2.zip) = 5dbba62ae3d7fec8f1d61d3cb011b54f8b994ac6b7aa9a33a3f9bee0abf0a70a +SIZE (go/security_osv-scanner/osv-scanner-v2.2.2/v2.2.2.zip) = 12527375 diff --git a/security/osv-scanner/files/patch-internal_sourceanalysis_go.go b/security/osv-scanner/files/patch-internal_sourceanalysis_go.go index 04a027230126..024b5e0dda44 100644 --- a/security/osv-scanner/files/patch-internal_sourceanalysis_go.go +++ b/security/osv-scanner/files/patch-internal_sourceanalysis_go.go @@ -1,11 +1,11 @@ ---- internal/sourceanalysis/go.go.orig 1979-11-30 03:00:00 UTC +--- internal/sourceanalysis/go.go.orig 2025-09-13 17:59:56 UTC +++ internal/sourceanalysis/go.go -@@ -19,7 +19,7 @@ func goAnalysis(pkgs []models.PackageVulns, source mod - ) +@@ -21,7 +21,7 @@ func goAnalysis(pkgs []models.PackageVulns, source mod func goAnalysis(pkgs []models.PackageVulns, source models.SourceInfo) { -- cmd := exec.Command("go", "version") -+ cmd := exec.Command("go%%GO_SUFFIX%%", "version") + // TODO: This will be moved to enrichers which does have context. +- cmd := exec.CommandContext(context.TODO(), "go", "version") ++ cmd := exec.CommandContext(context.TODO(), "go%%GO_SUFFIX%%", "version") _, err := cmd.Output() if err != nil { - slog.Info("Skipping call analysis on Go code since Go is not installed.") + cmdlogger.Infof("Skipping call analysis on Go code since Go is not installed.") diff --git a/security/p11-kit/Makefile b/security/p11-kit/Makefile index c2bba5c883c4..845f8ab77d6b 100644 --- a/security/p11-kit/Makefile +++ b/security/p11-kit/Makefile @@ -1,5 +1,5 @@ PORTNAME= p11-kit -DISTVERSION= 0.25.5 +DISTVERSION= 0.25.8 CATEGORIES= security devel MASTER_SITES= https://github.com/p11-glue/${PORTNAME}/releases/download/${DISTVERSION}/ @@ -21,6 +21,7 @@ CPE_VENDOR= p11-kit_project MESON_ARGS= -Dnls=false \ -Dsystemd=disabled \ + -Dzsh_completion=disabled \ -Dtrust_paths=${DATADIR}/certs OPTIONS_DEFINE= DOCS MANPAGES TEST diff --git a/security/p11-kit/distinfo b/security/p11-kit/distinfo index 5dc3e4629f51..8792b97e4abc 100644 --- a/security/p11-kit/distinfo +++ b/security/p11-kit/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1720110883 -SHA256 (p11-kit-0.25.5.tar.xz) = 04d0a86450cdb1be018f26af6699857171a188ac6d5b8c90786a60854e1198e5 -SIZE (p11-kit-0.25.5.tar.xz) = 1002056 +TIMESTAMP = 1757740866 +SHA256 (p11-kit-0.25.8.tar.xz) = 2fd4073ee2a47edafaae2c8affa2bcca64e0697f8881f68f580801ef43cab0ce +SIZE (p11-kit-0.25.8.tar.xz) = 1060504 diff --git a/security/p11-kit/pkg-plist b/security/p11-kit/pkg-plist index a865245891c4..b46c8f26f9a5 100644 --- a/security/p11-kit/pkg-plist +++ b/security/p11-kit/pkg-plist @@ -11,7 +11,7 @@ include/p11-kit-1/p11-kit/uri.h include/p11-kit-1/p11-kit/version.h lib/libp11-kit.so lib/libp11-kit.so.0 -lib/libp11-kit.so.0.4.1 +lib/libp11-kit.so.0.4.3 lib/p11-kit-proxy.so lib/pkcs11/p11-kit-client.so lib/pkcs11/p11-kit-trust.so @@ -47,6 +47,7 @@ share/bash-completion/completions/trust %%DOCS%%share/gtk-doc/html/p11-kit/p11-kit.devhelp2 %%DOCS%%share/gtk-doc/html/p11-kit/p11-kit.html %%DOCS%%share/gtk-doc/html/p11-kit/pkcs11-conf.html +%%DOCS%%share/gtk-doc/html/p11-kit/proxy.html %%DOCS%%share/gtk-doc/html/p11-kit/reference.html %%DOCS%%share/gtk-doc/html/p11-kit/remoting.html %%DOCS%%share/gtk-doc/html/p11-kit/right-insensitive.png diff --git a/security/p5-GSSAPI/Makefile b/security/p5-GSSAPI/Makefile index ff17e4d13599..25102d1fa128 100644 --- a/security/p5-GSSAPI/Makefile +++ b/security/p5-GSSAPI/Makefile @@ -22,11 +22,9 @@ OPTIONS_DEFAULT=GSSAPI_BASE GSSAPI_BASE_USES= gssapi GSSAPI_HEIMDAL_USES= gssapi:heimdal GSSAPI_MIT_USES= gssapi:mit -GSSAPI_MIT_VARS= KRB5CONF=${KRB5_HOME}/bin/krb5-config -GSSAPI_MIT_VARS_OFF= KRB5CONF=${HEIMDAL_HOME}/bin/krb5-config post-patch: - @${REINPLACE_CMD} -e 's|%%KRB5CONF%%|${KRB5CONF}|g' ${WRKSRC}/Makefile.PL + @${REINPLACE_CMD} -e 's|%%KRB5CONF%%|${KRB5CONFIG}|g' ${WRKSRC}/Makefile.PL post-install: ${STRIP_CMD} ${STAGEDIR}${PREFIX}/${SITE_ARCH_REL}/auto/GSSAPI/GSSAPI.so diff --git a/security/pecl-gnupg/Makefile b/security/pecl-gnupg/Makefile index dd2eb5172e17..acff4677d2fe 100644 --- a/security/pecl-gnupg/Makefile +++ b/security/pecl-gnupg/Makefile @@ -1,6 +1,5 @@ PORTNAME= gnupg -PORTVERSION= 1.5.3 -PORTREVISION= 1 +PORTVERSION= 1.5.4 CATEGORIES= security MAINTAINER= sunpoet@FreeBSD.org diff --git a/security/pecl-gnupg/distinfo b/security/pecl-gnupg/distinfo index 52ded8388151..96fec406399e 100644 --- a/security/pecl-gnupg/distinfo +++ b/security/pecl-gnupg/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1749813026 -SHA256 (PECL/gnupg-1.5.3.tgz) = c1555e0c86a7f6d95141530761c1ecf3fe8dbf76e14727e6f885cd7e034bdfd2 -SIZE (PECL/gnupg-1.5.3.tgz) = 47696 +TIMESTAMP = 1757120606 +SHA256 (PECL/gnupg-1.5.4.tgz) = 4d4a0980759bf259e4129ef02cb592bbeb103b4005e7b4bb6945d79488951a50 +SIZE (PECL/gnupg-1.5.4.tgz) = 47874 diff --git a/security/pecl-gnupg/files/patch-gnupg.c b/security/pecl-gnupg/files/patch-gnupg.c deleted file mode 100644 index fda8f01312fd..000000000000 --- a/security/pecl-gnupg/files/patch-gnupg.c +++ /dev/null @@ -1,41 +0,0 @@ -The trustlist feature has been deprecated in Gpgme since 2003 and was removed -in version 2.0.0. - ---- gnupg.c.orig 2025-06-02 18:54:02 UTC -+++ gnupg.c -@@ -341,7 +341,9 @@ phpc_function_entry gnupg_methods[] = { - PHP_GNUPG_FALIAS(addencryptkey, arginfo_gnupg_key_method) - PHP_GNUPG_FALIAS(adddecryptkey, arginfo_gnupg_key_passphrase_method) - PHP_GNUPG_FALIAS(deletekey, arginfo_gnupg_deletekey_method) -+#if GPGME_VERSION_NUMBER < 0x020000 /* GPGME < 2.0.0 */ - PHP_GNUPG_FALIAS(gettrustlist, arginfo_gnupg_pattern_method) -+#endif - PHP_GNUPG_FALIAS(listsignatures, arginfo_gnupg_keyid_method) - PHP_GNUPG_FALIAS(seterrormode, arginfo_gnupg_errmode_method) - PHPC_FE_END -@@ -483,7 +485,9 @@ static zend_function_entry gnupg_functions[] = { - PHP_FE(gnupg_addencryptkey, arginfo_gnupg_key_function) - PHP_FE(gnupg_adddecryptkey, arginfo_gnupg_key_passphrase_function) - PHP_FE(gnupg_deletekey, arginfo_gnupg_deletekey_function) -+#if GPGME_VERSION_NUMBER < 0x020000 /* GPGME < 2.0.0 */ - PHP_FE(gnupg_gettrustlist, arginfo_gnupg_pattern_function) -+#endif - PHP_FE(gnupg_listsignatures, arginfo_gnupg_keyid_function) - PHP_FE(gnupg_seterrormode, arginfo_gnupg_errmode_function) - PHPC_FE_END -@@ -1936,6 +1940,7 @@ PHP_FUNCTION(gnupg_deletekey) - } - /* }}} */ - -+#if GPGME_VERSION_NUMBER < 0x020000 /* GPGME < 2.0.0 */ - /* {{{ proto array gnupg_gettrustlist(string pattern) - * searching for trust items which match PATTERN - */ -@@ -1980,6 +1985,7 @@ PHP_FUNCTION(gnupg_gettrustlist) - } - } - /* }}} */ -+#endif - - /* {{{ proto array gnupg_listsignatures(string keyid) */ - PHP_FUNCTION(gnupg_listsignatures) diff --git a/security/pecl-gnupg/files/patch-php85 b/security/pecl-gnupg/files/patch-php85 deleted file mode 100644 index de4a30311382..000000000000 --- a/security/pecl-gnupg/files/patch-php85 +++ /dev/null @@ -1,31 +0,0 @@ ---- gnupg_keylistiterator.c.orig 2025-06-02 18:54:02 UTC -+++ gnupg_keylistiterator.c -@@ -201,7 +201,7 @@ PHP_METHOD(gnupg_keylistiterator, rewind) - - if ((PHPC_THIS->err = gpgme_op_keylist_start( - PHPC_THIS->ctx, PHPC_THIS->pattern ? PHPC_THIS->pattern : "", 0)) != GPG_ERR_NO_ERROR){ -- zend_throw_exception(zend_exception_get_default(TSRMLS_C), (char *)gpg_strerror(PHPC_THIS->err), 1 TSRMLS_CC); -+ zend_throw_exception(zend_ce_exception, (char *)gpg_strerror(PHPC_THIS->err), 1 TSRMLS_CC); - } - if ((PHPC_THIS->err = gpgme_op_keylist_next(PHPC_THIS->ctx, &PHPC_THIS->gpgkey)) != GPG_ERR_NO_ERROR){ - RETURN_FALSE; ---- gnupg.c.orig 2025-06-02 18:54:02 UTC -+++ gnupg.c -@@ -64,7 +64,7 @@ PHPC_OBJ_DEFINE_HANDLER_VAR(gnupg); - break; \ - case 2: \ - zend_throw_exception(\ -- zend_exception_get_default(TSRMLS_C), \ -+ zend_ce_exception, \ - (char*) error, \ - 0 TSRMLS_CC \ - ); \ -@@ -169,7 +169,7 @@ static void php_gnupg_this_make(PHPC_THIS_DECLARE(gnup - if (gpgme_ctx_set_engine_info( - ctx, GPGME_PROTOCOL_OpenPGP, file_name, home_dir) != GPG_ERR_NO_ERROR) { - zend_throw_exception( -- zend_exception_get_default(TSRMLS_C), -+ zend_ce_exception, - (char*) "Setting engine info failed", - 0 TSRMLS_CC - ); diff --git a/security/plasma6-kscreenlocker/distinfo b/security/plasma6-kscreenlocker/distinfo index 0343749b22a8..7d1cd97476ae 100644 --- a/security/plasma6-kscreenlocker/distinfo +++ b/security/plasma6-kscreenlocker/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1754413473 -SHA256 (KDE/plasma/6.4.4/kscreenlocker-6.4.4.tar.xz) = 5cc1dd23be325f1ddcf005556f0ac14077789524aa0b3e1e83b97ff77d4932a8 -SIZE (KDE/plasma/6.4.4/kscreenlocker-6.4.4.tar.xz) = 187256 +TIMESTAMP = 1757499239 +SHA256 (KDE/plasma/6.4.5/kscreenlocker-6.4.5.tar.xz) = fac4f9d53d63cb9b06e90feb82c28f471971d15defd4a068bb1e7d2886b7090d +SIZE (KDE/plasma/6.4.5/kscreenlocker-6.4.5.tar.xz) = 187560 diff --git a/security/plasma6-ksshaskpass/distinfo b/security/plasma6-ksshaskpass/distinfo index f9b0e72d57f4..fdbbdb4bb8b5 100644 --- a/security/plasma6-ksshaskpass/distinfo +++ b/security/plasma6-ksshaskpass/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1754413474 -SHA256 (KDE/plasma/6.4.4/ksshaskpass-6.4.4.tar.xz) = ab47b94b6024fab148c9a7a8f8c4403a81edea96eabbb0d5f805a120fc5df230 -SIZE (KDE/plasma/6.4.4/ksshaskpass-6.4.4.tar.xz) = 30964 +TIMESTAMP = 1757499239 +SHA256 (KDE/plasma/6.4.5/ksshaskpass-6.4.5.tar.xz) = 5b2da11937079c61919755c3d55ff9bfc5bf97ed1dbf080b43c0c2af50e354da +SIZE (KDE/plasma/6.4.5/ksshaskpass-6.4.5.tar.xz) = 31120 diff --git a/security/plasma6-kwallet-pam/distinfo b/security/plasma6-kwallet-pam/distinfo index d23794cb6bc5..c8a46d495814 100644 --- a/security/plasma6-kwallet-pam/distinfo +++ b/security/plasma6-kwallet-pam/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1754413474 -SHA256 (KDE/plasma/6.4.4/kwallet-pam-6.4.4.tar.xz) = e464f9bc73a4db2b593d1b19e1e8aee385d155513e58b6b11470fa78c52efbc1 -SIZE (KDE/plasma/6.4.4/kwallet-pam-6.4.4.tar.xz) = 22548 +TIMESTAMP = 1757499240 +SHA256 (KDE/plasma/6.4.5/kwallet-pam-6.4.5.tar.xz) = 8ffbf1cc42de9aa32afc99dcc5dc0482f1967145416f05449b1e727b55b1373e +SIZE (KDE/plasma/6.4.5/kwallet-pam-6.4.5.tar.xz) = 22508 diff --git a/security/py-authlib/Makefile b/security/py-authlib/Makefile index b527bb8c9863..56b2bb82b717 100644 --- a/security/py-authlib/Makefile +++ b/security/py-authlib/Makefile @@ -1,5 +1,5 @@ PORTNAME= authlib -PORTVERSION= 1.6.1 +PORTVERSION= 1.6.3 CATEGORIES= security python MASTER_SITES= PYPI PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} diff --git a/security/py-authlib/distinfo b/security/py-authlib/distinfo index d864619a8bce..b5637dd84b1e 100644 --- a/security/py-authlib/distinfo +++ b/security/py-authlib/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1753265790 -SHA256 (authlib-1.6.1.tar.gz) = 4dffdbb1460ba6ec8c17981a4c67af7d8af131231b5a36a88a1e8c80c111cdfd -SIZE (authlib-1.6.1.tar.gz) = 159988 +TIMESTAMP = 1757120812 +SHA256 (authlib-1.6.3.tar.gz) = 9f7a982cc395de719e4c2215c5707e7ea690ecf84f1ab126f28c053f4219e610 +SIZE (authlib-1.6.3.tar.gz) = 160836 diff --git a/security/py-cryptojwt/Makefile b/security/py-cryptojwt/Makefile index 515dbf8eb5af..3ee84f750580 100644 --- a/security/py-cryptojwt/Makefile +++ b/security/py-cryptojwt/Makefile @@ -1,5 +1,5 @@ PORTNAME= cryptojwt -PORTVERSION= 1.9.4 +PORTVERSION= 1.10.0 CATEGORIES= security python MASTER_SITES= PYPI PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} @@ -12,8 +12,9 @@ WWW= https://cryptojwt.readthedocs.io/en/latest/ \ LICENSE= APACHE20 LICENSE_FILE= ${WRKSRC}/LICENSE -BUILD_DEPENDS= ${PYTHON_PKGNAMEPREFIX}poetry-core>=1.0.0:devel/py-poetry-core@${PY_FLAVOR} -RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}requests>=2.25.1<3:www/py-requests@${PY_FLAVOR} +BUILD_DEPENDS= ${PYTHON_PKGNAMEPREFIX}hatchling>=0:devel/py-hatchling@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}uv-dynamic-versioning>=0:devel/py-uv-dynamic-versioning@${PY_FLAVOR} +RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}requests>=2.25.1:www/py-requests@${PY_FLAVOR} USES= python shebangfix USE_PYTHON= autoplist concurrent cryptography pep517 diff --git a/security/py-cryptojwt/distinfo b/security/py-cryptojwt/distinfo index 97e73204deed..ca087d3591c4 100644 --- a/security/py-cryptojwt/distinfo +++ b/security/py-cryptojwt/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1744215559 -SHA256 (cryptojwt-1.9.4.tar.gz) = 6daa5c9a8841e34947410008c3cbfdb4330d4024961e4e623012b545f991de0c -SIZE (cryptojwt-1.9.4.tar.gz) = 64480 +TIMESTAMP = 1757120814 +SHA256 (cryptojwt-1.10.0.tar.gz) = 12bed4604adedc2f60cc529627b1283cd15abfd6c291efdc0b5225867c39415b +SIZE (cryptojwt-1.10.0.tar.gz) = 151945 diff --git a/security/py-greenbone-feed-sync/Makefile b/security/py-greenbone-feed-sync/Makefile index 353b084cfaa8..d9ab494643e3 100644 --- a/security/py-greenbone-feed-sync/Makefile +++ b/security/py-greenbone-feed-sync/Makefile @@ -1,6 +1,7 @@ PORTNAME= greenbone-feed-sync DISTVERSION= 25.1.0 DISTVERSIONPREFIX= v +PORTREVISION= 1 CATEGORIES= security python PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} @@ -13,8 +14,8 @@ LICENSE_FILE= ${WRKSRC}/LICENSE BUILD_DEPENDS= ${PYTHON_PKGNAMEPREFIX}poetry-core>0:devel/py-poetry-core@${PY_FLAVOR} RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}rich>=13.2.0:textproc/py-rich@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}tomli>=2.0.1:textproc/py-tomli@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}shtab>=1.6.5:devel/py-shtab@${PY_FLAVOR} \ + ${PY_TOMLI} \ rsync:net/rsync USE_GITHUB= yes diff --git a/security/py-joserfc/Makefile b/security/py-joserfc/Makefile index 09603c34e6a5..c909e5773db7 100644 --- a/security/py-joserfc/Makefile +++ b/security/py-joserfc/Makefile @@ -1,5 +1,5 @@ PORTNAME= joserfc -PORTVERSION= 1.2.2 +PORTVERSION= 1.3.1 CATEGORIES= security python MASTER_SITES= PYPI PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} diff --git a/security/py-joserfc/distinfo b/security/py-joserfc/distinfo index 62b3a48b759b..d994f1b7109c 100644 --- a/security/py-joserfc/distinfo +++ b/security/py-joserfc/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1752566724 -SHA256 (joserfc-1.2.2.tar.gz) = 0d2a84feecef96168635fd9bf288363fc75b4afef3d99691f77833c8e025d200 -SIZE (joserfc-1.2.2.tar.gz) = 192865 +TIMESTAMP = 1757120816 +SHA256 (joserfc-1.3.1.tar.gz) = f682710bffbf2052d7a90e5d808dbaf06832ccac24f697b262837ea052eeb2c9 +SIZE (joserfc-1.3.1.tar.gz) = 195967 diff --git a/security/py-nitrokey/Makefile b/security/py-nitrokey/Makefile index 4fbcdf8adcd3..6e2c63495263 100644 --- a/security/py-nitrokey/Makefile +++ b/security/py-nitrokey/Makefile @@ -1,5 +1,6 @@ PORTNAME= nitrokey DISTVERSION= 0.3.2 +PORTREVISION= 1 CATEGORIES= security devel python MASTER_SITES= PYPI PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} @@ -15,13 +16,15 @@ BUILD_DEPENDS= ${PYTHON_PKGNAMEPREFIX}fido2>=1.1.2,<3:security/py-fido2@${PY_FLA ${PYTHON_PKGNAMEPREFIX}requests>=0:www/py-requests@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}semver>=0:devel/py-semver@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}tlv8>=0:converters/py-tlv8@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}poetry>=0:devel/py-poetry@${PY_FLAVOR} + ${PYTHON_PKGNAMEPREFIX}poetry>=0:devel/py-poetry@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}hidapi>=0.14,<0.15:comms/py-hidapi@${PY_FLAVOR} RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}fido2>=1.1.2,<3:security/py-fido2@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}pyusb>=0:devel/py-pyusb@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}requests>=0:www/py-requests@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}pyserial>=0:comms/py-pyserial@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}semver>=0:devel/py-semver@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}tlv8>=0:converters/py-tlv8@${PY_FLAVOR} + ${PYTHON_PKGNAMEPREFIX}tlv8>=0:converters/py-tlv8@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}hidapi>=0.14,<0.15:comms/py-hidapi@${PY_FLAVOR} USES= python shebangfix USE_PYTHON= autoplist concurrent cryptography pep517 diff --git a/security/py-notus-scanner/Makefile b/security/py-notus-scanner/Makefile index 713e822f766c..32397f0f8582 100644 --- a/security/py-notus-scanner/Makefile +++ b/security/py-notus-scanner/Makefile @@ -1,6 +1,7 @@ PORTNAME= notus-scanner DISTVERSION= 22.7.2 DISTVERSIONPREFIX= v +PORTREVISION= 1 CATEGORIES= security python PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} @@ -16,7 +17,7 @@ RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}packaging>0:devel/py-packaging@${PY_FLAVOR} ${PYTHON_PKGNAMEPREFIX}paho-mqtt>0:net/py-paho-mqtt@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}psutil>=0:sysutils/py-psutil@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}python-gnupg>0:security/py-python-gnupg@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}tomli>0:textproc/py-tomli@${PY_FLAVOR} \ + ${PY_TOMLI} \ ${PYTHON_PKGNAMEPREFIX}sentry-sdk>0:devel/py-sentry-sdk@${PY_FLAVOR} \ mosquitto:net/mosquitto diff --git a/security/py-pyhanko-certvalidator/Makefile b/security/py-pyhanko-certvalidator/Makefile index 4da59bde9079..b995b3135b2a 100644 --- a/security/py-pyhanko-certvalidator/Makefile +++ b/security/py-pyhanko-certvalidator/Makefile @@ -1,5 +1,5 @@ PORTNAME= pyhanko-certvalidator -PORTVERSION= 0.27.0 +PORTVERSION= 0.28.0 CATEGORIES= security python MASTER_SITES= PYPI PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} @@ -28,6 +28,6 @@ NO_ARCH= yes OPTIONS_DEFINE= ASYNC_HTTP ASYNC_HTTP_DESC=Asynchronous support -ASYNC_HTTP_RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}aiohttp>=3.8<3.12:www/py-aiohttp@${PY_FLAVOR} +ASYNC_HTTP_RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}aiohttp>=3.9<3.13:www/py-aiohttp@${PY_FLAVOR} .include <bsd.port.mk> diff --git a/security/py-pyhanko-certvalidator/distinfo b/security/py-pyhanko-certvalidator/distinfo index 551d2a7abd70..19dfbcffe720 100644 --- a/security/py-pyhanko-certvalidator/distinfo +++ b/security/py-pyhanko-certvalidator/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1748107944 -SHA256 (pyhanko_certvalidator-0.27.0.tar.gz) = 94820b23ccecadfa64fa7f61b0427f751edcfa24f1bcbfb052b5780bdeab3def -SIZE (pyhanko_certvalidator-0.27.0.tar.gz) = 104111 +TIMESTAMP = 1757120820 +SHA256 (pyhanko_certvalidator-0.28.0.tar.gz) = 6b2911520a3e9cf24a640f67488fadac82ad3818f4256ddfb7e8fa1fada80f2d +SIZE (pyhanko_certvalidator-0.28.0.tar.gz) = 93049 diff --git a/security/py-pyhanko-certvalidator/files/patch-pyproject.toml b/security/py-pyhanko-certvalidator/files/patch-pyproject.toml index d7e06f702bf3..610cbd5c387d 100644 --- a/security/py-pyhanko-certvalidator/files/patch-pyproject.toml +++ b/security/py-pyhanko-certvalidator/files/patch-pyproject.toml @@ -1,14 +1,11 @@ ---- pyproject.toml.orig 2025-05-24 11:55:40 UTC +--- pyproject.toml.orig 2025-08-23 12:29:44 UTC +++ pyproject.toml -@@ -1,6 +1,6 @@ requires = [ +@@ -1,12 +1,11 @@ [build-system] - requires = [ -- "setuptools>=67.4", -+ "setuptools>=61", - "wheel" - ] +-requires = ["setuptools>=80.8.0"] ++requires = ["setuptools>=61"] build-backend = "setuptools.build_meta" -@@ -8,8 +8,7 @@ authors = [{name = "Matthias Valvekens", email = "dev@ + [project] name = "pyhanko-certvalidator" authors = [{name = "Matthias Valvekens", email = "dev@mvalvekens.be"}] diff --git a/security/py-pyhanko-cli/Makefile b/security/py-pyhanko-cli/Makefile index d5834355e802..7bf271af369f 100644 --- a/security/py-pyhanko-cli/Makefile +++ b/security/py-pyhanko-cli/Makefile @@ -1,14 +1,15 @@ PORTNAME= pyhanko-cli -DISTNAME= pyhanko_cli-${PORTVERSION} PORTVERSION= 0.1.2 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= security python MASTER_SITES= PYPI PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} +DISTNAME= pyhanko_cli-${PORTVERSION} MAINTAINER= sunpoet@FreeBSD.org COMMENT= CLI tools for stamping and signing PDF files -WWW= https://pyhanko.readthedocs.io/en/latest/cli-guide/ \ +WWW= https://docs.pyhanko.eu/en/latest/cli-guide/ \ + https://github.com/MatthiasValvekens/pyHanko/tree/master/pkgs/pyhanko-cli \ https://github.com/MatthiasValvekens/pyHanko LICENSE= MIT @@ -18,8 +19,8 @@ BUILD_DEPENDS= ${PYTHON_PKGNAMEPREFIX}setuptools>=61:devel/py-setuptools@${PY_FL ${PYTHON_PKGNAMEPREFIX}wheel>=0:devel/py-wheel@${PY_FLAVOR} RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}asn1crypto>=1.5.1:devel/py-asn1crypto@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}click>=8.1.3:devel/py-click@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}pyhanko>=0.29.1<0.30:security/py-pyhanko@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}pyhanko-certvalidator>=0.27.0<0.28:security/py-pyhanko-certvalidator@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}pyhanko>=0.29.1:security/py-pyhanko@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}pyhanko-certvalidator>=0.27.0:security/py-pyhanko-certvalidator@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}tzlocal>=4.3:devel/py-tzlocal@${PY_FLAVOR} USES= python diff --git a/security/py-pyhanko-cli/files/patch-pyproject.toml b/security/py-pyhanko-cli/files/patch-pyproject.toml index 975a0994ebe7..06d2d28e40b6 100644 --- a/security/py-pyhanko-cli/files/patch-pyproject.toml +++ b/security/py-pyhanko-cli/files/patch-pyproject.toml @@ -17,3 +17,14 @@ keywords = [ "signature", "pdf", +@@ -33,8 +32,8 @@ dependencies = [ + dependencies = [ + "asn1crypto>=1.5.1", + "tzlocal>=4.3", +- "pyhanko>=0.29.1,<0.30", +- "pyhanko-certvalidator>=0.27.0,<0.28", ++ "pyhanko>=0.29.1", ++ "pyhanko-certvalidator>=0.27.0", + "click>=8.1.3,!=8.2.0", + ] + version = "0.1.2" diff --git a/security/py-pyhanko/Makefile b/security/py-pyhanko/Makefile index 15de838aa27f..0925ddb157b7 100644 --- a/security/py-pyhanko/Makefile +++ b/security/py-pyhanko/Makefile @@ -1,6 +1,5 @@ PORTNAME= pyhanko -PORTVERSION= 0.29.1 -PORTREVISION= 1 +PORTVERSION= 0.30.0 CATEGORIES= security python MASTER_SITES= PYPI \ https://github.com/MatthiasValvekens/pyHanko/releases/download/v${PORTVERSION}/ @@ -8,7 +7,7 @@ PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} MAINTAINER= sunpoet@FreeBSD.org COMMENT= Tools for stamping and signing PDF files -WWW= https://pyhanko.readthedocs.io/en/latest/ \ +WWW= https://docs.pyhanko.eu/en/latest/ \ https://github.com/MatthiasValvekens/pyHanko LICENSE= MIT @@ -19,7 +18,7 @@ BUILD_DEPENDS= ${PYTHON_PKGNAMEPREFIX}setuptools>=61:devel/py-setuptools@${PY_FL RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}asn1crypto>=1.5.1:devel/py-asn1crypto@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}click>=8.1.3<8.2.0:devel/py-click@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}defusedxml>=0.7.1<0.8:devel/py-defusedxml@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}pyhanko-certvalidator>=0.27.0<0.28:security/py-pyhanko-certvalidator@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}pyhanko-certvalidator>=0.28.0<0.29:security/py-pyhanko-certvalidator@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}pyyaml>=6.0:devel/py-pyyaml@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}qrcode>=7.3.1:textproc/py-qrcode@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}requests>=2.31.0:www/py-requests@${PY_FLAVOR} \ @@ -30,21 +29,22 @@ USE_PYTHON= autoplist concurrent cryptography pep517 NO_ARCH= yes -OPTIONS_DEFINE= ASYNC_HTTP ETSI IMAGE_SUPPORT OPENTYPE PKGCS11 XMP +OPTIONS_DEFINE= ASYNC_HTTP ETSI IMAGE_SUPPORT OPENTYPE PKCS11 XMP ASYNC_HTTP_DESC=Asynchronous support ETSI_DESC= European Telecommunications Standards Institute (ETSI) IMAGE_SUPPORT_DESC= Image handling support OPENTYPE_DESC= OpenType/TrueType support -PKGCS11_DESC= PKGCS\#11 support +PKCS11_DESC= PKCS\#11 support XMP_DESC= XMP (Extensible Metadata Platform) support ASYNC_HTTP_RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}aiohttp>=3.9<3.13:www/py-aiohttp@${PY_FLAVOR} -ETSI_RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}xsdata>=24.4<26.0:devel/py-xsdata@${PY_FLAVOR} +ETSI_RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}xsdata>=24.4<26.0:devel/py-xsdata@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}signxml>=4.2.0:security/py-signxml@${PY_FLAVOR} IMAGE_SUPPORT_RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}pillow>=7.2.0:graphics/py-pillow@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}python-barcode>=0.15.1<0.15.1_99:graphics/py-python-barcode@${PY_FLAVOR} OPENTYPE_RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}fonttools>=4.33.3:print/py-fonttools@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}uharfbuzz>=0.25.0<0.51.0:print/py-uharfbuzz@${PY_FLAVOR} -PKGCS11_RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}python-pkcs11>=0.8.0<0.9:security/py-python-pkcs11@${PY_FLAVOR} +PKCS11_RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}python-pkcs11>=0.9.0<0.10:security/py-python-pkcs11@${PY_FLAVOR} XMP_RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}defusedxml>=0.7.1<0.8:devel/py-defusedxml@${PY_FLAVOR} .include <bsd.port.mk> diff --git a/security/py-pyhanko/distinfo b/security/py-pyhanko/distinfo index 8f219ecc7a0c..ed1bfa659566 100644 --- a/security/py-pyhanko/distinfo +++ b/security/py-pyhanko/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1750954232 -SHA256 (pyhanko-0.29.1.tar.gz) = 4b7787fc9ff325012ce85f24b67c13b1c9507991e2570c955b23522e3a2dc3b6 -SIZE (pyhanko-0.29.1.tar.gz) = 366860 +TIMESTAMP = 1757120818 +SHA256 (pyhanko-0.30.0.tar.gz) = efaa9e5401d4912fa5b2aeb4cdbe729196d98dae0671bd6d37a824dc6fde5ca4 +SIZE (pyhanko-0.30.0.tar.gz) = 405860 diff --git a/security/py-python-pkcs11/Makefile b/security/py-python-pkcs11/Makefile index b632077457e1..5773fb9d9102 100644 --- a/security/py-python-pkcs11/Makefile +++ b/security/py-python-pkcs11/Makefile @@ -1,5 +1,5 @@ PORTNAME= python-pkcs11 -PORTVERSION= 0.8.1 +PORTVERSION= 0.9.0 CATEGORIES= security python MASTER_SITES= PYPI \ https://github.com/pyauth/python-pkcs11/releases/download/v${PORTVERSION}/ diff --git a/security/py-python-pkcs11/distinfo b/security/py-python-pkcs11/distinfo index c0a5f4aad13a..1cc3580ac585 100644 --- a/security/py-python-pkcs11/distinfo +++ b/security/py-python-pkcs11/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1750954234 -SHA256 (python_pkcs11-0.8.1.tar.gz) = f9e11df146ce2e6359aeb81fa84c2dd7ab9719f707cdae06ceae22d9e6a10818 -SIZE (python_pkcs11-0.8.1.tar.gz) = 156019 +TIMESTAMP = 1757120822 +SHA256 (python_pkcs11-0.9.0.tar.gz) = 5297de1a30020907af63717003a56d30dcace6fe0022ccaa1d70423f8f836a4d +SIZE (python_pkcs11-0.9.0.tar.gz) = 174604 diff --git a/security/py-signxml/Makefile b/security/py-signxml/Makefile new file mode 100644 index 000000000000..d8b550fa3e56 --- /dev/null +++ b/security/py-signxml/Makefile @@ -0,0 +1,25 @@ +PORTNAME= signxml +PORTVERSION= 4.2.0 +CATEGORIES= security python +MASTER_SITES= PYPI +PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} + +MAINTAINER= sunpoet@FreeBSD.org +COMMENT= Python XML Signature and XAdES library +WWW= https://xml-security.github.io/signxml/ \ + https://github.com/XML-Security/signxml + +LICENSE= APACHE20 +LICENSE_FILE= ${WRKSRC}/LICENSE + +BUILD_DEPENDS= ${PYTHON_PKGNAMEPREFIX}hatch-vcs>=0:devel/py-hatch-vcs@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}hatchling>=0:devel/py-hatchling@${PY_FLAVOR} +RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}certifi>=2023.11.17:security/py-certifi@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}lxml5>=5.2.1<7:devel/py-lxml5@${PY_FLAVOR} + +USES= python +USE_PYTHON= autoplist concurrent cryptography pep517 + +NO_ARCH= yes + +.include <bsd.port.mk> diff --git a/security/py-signxml/distinfo b/security/py-signxml/distinfo new file mode 100644 index 000000000000..3e65f43e86b0 --- /dev/null +++ b/security/py-signxml/distinfo @@ -0,0 +1,3 @@ +TIMESTAMP = 1757120472 +SHA256 (signxml-4.2.0.tar.gz) = 5317b71f682d6b9ebd4a827d564eb43fe8f6edf98030fc30eb629621045441c6 +SIZE (signxml-4.2.0.tar.gz) = 1610974 diff --git a/security/py-signxml/pkg-descr b/security/py-signxml/pkg-descr new file mode 100644 index 000000000000..b16692a92a68 --- /dev/null +++ b/security/py-signxml/pkg-descr @@ -0,0 +1,21 @@ +SignXML is an implementation of the W3C XML Signature standard in Python. This +standard (also known as "XMLDSig") is used to provide payload security in SAML +2.0, XAdES, EBICS, and WS-Security, among other uses. The standard is defined in +the W3C Recommendation XML Signature Syntax and Processing Version 1.1. SignXML +implements all of the required components of the Version 1.1 standard, and most +recommended ones. Its features are: +- Use of a libxml2-based XML parser configured to defend against common XML + attacks when verifying signatures +- Extensions to allow signing with and verifying X.509 certificate chains, + including hostname/CN validation +- Extensions to sign and verify XAdES signatures +- Support for exclusive XML canonicalization with inclusive prefixes + (InclusiveNamespaces PrefixList, required to verify signatures generated by + some SAML implementations) +- Modern Python compatibility (3.9-3.13+ and PyPy) +- Well-supported, portable, reliable dependencies: lxml and cryptography +- Comprehensive testing (including the XMLDSig interoperability suite) and + continuous integration +- Simple interface with useful, ergonomic, and secure defaults (no network + calls, XSLT or XPath transforms) +- Compactness, readability, and extensibility diff --git a/security/py-truststore/Makefile b/security/py-truststore/Makefile index 03832c767a53..12a550387b39 100644 --- a/security/py-truststore/Makefile +++ b/security/py-truststore/Makefile @@ -1,5 +1,5 @@ PORTNAME= truststore -PORTVERSION= 0.10.1 +PORTVERSION= 0.10.4 CATEGORIES= security python MASTER_SITES= PYPI PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} @@ -12,7 +12,7 @@ WWW= https://truststore.readthedocs.io/en/latest/ \ LICENSE= MIT LICENSE_FILE= ${WRKSRC}/LICENSE -BUILD_DEPENDS= ${PYTHON_PKGNAMEPREFIX}flit-core>=3.2<4:devel/py-flit-core@${PY_FLAVOR} +BUILD_DEPENDS= ${PYTHON_PKGNAMEPREFIX}flit-core>=3.11<4:devel/py-flit-core@${PY_FLAVOR} USES= python:3.10+ ssl USE_PYTHON= autoplist concurrent pep517 diff --git a/security/py-truststore/distinfo b/security/py-truststore/distinfo index ede564e526e4..3933aabb9b4c 100644 --- a/security/py-truststore/distinfo +++ b/security/py-truststore/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1739116726 -SHA256 (truststore-0.10.1.tar.gz) = eda021616b59021812e800fa0a071e51b266721bef3ce092db8a699e21c63539 -SIZE (truststore-0.10.1.tar.gz) = 26101 +TIMESTAMP = 1757120824 +SHA256 (truststore-0.10.4.tar.gz) = 9d91bd436463ad5e4ee4aba766628dd6cd7010cf3e2461756b3303710eebc301 +SIZE (truststore-0.10.4.tar.gz) = 26169 diff --git a/security/py-truststore/files/patch-pyproject.toml b/security/py-truststore/files/patch-pyproject.toml new file mode 100644 index 000000000000..478ce982457f --- /dev/null +++ b/security/py-truststore/files/patch-pyproject.toml @@ -0,0 +1,12 @@ +--- pyproject.toml.orig 2025-08-12 18:47:53 UTC ++++ pyproject.toml +@@ -9,8 +9,7 @@ readme = "README.md" + {name = "David Glick", email = "david@glicksoftware.com"} + ] + readme = "README.md" +-license = "MIT" +-license-files = ["LICENSE"] ++license = {file = "LICENSE"} + classifiers = [ + "Development Status :: 5 - Production/Stable", + "Intended Audience :: Developers", diff --git a/security/py-wassima/Makefile b/security/py-wassima/Makefile index c6aabb6eb0f3..66269e93a79e 100644 --- a/security/py-wassima/Makefile +++ b/security/py-wassima/Makefile @@ -1,5 +1,5 @@ PORTNAME= wassima -PORTVERSION= 2.0.0 +PORTVERSION= 2.0.1 CATEGORIES= security python MASTER_SITES= PYPI \ https://github.com/jawah/wassima/releases/download/${PORTVERSION}/ diff --git a/security/py-wassima/distinfo b/security/py-wassima/distinfo index 64dbf3f738a6..578757f6e63e 100644 --- a/security/py-wassima/distinfo +++ b/security/py-wassima/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1750954236 -SHA256 (wassima-2.0.0.tar.gz) = 9d0dd4d7f8cdc1247518daf72b656f77f87a870861aeda73e32a43e583202ae6 -SIZE (wassima-2.0.0.tar.gz) = 148821 +TIMESTAMP = 1757120826 +SHA256 (wassima-2.0.1.tar.gz) = c383285e1fafdf21fc6f8486fd3f46778ed1295ddfd1595c03e592a8aa248e83 +SIZE (wassima-2.0.1.tar.gz) = 150452 diff --git a/security/rubygem-acme-client/Makefile b/security/rubygem-acme-client/Makefile index f3f78774f3e4..ebd58343040c 100644 --- a/security/rubygem-acme-client/Makefile +++ b/security/rubygem-acme-client/Makefile @@ -1,5 +1,5 @@ PORTNAME= acme-client -PORTVERSION= 2.0.23 +PORTVERSION= 2.0.25 CATEGORIES= security rubygems MASTER_SITES= RG diff --git a/security/rubygem-acme-client/distinfo b/security/rubygem-acme-client/distinfo index 0e4cb4a697a8..79a4a4fcfdbd 100644 --- a/security/rubygem-acme-client/distinfo +++ b/security/rubygem-acme-client/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1755062612 -SHA256 (rubygem/acme-client-2.0.23.gem) = 33241b5bdb5179283ad52591c751bafcc4225e62d81c003c23891e48a3c107ac -SIZE (rubygem/acme-client-2.0.23.gem) = 21504 +TIMESTAMP = 1757121850 +SHA256 (rubygem/acme-client-2.0.25.gem) = e0bba7b9f785fd9ffe0933f8733ca81357ac46e4a979cb4f84806ab88fee0f31 +SIZE (rubygem/acme-client-2.0.25.gem) = 22016 diff --git a/security/rubygem-googleauth/Makefile b/security/rubygem-googleauth/Makefile index 930b5d38c7f2..18d976267d44 100644 --- a/security/rubygem-googleauth/Makefile +++ b/security/rubygem-googleauth/Makefile @@ -1,5 +1,5 @@ PORTNAME= googleauth -PORTVERSION= 1.14.0 +PORTVERSION= 1.15.0 CATEGORIES= security rubygems MASTER_SITES= RG @@ -13,7 +13,7 @@ LICENSE_FILE= ${WRKSRC}/LICENSE RUN_DEPENDS= rubygem-faraday>=1.0<3.0:www/rubygem-faraday \ rubygem-google-cloud-env>=2.2<3:net/rubygem-google-cloud-env \ rubygem-google-logging-utils>=0.1<1:devel/rubygem-google-logging-utils \ - rubygem-jwt>=1.4<3.0:www/rubygem-jwt \ + rubygem-jwt>=1.4<4.0:www/rubygem-jwt \ rubygem-multi_json>=1.11<2:devel/rubygem-multi_json \ rubygem-os>=0.9<2.0:devel/rubygem-os \ rubygem-signet>=0.16<2:security/rubygem-signet diff --git a/security/rubygem-googleauth/distinfo b/security/rubygem-googleauth/distinfo index 715d45a95edc..6b4e5fcfa88d 100644 --- a/security/rubygem-googleauth/distinfo +++ b/security/rubygem-googleauth/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1742405572 -SHA256 (rubygem/googleauth-1.14.0.gem) = 62e7de11791890c3d3dc70582dfd9ab5516530e4e4f56d96451fd62c76475149 -SIZE (rubygem/googleauth-1.14.0.gem) = 60928 +TIMESTAMP = 1757121852 +SHA256 (rubygem/googleauth-1.15.0.gem) = 122ae61813805a1cfdf225638f33d354ca6078be17e9712669667226a7243bcf +SIZE (rubygem/googleauth-1.15.0.gem) = 70144 diff --git a/security/rubygem-rasn1/Makefile b/security/rubygem-rasn1/Makefile index a9dda07d9e6f..ac673604c6d1 100644 --- a/security/rubygem-rasn1/Makefile +++ b/security/rubygem-rasn1/Makefile @@ -1,11 +1,11 @@ PORTNAME= rasn1 -PORTVERSION= 0.16.0 +PORTVERSION= 0.16.2 CATEGORIES= security rubygems MASTER_SITES= RG MAINTAINER= sunpoet@FreeBSD.org COMMENT= Pure ruby ASN.1 library -WWW= https://github.com/lemontree55/rasn1 +WWW= https://codeberg.org/lemontree55/rasn1 LICENSE= MIT LICENSE_FILE= ${WRKSRC}/LICENSE diff --git a/security/rubygem-rasn1/distinfo b/security/rubygem-rasn1/distinfo index a19adb8a6d67..fee1e8ca6e0d 100644 --- a/security/rubygem-rasn1/distinfo +++ b/security/rubygem-rasn1/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1750188250 -SHA256 (rubygem/rasn1-0.16.0.gem) = c3f482cd6163822f98f31e3397b0528f3abe1f244093095abf0946e656be5c2b -SIZE (rubygem/rasn1-0.16.0.gem) = 29696 +TIMESTAMP = 1757121854 +SHA256 (rubygem/rasn1-0.16.2.gem) = f25b5548b6dfe80608af490eea6901fd9ed42f9fb4b45ddaa33bbb58c4b9688c +SIZE (rubygem/rasn1-0.16.2.gem) = 30208 diff --git a/security/rubygem-signet/Makefile b/security/rubygem-signet/Makefile index b893b776ed00..e6eb4cf7969b 100644 --- a/security/rubygem-signet/Makefile +++ b/security/rubygem-signet/Makefile @@ -1,5 +1,5 @@ PORTNAME= signet -PORTVERSION= 0.20.0 +PORTVERSION= 0.21.0 CATEGORIES= security rubygems MASTER_SITES= RG @@ -12,7 +12,7 @@ LICENSE_FILE= ${WRKSRC}/LICENSE RUN_DEPENDS= rubygem-addressable>=2.8<3:www/rubygem-addressable \ rubygem-faraday>=0.17.5<3.0:www/rubygem-faraday \ - rubygem-jwt>=1.5<3.0:www/rubygem-jwt \ + rubygem-jwt>=1.5<4.0:www/rubygem-jwt \ rubygem-multi_json>=1.10<2:devel/rubygem-multi_json USES= gem diff --git a/security/rubygem-signet/distinfo b/security/rubygem-signet/distinfo index 9149e7a21965..a08f75285e2f 100644 --- a/security/rubygem-signet/distinfo +++ b/security/rubygem-signet/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1747547520 -SHA256 (rubygem/signet-0.20.0.gem) = bc660e2a6062311348cd35ec1ffafde1c5e2231213e1ca124f57aa4f59ec47a3 -SIZE (rubygem/signet-0.20.0.gem) = 35840 +TIMESTAMP = 1757121856 +SHA256 (rubygem/signet-0.21.0.gem) = d617e9fbf24928280d39dcfefba9a0372d1c38187ffffd0a9283957a10a8cd5b +SIZE (rubygem/signet-0.21.0.gem) = 35840 diff --git a/security/tailscale/Makefile b/security/tailscale/Makefile index a4c4b5d22cae..80d4c73e3e33 100644 --- a/security/tailscale/Makefile +++ b/security/tailscale/Makefile @@ -1,7 +1,6 @@ PORTNAME= tailscale -PORTVERSION= 1.86.4 +PORTVERSION= 1.88.1 DISTVERSIONPREFIX= v -PORTREVISION= 1 CATEGORIES= security net-vpn MAINTAINER= ashish@FreeBSD.org @@ -13,7 +12,7 @@ LICENSE_FILE= ${WRKSRC}/LICENSE RUN_DEPENDS= ca_root_nss>0:security/ca_root_nss -USES= go:1.24,modules +USES= go:1.25,modules GO_MODULE= github.com/tailscale/tailscale diff --git a/security/tailscale/distinfo b/security/tailscale/distinfo index 08daa50120f4..c9056030aa68 100644 --- a/security/tailscale/distinfo +++ b/security/tailscale/distinfo @@ -1,5 +1,5 @@ -TIMESTAMP = 1755178462 -SHA256 (go/security_tailscale/tailscale-v1.86.4/v1.86.4.mod) = ad5983e44eecba029c80a179d58e6cfa074ea5508ce0f4c3cceffd1c67e4c9f5 -SIZE (go/security_tailscale/tailscale-v1.86.4/v1.86.4.mod) = 20667 -SHA256 (go/security_tailscale/tailscale-v1.86.4/v1.86.4.zip) = 157f4bfb56c489ff46b9afabbd3234e6a2a6bfeff7ed51802c8154c41d2d81a2 -SIZE (go/security_tailscale/tailscale-v1.86.4/v1.86.4.zip) = 5178809 +TIMESTAMP = 1757683579 +SHA256 (go/security_tailscale/tailscale-v1.88.1/v1.88.1.mod) = 75ff8036ac1682b88dd2d35c7115a7305d8eae138135b0173b2ebe752e08536c +SIZE (go/security_tailscale/tailscale-v1.88.1/v1.88.1.mod) = 21190 +SHA256 (go/security_tailscale/tailscale-v1.88.1/v1.88.1.zip) = fc07508fd0479ec58d9ecc917367f21f71d4a8577862bdbec2ad4e1eb42b97b4 +SIZE (go/security_tailscale/tailscale-v1.88.1/v1.88.1.zip) = 5259701 diff --git a/security/timestamp-authority/Makefile b/security/timestamp-authority/Makefile index f121f3c4b9a1..32ac2a2a5c2a 100644 --- a/security/timestamp-authority/Makefile +++ b/security/timestamp-authority/Makefile @@ -1,7 +1,6 @@ PORTNAME= timestamp-authority DISTVERSIONPREFIX= v -DISTVERSION= 1.2.8 -PORTREVISION= 4 +DISTVERSION= 1.2.9 CATEGORIES= security MAINTAINER= bofh@FreeBSD.org diff --git a/security/timestamp-authority/distinfo b/security/timestamp-authority/distinfo index a6b799f3a899..990024b18972 100644 --- a/security/timestamp-authority/distinfo +++ b/security/timestamp-authority/distinfo @@ -1,5 +1,5 @@ -TIMESTAMP = 1749129459 -SHA256 (go/security_timestamp-authority/timestamp-authority-v1.2.8/v1.2.8.mod) = 7d4f9a12c60f4fcf4d7c383fd1a142d27013d333af0ed468934e9e5d4043746b -SIZE (go/security_timestamp-authority/timestamp-authority-v1.2.8/v1.2.8.mod) = 7937 -SHA256 (go/security_timestamp-authority/timestamp-authority-v1.2.8/v1.2.8.zip) = a38ad43bc263abdbf8775c01642292a016ecb5d79c8bcde69aef154bce412f6d -SIZE (go/security_timestamp-authority/timestamp-authority-v1.2.8/v1.2.8.zip) = 196365 +TIMESTAMP = 1757405602 +SHA256 (go/security_timestamp-authority/timestamp-authority-v1.2.9/v1.2.9.mod) = 2bfba68e8bc93ec88a2d67d277aa0c982fe4d51f590daa689f0e3f909a92c7b7 +SIZE (go/security_timestamp-authority/timestamp-authority-v1.2.9/v1.2.9.mod) = 8637 +SHA256 (go/security_timestamp-authority/timestamp-authority-v1.2.9/v1.2.9.zip) = fb191f73ac2fec3d6f68c767cb6c9e72baa48a098b5d613bcf0608b57d1aa034 +SIZE (go/security_timestamp-authority/timestamp-authority-v1.2.9/v1.2.9.zip) = 199679 diff --git a/security/vuxml/vuln/2025.xml b/security/vuxml/vuln/2025.xml index 0a19623ed18f..fbc1d03321f7 100644 --- a/security/vuxml/vuln/2025.xml +++ b/security/vuxml/vuln/2025.xml @@ -1,3 +1,144 @@ + <vuln vid="3aee6703-8ff6-11f0-b8da-589cfc10a551"> + <topic>cups -- security vulnerabilities</topic> + <affects> + <package> + <name>cups</name> + <range><lt>2.4.13</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>SO-AND-SO reports:</p> + <blockquote cite="https://github.com/OpenPrinting/cups/releases/tag/v2.4.13"> + <p>The release 2.4.13 brings two CVE fixes - fix for important CVE-2025-58060 + and fix for moderate CVE-2025-58364, together with several bug fixes.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-58060</cvename> + <cvename>CVE-2025-58364</cvename> + <url>https://github.com/OpenPrinting/cups/releases/tag/v2.4.13</url> + </references> + <dates> + <discovery>2025-09-12</discovery> + <entry>2025-09-12</entry> + </dates> + </vuln> + + <vuln vid="f50640fa-89a4-4795-a302-47b0dea8cee5"> + <topic>chromium -- multiple security fixes</topic> + <affects> + <package> + <name>chromium</name> + <range><lt>140.0.7339.127</lt></range> + </package> + <package> + <name>ungoogled-chromium</name> + <range><lt>140.0.7339.127</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Chrome Releases reports:</p> + <blockquote cite="https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_9.html"> + <p>This update includes 2 security fixes:</p> + <ul> + <li>[440454442] Critical CVE-2025-10200: Use after free in Serviceworker. Reported by Looben Yang on 2025-08-22</li> + <li>[439305148] High CVE-2025-10201: Inappropriate implementation in Mojo. Reported by Sahan Fernando & Anon on 2025-08-18</li> + </ul> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-10200</cvename> + <cvename>CVE-2025-10201</cvename> + <url>https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_9.html</url> + </references> + <dates> + <discovery>2025-09-09</discovery> + <entry>2025-09-11</entry> + </dates> + </vuln> + + <vuln vid="602fc0fa-8ece-11f0-9d03-2cf05da270f3"> + <topic>Gitlab -- Vulnerabilities</topic> + <affects> + <package> + <name>gitlab-ce</name> + <name>gitlab-ee</name> + <range><ge>18.3.0</ge><lt>18.3.2</lt></range> + <range><ge>18.2.0</ge><lt>18.2.6</lt></range> + <range><ge>7.8.0</ge><lt>18.1.6</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Gitlab reports:</p> + <blockquote cite="https://about.gitlab.com/releases/2025/09/10/patch-release-gitlab-18-3-2-released/"> + <p>Denial of Service issue in SAML Responses impacts GitLab CE/EE</p> + <p>Server-Side Request Forgery issue in Webhook custom header impacts GitLab CE/EE</p> + <p>Denial of Service issue in User-Controllable Fields impacts GitLab CE/EE</p> + <p>Denial of Service issue in endpoint file upload impacts GitLab CE/EE</p> + <p>Denial of Service issue in token listing operations impacts GitLab CE/EE</p> + <p>Information disclosure issue in runner endpoints impacts GitLab CE/EE</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-2256</cvename> + <cvename>CVE-2025-6454</cvename> + <cvename>CVE-2025-1250</cvename> + <cvename>CVE-2025-7337</cvename> + <cvename>CVE-2025-10094</cvename> + <cvename>CVE-2025-6769</cvename> + <url>https://about.gitlab.com/releases/2025/09/10/patch-release-gitlab-18-3-2-released/</url> + </references> + <dates> + <discovery>2025-09-10</discovery> + <entry>2025-09-11</entry> + </dates> + </vuln> + + <vuln vid="bda50cf1-8bcf-11f0-b3f7-a8a1599412c6"> + <topic>chromium -- multiple security fixes</topic> + <affects> + <package> + <name>chromium</name> + <range><lt>140.0.7339.80</lt></range> + </package> + <package> + <name>ungoogled-chromium</name> + <range><lt>140.0.7339.80</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Chrome Releases reports:</p> + <blockquote cite="https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop.html"> + <p>This update includes 6 security fixes:</p> + <ul> + <li>[434513380] High CVE-2025-9864: Use after free in V8. Reported by Pavel Kuzmin of Yandex Security Team on 2025-07-28</li> + <li>[437147699] Medium CVE-2025-9865: Inappropriate implementation in Toolbar. Reported by Khalil Zhani on 2025-08-07</li> + <li>[379337758] Medium CVE-2025-9866: Inappropriate implementation in Extensions. Reported by NDevTK on 2024-11-16</li> + <li>[415496161] Medium CVE-2025-9867: Inappropriate implementation in Downloads. Reported by Farras Givari on 2025-05-04</li> + </ul> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-9864</cvename> + <cvename>CVE-2025-9865</cvename> + <cvename>CVE-2025-9866</cvename> + <cvename>CVE-2025-9867</cvename> + <url>https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop.html</url> + </references> + <dates> + <discovery>2025-09-02</discovery> + <entry>2025-09-07</entry> + </dates> + </vuln> + <vuln vid="340dc4c1-895a-11f0-b6e5-4ccc6adda413"> <topic>exiv2 -- Denial-of-service</topic> <affects> |