diff options
Diffstat (limited to 'security')
| -rw-r--r-- | security/crowdsec/Makefile | 7 | ||||
| -rw-r--r-- | security/crowdsec/distinfo | 10 | ||||
| -rw-r--r-- | security/kf6-kdesu/distinfo | 6 | ||||
| -rw-r--r-- | security/py-netbox-secrets/Makefile | 2 | ||||
| -rw-r--r-- | security/py-netbox-secrets/distinfo | 6 | ||||
| -rw-r--r-- | security/rnp/Makefile | 42 | ||||
| -rw-r--r-- | security/rnp/distinfo | 8 | ||||
| -rw-r--r-- | security/rnp/files/patch-src_lib_types.h | 19 | ||||
| -rw-r--r-- | security/rnp/files/patch-src_lib_utils.cpp | 31 | ||||
| -rw-r--r-- | security/rnp/files/patch-src_librekey_key__store__g10.cpp | 33 | ||||
| -rw-r--r-- | security/rnp/pkg-plist | 7 | ||||
| -rw-r--r-- | security/transcrypt/Makefile | 2 | ||||
| -rw-r--r-- | security/transcrypt/distinfo | 6 | ||||
| -rw-r--r-- | security/vuxml/vuln/2025.xml | 37 |
14 files changed, 88 insertions, 128 deletions
diff --git a/security/crowdsec/Makefile b/security/crowdsec/Makefile index 29812366d85d..2d6c7fe45915 100644 --- a/security/crowdsec/Makefile +++ b/security/crowdsec/Makefile @@ -1,7 +1,6 @@ PORTNAME= crowdsec DISTVERSIONPREFIX= v -DISTVERSION= 1.6.8 -PORTREVISION= 2 +DISTVERSION= 1.6.9 CATEGORIES= security MAINTAINER= marco@crowdsec.net @@ -14,8 +13,8 @@ LICENSE_FILE= ${WRKSRC}/LICENSE LIB_DEPENDS= libabsl_base.so:devel/abseil \ libre2.so:devel/re2 -USES= go:1.24,modules pkgconfig -_COMMIT= f209766e +USES= go:modules pkgconfig +_COMMIT= 40b8cfe6 _BUILD_DATE= $$(date -u "+%F_%T") USE_RC_SUBR= crowdsec diff --git a/security/crowdsec/distinfo b/security/crowdsec/distinfo index 75f426b46bc3..aae70fd870b6 100644 --- a/security/crowdsec/distinfo +++ b/security/crowdsec/distinfo @@ -1,5 +1,5 @@ -TIMESTAMP = 1742918468 -SHA256 (go/security_crowdsec/crowdsec-v1.6.8/v1.6.8.mod) = fc6fecb30189e6d764fa8c14b20914d34084808f4a3b676582ee113ab1615eff -SIZE (go/security_crowdsec/crowdsec-v1.6.8/v1.6.8.mod) = 10955 -SHA256 (go/security_crowdsec/crowdsec-v1.6.8/v1.6.8.zip) = 9d61fe2253c77600884df933467be4efb5d2059e4c453b1d48f10a9c7916647c -SIZE (go/security_crowdsec/crowdsec-v1.6.8/v1.6.8.zip) = 1753101 +TIMESTAMP = 1750243893 +SHA256 (go/security_crowdsec/crowdsec-v1.6.9/v1.6.9.mod) = 75ab181433766799f3b54e5e9bb6634c8075e310ec3192a8ae31492ad54f1376 +SIZE (go/security_crowdsec/crowdsec-v1.6.9/v1.6.9.mod) = 10924 +SHA256 (go/security_crowdsec/crowdsec-v1.6.9/v1.6.9.zip) = 3f65b6dc339357172eb2b130ad8c4a1842557d317e05730227abf4f703da5d01 +SIZE (go/security_crowdsec/crowdsec-v1.6.9/v1.6.9.zip) = 1767818 diff --git a/security/kf6-kdesu/distinfo b/security/kf6-kdesu/distinfo index 5e596d710465..bea35261fd90 100644 --- a/security/kf6-kdesu/distinfo +++ b/security/kf6-kdesu/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1746358560 -SHA256 (KDE/frameworks/6.14/kdesu-6.14.0.tar.xz) = 103a06311c035445fd5884845c57369f07229239f9bbebe91cc95b7ce8c5ca23 -SIZE (KDE/frameworks/6.14/kdesu-6.14.0.tar.xz) = 56688 +TIMESTAMP = 1749476629 +SHA256 (KDE/frameworks/6.15/kdesu-6.15.0.tar.xz) = 9eb4c11a1742af2cb17cf1e7e18bb0fbdb45ee16f083739c418cbe9d45af1806 +SIZE (KDE/frameworks/6.15/kdesu-6.15.0.tar.xz) = 57012 diff --git a/security/py-netbox-secrets/Makefile b/security/py-netbox-secrets/Makefile index 79466b639c92..262894baf8bf 100644 --- a/security/py-netbox-secrets/Makefile +++ b/security/py-netbox-secrets/Makefile @@ -1,5 +1,5 @@ PORTNAME= netbox-secrets -DISTVERSION= 2.2.1 +DISTVERSION= 2.3.0 CATEGORIES= security python MASTER_SITES= PYPI PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} diff --git a/security/py-netbox-secrets/distinfo b/security/py-netbox-secrets/distinfo index 25c5b104549d..68f590c12790 100644 --- a/security/py-netbox-secrets/distinfo +++ b/security/py-netbox-secrets/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1747310577 -SHA256 (netbox_secrets-2.2.1.tar.gz) = 26f817f9a9c03dcd34aaaa89d4744b2d15408d0e38f584aa6f2cb73bdd48958f -SIZE (netbox_secrets-2.2.1.tar.gz) = 57852 +TIMESTAMP = 1750489227 +SHA256 (netbox_secrets-2.3.0.tar.gz) = c2785de9d292407cc20bd0b0e7f4f35cf30f6fba71000bea7c7789ed5cf60503 +SIZE (netbox_secrets-2.3.0.tar.gz) = 57639 diff --git a/security/rnp/Makefile b/security/rnp/Makefile index 9d0e5329de0b..c8dc94c9cdac 100644 --- a/security/rnp/Makefile +++ b/security/rnp/Makefile @@ -1,8 +1,8 @@ PORTNAME= rnp DISTVERSIONPREFIX= v -DISTVERSION= 0.17.1 -PORTREVISION= 2 +DISTVERSION= 0.18.0 CATEGORIES= security +MASTER_SITES= https://github.com/rnpgp/${PORTNAME}/releases/download/${DISTVERSIONFULL}/ MAINTAINER= se@FreeBSD.org COMMENT= RNP is a set of OpenPGP (RFC4880) tools @@ -16,27 +16,35 @@ LICENSE_FILE= ${WRKSRC}/LICENSE.md LICENSE_PERMS_OCB_Patent= dist-mirror dist-sell pkg-mirror pkg-sell \ auto-accept -BUILD_DEPENDS= asciidoctor:textproc/rubygem-asciidoctor LIB_DEPENDS= libbotan-3.so:security/botan3 \ libjson-c.so:devel/json-c - -USES= cmake compiler:c++11-lang pkgconfig -USE_GITHUB= yes -GH_ACCOUNT= rnpgp -GH_TUPLE= rnpgp:sexpp:c641a2f:sexpp/src/libsexpp +TEST_DEPENDS= googletest>0:devel/googletest \ + gpgme>0:security/gpgme + +USES= cmake:testing compiler:c++20-lang pathfix pkgconfig \ + python:env,test shebangfix +PATHFIX_WRKSRC= ${WRKSRC}/src/lib +SHEBANG_FILES= src/tests/cli_perf.py \ + src/tests/cli_tests.py \ + src/tests/data/cli_EncryptSign/regenerate_keys USE_LDCONFIG= yes -CMAKE_ARGS= -DBUILD_SHARED_LIBS=on \ - -DBUILD_TESTING=off - PLIST_SUB= VERS=${DISTVERSION} -pre-configure: - ${CP} ${FILESDIR}/version.cmake ${WRKSRC}/cmake/ - ${REINPLACE_CMD} 's/%%DISTVERSION%%/${DISTVERSION}/' \ - ${WRKSRC}/cmake/version.cmake +CMAKE_ON= BUILD_SHARED_LIBS \ + CMAKE_DISABLE_FIND_PACKAGE_Git +CMAKE_OFF= BUILD_TESTING \ + DOWNLOAD_GTEST -post-install: - ${RM} ${STAGEDIR}${PREFIX}/lib/libsexp.a +OPTIONS_DEFINE= MANPAGES +OPTIONS_SUB= yes + +MANPAGES_BUILD_DEPENDS= asciidoctor:textproc/rubygem-asciidoctor +MANPAGES_CMAKE_BOOL= ENABLE_DOC + +pre-configure: + ${CP} ${FILESDIR}/version.cmake ${WRKSRC}/cmake/ + ${REINPLACE_CMD} 's/%%DISTVERSION%%/${DISTVERSION}/' \ + ${WRKSRC}/cmake/version.cmake .include <bsd.port.mk> diff --git a/security/rnp/distinfo b/security/rnp/distinfo index 2689cd70a2ce..b08cf7350d69 100644 --- a/security/rnp/distinfo +++ b/security/rnp/distinfo @@ -1,5 +1,3 @@ -TIMESTAMP = 1740573395 -SHA256 (rnpgp-rnp-v0.17.1_GH0.tar.gz) = ec486bb2c25abb0ddbd95973fd135e3922ea68b4e6919c7c18d992078baaf50c -SIZE (rnpgp-rnp-v0.17.1_GH0.tar.gz) = 3515288 -SHA256 (rnpgp-sexpp-c641a2f_GH0.tar.gz) = 43d4abdb0c131305ed11ce202d128717336782159b741931494ee8f99cf43cf4 -SIZE (rnpgp-sexpp-c641a2f_GH0.tar.gz) = 71645 +TIMESTAMP = 1750637070 +SHA256 (rnp-v0.18.0.tar.gz) = a90e3ac5b185a149665147f9284c0201a78431e81924883899244522fd3f9240 +SIZE (rnp-v0.18.0.tar.gz) = 4376397 diff --git a/security/rnp/files/patch-src_lib_types.h b/security/rnp/files/patch-src_lib_types.h deleted file mode 100644 index 4262e8f2de42..000000000000 --- a/security/rnp/files/patch-src_lib_types.h +++ /dev/null @@ -1,19 +0,0 @@ ---- src/lib/types.h.orig 2024-05-03 10:03:14 UTC -+++ src/lib/types.h -@@ -1,5 +1,5 @@ - /* -- * Copyright (c) 2017-2021, [Ribose Inc](https://www.ribose.com). -+ * Copyright (c) 2017-2024, [Ribose Inc](https://www.ribose.com). - * Copyright (c) 2009 The NetBSD Foundation, Inc. - * All rights reserved. - * -@@ -95,9 +95,6 @@ class id_str_pair { - static int lookup(const id_str_pair pair[], - const std::vector<uint8_t> &bytes, - int notfound = 0); -- static int lookup(const id_str_pair pair[], -- const std::basic_string<uint8_t> &bytes, -- int notfound = 0); - }; - - /** pgp_fingerprint_t */ diff --git a/security/rnp/files/patch-src_lib_utils.cpp b/security/rnp/files/patch-src_lib_utils.cpp deleted file mode 100644 index 761f5bd55c94..000000000000 --- a/security/rnp/files/patch-src_lib_utils.cpp +++ /dev/null @@ -1,31 +0,0 @@ ---- src/lib/utils.cpp.orig 2024-05-03 10:03:14 UTC -+++ src/lib/utils.cpp -@@ -1,5 +1,5 @@ - /* -- * Copyright (c) 2021, [Ribose Inc](https://www.ribose.com). -+ * Copyright (c) 2021, 2024 [Ribose Inc](https://www.ribose.com). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without -@@ -53,21 +53,6 @@ id_str_pair::lookup(const id_str_pair pair[], const st - - int - id_str_pair::lookup(const id_str_pair pair[], const std::vector<uint8_t> &bytes, int notfound) --{ -- while (pair && pair->str) { -- if ((strlen(pair->str) == bytes.size()) && -- !memcmp(pair->str, bytes.data(), bytes.size())) { -- return pair->id; -- } -- pair++; -- } -- return notfound; --} -- --int --id_str_pair::lookup(const id_str_pair pair[], -- const std::basic_string<uint8_t> &bytes, -- int notfound) - { - while (pair && pair->str) { - if ((strlen(pair->str) == bytes.size()) && diff --git a/security/rnp/files/patch-src_librekey_key__store__g10.cpp b/security/rnp/files/patch-src_librekey_key__store__g10.cpp deleted file mode 100644 index 688b54c380e4..000000000000 --- a/security/rnp/files/patch-src_librekey_key__store__g10.cpp +++ /dev/null @@ -1,33 +0,0 @@ ---- src/librekey/key_store_g10.cpp.orig 2024-05-03 10:03:14 UTC -+++ src/librekey/key_store_g10.cpp -@@ -1,5 +1,5 @@ - /* -- * Copyright (c) 2017-2022, [Ribose Inc](https://www.ribose.com). -+ * Copyright (c) 2017-2024, [Ribose Inc](https://www.ribose.com). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without -@@ -312,12 +312,12 @@ read_curve(const sexp_list_t *list, const std::string - - const auto &bytes = data->get_string(); - pgp_curve_t curve = static_cast<pgp_curve_t>( -- id_str_pair::lookup(g10_curve_aliases, data->get_string(), PGP_CURVE_UNKNOWN)); -+ id_str_pair::lookup(g10_curve_aliases, (const char *) bytes.data(), PGP_CURVE_UNKNOWN)); - if (curve != PGP_CURVE_UNKNOWN) { - key.curve = curve; - return true; - } -- RNP_LOG("Unknown curve: %.*s", (int) bytes.size(), (char *) bytes.data()); -+ RNP_LOG("Unknown curve: %.*s", (int) bytes.size(), (const char *) bytes.data()); - return false; - } - -@@ -806,7 +806,7 @@ g23_parse_seckey(pgp_key_pkt_t &seckey, - - auto & alg_bt = alg_s_exp->sexp_string_at(0)->get_string(); - pgp_pubkey_alg_t alg = static_cast<pgp_pubkey_alg_t>( -- id_str_pair::lookup(g10_alg_aliases, alg_bt.c_str(), PGP_PKA_NOTHING)); -+ id_str_pair::lookup(g10_alg_aliases, (const char *) alg_bt.data(), PGP_PKA_NOTHING)); - if (alg == PGP_PKA_NOTHING) { - RNP_LOG( - "Unsupported algorithm: '%.*s'", (int) alg_bt.size(), (const char *) alg_bt.data()); diff --git a/security/rnp/pkg-plist b/security/rnp/pkg-plist index 7afb6e16fefd..b4fe6d6f28d6 100644 --- a/security/rnp/pkg-plist +++ b/security/rnp/pkg-plist @@ -3,6 +3,7 @@ bin/rnpkeys include/rnp/rnp.h include/rnp/rnp_err.h include/rnp/rnp_export.h +include/rnp/rnp_ver.h lib/cmake/rnp/rnp-config-version.cmake lib/cmake/rnp/rnp-config.cmake lib/cmake/rnp/rnp-targets-%%CMAKE_BUILD_TYPE%%.cmake @@ -11,6 +12,6 @@ lib/librnp.so lib/librnp.so.0 lib/librnp.so.%%VERS%% libdata/pkgconfig/librnp.pc -share/man/man1/rnp.1.gz -share/man/man1/rnpkeys.1.gz -share/man/man3/librnp.3.gz +%%MANPAGES%%share/man/man1/rnp.1.gz +%%MANPAGES%%share/man/man1/rnpkeys.1.gz +%%MANPAGES%%share/man/man3/librnp.3.gz diff --git a/security/transcrypt/Makefile b/security/transcrypt/Makefile index 6073a535b6bc..5e0809c4ac90 100644 --- a/security/transcrypt/Makefile +++ b/security/transcrypt/Makefile @@ -1,6 +1,6 @@ PORTNAME= transcrypt DISTVERSIONPREFIX= v -DISTVERSION= 2.3.0 +DISTVERSION= 2.3.1 CATEGORIES= security MAINTAINER= nivit@FreeBSD.org diff --git a/security/transcrypt/distinfo b/security/transcrypt/distinfo index 5c6cc5bd0fac..964673e8a848 100644 --- a/security/transcrypt/distinfo +++ b/security/transcrypt/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1725894913 -SHA256 (elasticdog-transcrypt-v2.3.0_GH0.tar.gz) = 9779f5cc972d7e6e83de0770e5391aca95881bc75e101095a6dede4620a8cd28 -SIZE (elasticdog-transcrypt-v2.3.0_GH0.tar.gz) = 38566 +TIMESTAMP = 1741259270 +SHA256 (elasticdog-transcrypt-v2.3.1_GH0.tar.gz) = c5f5af35016474ffd1f8605be1eac2e2f17743737237065657e3759c8d8d1a66 +SIZE (elasticdog-transcrypt-v2.3.1_GH0.tar.gz) = 39607 diff --git a/security/vuxml/vuln/2025.xml b/security/vuxml/vuln/2025.xml index fc3c3004bbac..7ddafc13c211 100644 --- a/security/vuxml/vuln/2025.xml +++ b/security/vuxml/vuln/2025.xml @@ -1,3 +1,40 @@ + <vuln vid="03ba1cdd-4faf-11f0-af06-00a098b42aeb"> + <topic>cisco -- OpenH264 Decoding Functions Heap Overflow Vulnerability</topic> + <affects> + <package> + <name>openh264</name> + <range><lt>2.5.1</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Cisco reports:</p> + <blockquote cite="https://github.com/cisco/openh264/releases/tag/2.5.1"> + <p>A vulnerability in the decoding functions + of OpenH264 codec library could allow a remote, unauthenticated + attacker to trigger a heap overflow. This vulnerability is due to + a race condition between a Sequence Parameter Set (SPS) memory + allocation and a subsequent non Instantaneous Decoder Refresh + (non-IDR) Network Abstraction Layer (NAL) unit memory usage. An + attacker could exploit this vulnerability by crafting a malicious + bitstream and tricking a victim user into processing an arbitrary + video containing the malicious bistream. An exploit could allow + the attacker to cause an unexpected crash in the victim's user + decoding client and, possibly, perform arbitrary commands on the + victim's host by abusing the heap overflow.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-27091</cvename> + <url>https://nvd.nist.gov/vuln/detail/CVE-2025-27091</url> + </references> + <dates> + <discovery>2025-02-20</discovery> + <entry>2025-06-22</entry> + </dates> + </vuln> + <vuln vid="6c6c1507-4da5-11f0-afcc-f02f7432cf97"> <topic>clamav -- ClamAV UDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability</topic> <affects> |