diff options
Diffstat (limited to 'security')
| -rw-r--r-- | security/Makefile | 1 | ||||
| -rw-r--r-- | security/botan3/Makefile | 26 | ||||
| -rw-r--r-- | security/botan3/distinfo | 6 | ||||
| -rw-r--r-- | security/krb5-devel/Makefile | 4 | ||||
| -rw-r--r-- | security/krb5-devel/distinfo | 6 | ||||
| -rw-r--r-- | security/nuclei/Makefile | 2 | ||||
| -rw-r--r-- | security/nuclei/distinfo | 10 | ||||
| -rw-r--r-- | security/rnp/Makefile | 1 | ||||
| -rw-r--r-- | security/tscli/Makefile | 3 | ||||
| -rw-r--r-- | security/tscli/distinfo | 10 | ||||
| -rw-r--r-- | security/vuls/Makefile | 6 | ||||
| -rw-r--r-- | security/vuls/distinfo | 10 | ||||
| -rw-r--r-- | security/vuls/files/patch-vendor_gorm.io_gorm_internal_stmt_store_stmt_store.go | 29 | ||||
| -rw-r--r-- | security/vuxml/vuln/2025.xml | 37 | ||||
| -rw-r--r-- | security/wpa_supplicant-devel/Makefile | 5 | ||||
| -rw-r--r-- | security/wpa_supplicant-devel/distinfo | 6 |
16 files changed, 89 insertions, 73 deletions
diff --git a/security/Makefile b/security/Makefile index 46547e92bf04..d8b14da244aa 100644 --- a/security/Makefile +++ b/security/Makefile @@ -282,6 +282,7 @@ SUBDIR += lasso SUBDIR += lastpass-cli SUBDIR += lego + SUBDIR += lfacme SUBDIR += libaegis SUBDIR += libargon2 SUBDIR += libassuan diff --git a/security/botan3/Makefile b/security/botan3/Makefile index a376d1c4fa7c..c5c0ff84d783 100644 --- a/security/botan3/Makefile +++ b/security/botan3/Makefile @@ -1,5 +1,5 @@ PORTNAME= botan -DISTVERSION= 3.7.1 +DISTVERSION= 3.8.1 CATEGORIES= security MASTER_SITES= http://botan.randombit.net/releases/ PKGNAMESUFFIX= ${_BOTANMAJOR} @@ -14,7 +14,8 @@ LICENSE_FILE= ${WRKSRC}/license.txt BUILD_DEPENDS= ${LOCALBASE}/include/boost/asio.hpp:devel/boost-libs -USES= compiler:c++20-lang cpe gmake llvm shebangfix tar:xz # llvm fixes build failure, see https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=279136 +USES= compiler:c++20-lang cpe gmake shebangfix tar:xz + CPE_VENDOR= ${PORTNAME}_project USE_LDCONFIG= yes @@ -37,7 +38,7 @@ LDFLAGS+= -pthread DOCSDIR= ${LOCALBASE}/share/doc/${PORTNAME}-${PORTVERSION} -_SOABIVER= 7 +_SOABIVER= 8 _BOTANMAJOR= ${DISTVERSION:S/./ /g:[1]} _SHLIBVER= ${DISTVERSION:S/./ /g:[2]} _SHLIBVERPATCH= ${DISTVERSION:S/./ /g:[3]} @@ -47,10 +48,12 @@ PLIST_SUB= SHLIBVER=${_SHLIBVER} \ BOTANMAJOR=${_BOTANMAJOR} PORTDOCS= * -OPTIONS_DEFINE= DOCS MANPAGES PYTHON SQLITE3 +OPTIONS_DEFINE= DOCS LLVM_FROM_PORTS MANPAGES PYTHON SQLITE3 OPTIONS_DEFAULT= MANPAGES OPTIONS_SUB= yes +LLVM_FROM_PORTS_DESC= Use LLVM from ports to build + MANPAGES_BUILD_DEPENDS= ${PYTHON_PKGNAMEPREFIX}sphinx>=0:textproc/py-sphinx@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}furo>=2022.6.21:textproc/py-furo@${PY_FLAVOR} MANPAGES_CONFIGURE_WITH= sphinx @@ -65,6 +68,15 @@ SQLITE3_CONFIGURE_WITH= sqlite3 .include <bsd.port.options.mk> +# llvm from ports fixes build failure, see https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=279136 +.if ${OPSYS} == FreeBSD && \ + ((${OSVERSION} >= 1500000) || \ + ${PORT_OPTIONS:MLLVM_FROM_PORTS}) +USES+= llvm +USES:= ${USES:Ncompiler\:*} # XXX avoid warnings +CHOSEN_COMPILER_TYPE= clang +.endif + .if ${ARCH} == aarch64 CONFIGURE_ARGS+= --cc-abi="-march=armv8-a+crypto" .elif ${ARCH:Mpowerpc64*} @@ -74,12 +86,6 @@ CONFIGURE_ARGS+= --disable-powercrypto .endif .endif -.if ${ARCH} == i386 || ${ARCH} == amd64 -PLIST_SUB+= HAS_RDRAND_RNG="" -.else -PLIST_SUB+= HAS_RDRAND_RNG="@comment " -.endif - .if ${ARCH} == i386 || ${ARCH} == amd64 || ${ARCH:Mpowerpc64*} PLIST_SUB+= HAS_PROCESSOR_RNG="" .else diff --git a/security/botan3/distinfo b/security/botan3/distinfo index e90946f4ca79..e64fce607f4f 100644 --- a/security/botan3/distinfo +++ b/security/botan3/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1738854685 -SHA256 (Botan-3.7.1.tar.xz) = fc0620463461caaea8e60f06711d7e437a3ad1eebd6de4ac29c14bbd901ccd1b -SIZE (Botan-3.7.1.tar.xz) = 8659408 +TIMESTAMP = 1747422221 +SHA256 (Botan-3.8.1.tar.xz) = b039681d4b861a2f5853746d8ba806f553e23869ed72d89edbfa3c3dbfa17e68 +SIZE (Botan-3.8.1.tar.xz) = 8706304 diff --git a/security/krb5-devel/Makefile b/security/krb5-devel/Makefile index 36aa57f35ae2..6745764fa63d 100644 --- a/security/krb5-devel/Makefile +++ b/security/krb5-devel/Makefile @@ -8,8 +8,8 @@ PKGNAME_X= -${FLAVOR:S/default//} .endif PKGNAMESUFFIX= ${PKGNAME_X:S/--/-/:C/-$//} -HASH= 61e92fe9a -MIT_COMMIT_DATE= 2025.04.06 +HASH= 1113e746a +MIT_COMMIT_DATE= 2025.06.17 PATCH_SITES= http://web.mit.edu/kerberos/advisories/ PATCH_DIST_STRIP= -p2 diff --git a/security/krb5-devel/distinfo b/security/krb5-devel/distinfo index addd917f9451..83e6497143e7 100644 --- a/security/krb5-devel/distinfo +++ b/security/krb5-devel/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1747800263 -SHA256 (krb5-krb5-1.22.2025.04.06-61e92fe9a_GH0.tar.gz) = 2eae92b633a9c77a66fbcb6a5acba93bf5bc6eb75b95ded662c9c4509ba16255 -SIZE (krb5-krb5-1.22.2025.04.06-61e92fe9a_GH0.tar.gz) = 4679049 +TIMESTAMP = 1750876627 +SHA256 (krb5-krb5-1.22.2025.06.17-1113e746a_GH0.tar.gz) = 535c723d44a5fb50ffe3aeb8e1198e81bf1485d24d0f11aa62f56f80dd9c283f +SIZE (krb5-krb5-1.22.2025.06.17-1113e746a_GH0.tar.gz) = 4683455 diff --git a/security/nuclei/Makefile b/security/nuclei/Makefile index 3a2828d806b2..bf4fd87882ba 100644 --- a/security/nuclei/Makefile +++ b/security/nuclei/Makefile @@ -1,6 +1,6 @@ PORTNAME= nuclei DISTVERSIONPREFIX= v -DISTVERSION= 3.4.4 +DISTVERSION= 3.4.5 CATEGORIES= security MAINTAINER= dutra@FreeBSD.org diff --git a/security/nuclei/distinfo b/security/nuclei/distinfo index a4c3ceade456..e4cf46444ae0 100644 --- a/security/nuclei/distinfo +++ b/security/nuclei/distinfo @@ -1,5 +1,5 @@ -TIMESTAMP = 1749429917 -SHA256 (go/security_nuclei/nuclei-v3.4.4/v3.4.4.mod) = 9e805e04dec4da32e582d774928290dd9b337ec1fd9fe49b5a38dc4f2d8fa9f3 -SIZE (go/security_nuclei/nuclei-v3.4.4/v3.4.4.mod) = 17916 -SHA256 (go/security_nuclei/nuclei-v3.4.4/v3.4.4.zip) = c574a8583455d3faaa9e50d87d24a2b8b283f22fecc796e2a58478c7525dddbd -SIZE (go/security_nuclei/nuclei-v3.4.4/v3.4.4.zip) = 12381056 +TIMESTAMP = 1750899492 +SHA256 (go/security_nuclei/nuclei-v3.4.5/v3.4.5.mod) = 5afbb1c8d97f83b0d2b11bd9bf677f5b88043b95241def65c6cdf11d290bbdbe +SIZE (go/security_nuclei/nuclei-v3.4.5/v3.4.5.mod) = 17916 +SHA256 (go/security_nuclei/nuclei-v3.4.5/v3.4.5.zip) = d88771513264794e0f2acb6c03682492363addc36b92c80330fb25ff747462ac +SIZE (go/security_nuclei/nuclei-v3.4.5/v3.4.5.zip) = 12383461 diff --git a/security/rnp/Makefile b/security/rnp/Makefile index c8dc94c9cdac..77944be6a051 100644 --- a/security/rnp/Makefile +++ b/security/rnp/Makefile @@ -1,6 +1,7 @@ PORTNAME= rnp DISTVERSIONPREFIX= v DISTVERSION= 0.18.0 +PORTREVISION= 1 CATEGORIES= security MASTER_SITES= https://github.com/rnpgp/${PORTNAME}/releases/download/${DISTVERSIONFULL}/ diff --git a/security/tscli/Makefile b/security/tscli/Makefile index d86f970157cc..dc2147eb3484 100644 --- a/security/tscli/Makefile +++ b/security/tscli/Makefile @@ -1,7 +1,6 @@ PORTNAME= tscli DISTVERSIONPREFIX= v -DISTVERSION= 0.0.7 -PORTREVISION= 1 +DISTVERSION= 0.0.8 CATEGORIES= security MAINTAINER= dtxdf@FreeBSD.org diff --git a/security/tscli/distinfo b/security/tscli/distinfo index e938f26fd9d2..efb08192281b 100644 --- a/security/tscli/distinfo +++ b/security/tscli/distinfo @@ -1,5 +1,5 @@ -TIMESTAMP = 1748984412 -SHA256 (go/security_tscli/tscli-v0.0.7/v0.0.7.mod) = 7a2fdc5e3af52d5109a5e92304981f0504d30dc6d8b60ce0f7e77aad321a7cb6 -SIZE (go/security_tscli/tscli-v0.0.7/v0.0.7.mod) = 2490 -SHA256 (go/security_tscli/tscli-v0.0.7/v0.0.7.zip) = 6e2e69078b0c442f70c0bfc048c2c1f4043445031ae183aea95c58bbaa17422d -SIZE (go/security_tscli/tscli-v0.0.7/v0.0.7.zip) = 90576 +TIMESTAMP = 1750799402 +SHA256 (go/security_tscli/tscli-v0.0.8/v0.0.8.mod) = af60e402176095e07127536838df7fdce64b4a840bbb23869ac208c04d476f5f +SIZE (go/security_tscli/tscli-v0.0.8/v0.0.8.mod) = 2796 +SHA256 (go/security_tscli/tscli-v0.0.8/v0.0.8.zip) = 885f4c2b781c29c4b4d53ead18a07b7efcfd68c504996346553b91255a234e50 +SIZE (go/security_tscli/tscli-v0.0.8/v0.0.8.zip) = 92477 diff --git a/security/vuls/Makefile b/security/vuls/Makefile index 9e88ccf86b2f..f2f41cbbf54c 100644 --- a/security/vuls/Makefile +++ b/security/vuls/Makefile @@ -1,7 +1,6 @@ PORTNAME= vuls DISTVERSIONPREFIX=v -DISTVERSION= 0.32.0 -PORTREVISION= 2 +DISTVERSION= 0.33.1 CATEGORIES= security MAINTAINER= girgen@FreeBSD.org @@ -25,6 +24,9 @@ SUB_LIST= PORTNAME=${PORTNAME} USERS=${USERS} GROUPS=${GROUPS} USERS= vuls GROUPS= vuls +NOT_FOR_ARCHS= i386 +NOT_FOR_ARCHS_REASON_i386= https://gitlab.com/cznic/libc/-/issues/45 + post-patch: @${REINPLACE_CMD} -e 's,%%ETCDIR%%,${ETCDIR},' \ ${WRKSRC}/subcmds/configtest.go \ diff --git a/security/vuls/distinfo b/security/vuls/distinfo index 171f6cc2ca7b..1524e85119a6 100644 --- a/security/vuls/distinfo +++ b/security/vuls/distinfo @@ -1,5 +1,5 @@ -TIMESTAMP = 1747479508 -SHA256 (go/security_vuls/vuls-v0.32.0/v0.32.0.mod) = e3091e79324dcdd3e3c2959a3b9fa4ab03fc4d53a0ce41a76fc793a68b57302e -SIZE (go/security_vuls/vuls-v0.32.0/v0.32.0.mod) = 20795 -SHA256 (go/security_vuls/vuls-v0.32.0/v0.32.0.zip) = 1eed06de6c88de618a25184d843010c76b30b77a8e554f028a2700a5e267266b -SIZE (go/security_vuls/vuls-v0.32.0/v0.32.0.zip) = 1389053 +TIMESTAMP = 1750837237 +SHA256 (go/security_vuls/vuls-v0.33.1/v0.33.1.mod) = cffef0d92a21a68ae82e1eeb7dbf6504887496b042af76cb182e1e3fba9ece20 +SIZE (go/security_vuls/vuls-v0.33.1/v0.33.1.mod) = 20804 +SHA256 (go/security_vuls/vuls-v0.33.1/v0.33.1.zip) = 0bca1fe58726ef06e60e98d0849baff1c2aff6e1bd0de3722fe64314efec49c3 +SIZE (go/security_vuls/vuls-v0.33.1/v0.33.1.zip) = 1401641 diff --git a/security/vuls/files/patch-vendor_gorm.io_gorm_internal_stmt_store_stmt_store.go b/security/vuls/files/patch-vendor_gorm.io_gorm_internal_stmt_store_stmt_store.go deleted file mode 100644 index a249bd5099ae..000000000000 --- a/security/vuls/files/patch-vendor_gorm.io_gorm_internal_stmt_store_stmt_store.go +++ /dev/null @@ -1,29 +0,0 @@ -commit 8c4e8e2d2a63ef019048bd988a2016948605920b -Author: iTanken <23544702+iTanken@users.noreply.github.com> -Date: Sun Apr 27 14:05:16 2025 +0800 - - fix: int type variable defaultMaxSize overflows in 32-bit environment (#7439) - - Refs: #7435 - -diff --git a/internal/stmt_store/stmt_store.go b/internal/stmt_store/stmt_store.go -index 7068419..a82b2cf 100644 ---- vendor/gorm.io/gorm/internal/stmt_store/stmt_store.go -+++ vendor/gorm.io/gorm/internal/stmt_store/stmt_store.go -@@ -3,6 +3,7 @@ package stmt_store - import ( - "context" - "database/sql" -+ "math" - "sync" - "time" - -@@ -73,7 +74,7 @@ type Store interface { - // the cache can theoretically store as many elements as possible. - // (1 << 63) - 1 is the maximum value that an int64 type can represent. - const ( -- defaultMaxSize = (1 << 63) - 1 -+ defaultMaxSize = math.MaxInt - // defaultTTL defines the default time-to-live (TTL) for each cache entry. - // When the TTL for cache entries is not specified, each cache entry will expire after 24 hours. - defaultTTL = time.Hour * 24 diff --git a/security/vuxml/vuln/2025.xml b/security/vuxml/vuln/2025.xml index 88ecf66a42a7..8ebba07bf8bd 100644 --- a/security/vuxml/vuln/2025.xml +++ b/security/vuxml/vuln/2025.xml @@ -1,3 +1,40 @@ + <vuln vid="d45dabd9-5232-11f0-9ca4-2cf05da270f3"> + <topic>Gitlab -- Vulnerabilities</topic> + <affects> + <package> + <name>gitlab-ce</name> + <name>gitlab-ee</name> + <range><ge>18.1.0</ge><lt>18.1.1</lt></range> + <range><ge>18.0.0</ge><lt>18.0.3</lt></range> + <range><ge>16.10.0</ge><lt>17.11.5</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Gitlab reports:</p> + <blockquote cite="https://about.gitlab.com/releases/2025/06/25/patch-release-gitlab-18-1-1-released/"> + <p>Denial of Service impacts GitLab CE/EE</p> + <p>Missing Authentication issue impacts GitLab CE/EE</p> + <p>Improper access control issue impacts GitLab CE/EE</p> + <p>Elevation of Privilege impacts GitLab CE/EE</p> + <p>Improper access control issue impacts GitLab EE</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-3279</cvename> + <cvename>CVE-2025-1754</cvename> + <cvename>CVE-2025-5315</cvename> + <cvename>CVE-2025-2938</cvename> + <cvename>CVE-2025-5846</cvename> + <url>https://about.gitlab.com/releases/2025/06/25/patch-release-gitlab-18-1-1-released/</url> + </references> + <dates> + <discovery>2025-06-25</discovery> + <entry>2025-06-26</entry> + </dates> + </vuln> + <vuln vid="03ba1cdd-4faf-11f0-af06-00a098b42aeb"> <topic>cisco -- OpenH264 Decoding Functions Heap Overflow Vulnerability</topic> <affects> diff --git a/security/wpa_supplicant-devel/Makefile b/security/wpa_supplicant-devel/Makefile index f4456e429e42..5aee9e01aadb 100644 --- a/security/wpa_supplicant-devel/Makefile +++ b/security/wpa_supplicant-devel/Makefile @@ -1,6 +1,5 @@ PORTNAME= wpa_supplicant PORTVERSION= ${COMMIT_DATE} -PORTREVISION= 1 CATEGORIES= security net PKGNAMESUFFIX= -devel @@ -11,8 +10,8 @@ WWW= https://w1.fi/wpa_supplicant/ USE_GITHUB= yes GH_ACCOUNT= cschuber GH_PROJECT= hostap -GH_TAGNAME= 54930b62b -COMMIT_DATE= 2025.05.08 +GH_TAGNAME= 0b60826a6 +COMMIT_DATE= 2025.06.25 LICENSE= BSD3CLAUSE LICENSE_FILE= ${WRKSRC}/README diff --git a/security/wpa_supplicant-devel/distinfo b/security/wpa_supplicant-devel/distinfo index 4eabde753e8c..dcac53e1a70b 100644 --- a/security/wpa_supplicant-devel/distinfo +++ b/security/wpa_supplicant-devel/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1747800845 -SHA256 (cschuber-hostap-2025.05.08-54930b62b_GH0.tar.gz) = 945b6a16ef7e6071309f1aa02168e05de26ec91b7e4cf8f6eb556fcd649012bb -SIZE (cschuber-hostap-2025.05.08-54930b62b_GH0.tar.gz) = 5291910 +TIMESTAMP = 1750881106 +SHA256 (cschuber-hostap-2025.06.25-0b60826a6_GH0.tar.gz) = 308a2a3a1edf5154a6d44dfa6dc07d9cf61d6bef54be16cdd76683984c83bf7e +SIZE (cschuber-hostap-2025.06.25-0b60826a6_GH0.tar.gz) = 5313294 |