diff options
Diffstat (limited to 'security')
114 files changed, 1440 insertions, 427 deletions
diff --git a/security/Makefile b/security/Makefile index fd6b6dafa7ea..77f3408b22bf 100644 --- a/security/Makefile +++ b/security/Makefile @@ -456,6 +456,7 @@ SUBDIR += openssl31-quictls SUBDIR += openssl32 SUBDIR += openssl33 + SUBDIR += openssl33-quictls SUBDIR += openssl34 SUBDIR += openssl35 SUBDIR += openvas @@ -838,6 +839,8 @@ SUBDIR += php83-sodium SUBDIR += php84-filter SUBDIR += php84-sodium + SUBDIR += php85-filter + SUBDIR += php85-sodium SUBDIR += picocrypt SUBDIR += picosha2 SUBDIR += pidgin-encryption diff --git a/security/acmed/Makefile b/security/acmed/Makefile index 98121fbcbdde..8e0aa0273009 100644 --- a/security/acmed/Makefile +++ b/security/acmed/Makefile @@ -1,7 +1,7 @@ PORTNAME= acmed DISTVERSIONPREFIX= v DISTVERSION= 0.21.0 -PORTREVISION= 20 +PORTREVISION= 21 CATEGORIES= security MAINTAINER= ports@FreeBSD.org diff --git a/security/afl++/Makefile b/security/afl++/Makefile index 41e79b781385..6e45c1ed62e0 100644 --- a/security/afl++/Makefile +++ b/security/afl++/Makefile @@ -1,6 +1,6 @@ PORTNAME= afl DISTVERSIONPREFIX= v -DISTVERSION= 4.32c +DISTVERSION= 4.33c CATEGORIES= security PKGNAMESUFFIX= ++-${FLAVOR} diff --git a/security/afl++/distinfo b/security/afl++/distinfo index 21befac35cea..871fd6e76ebe 100644 --- a/security/afl++/distinfo +++ b/security/afl++/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1746197618 -SHA256 (AFLplusplus-AFLplusplus-v4.32c_GH0.tar.gz) = dc7f59a11ce8cf67a3ed09a5ac78028c6f793b239b21fd83e5b2370cea166926 -SIZE (AFLplusplus-AFLplusplus-v4.32c_GH0.tar.gz) = 3045679 +TIMESTAMP = 1751370940 +SHA256 (AFLplusplus-AFLplusplus-v4.33c_GH0.tar.gz) = 98903c8036282c8908b1d8cc0d60caf3ea259db4339503a76449b47acce58d1d +SIZE (AFLplusplus-AFLplusplus-v4.33c_GH0.tar.gz) = 3058802 diff --git a/security/agave/Makefile b/security/agave/Makefile index da806fbe0654..aed19e0f2e41 100644 --- a/security/agave/Makefile +++ b/security/agave/Makefile @@ -1,7 +1,7 @@ PORTNAME= agave DISTVERSIONPREFIX= v DISTVERSION= 2.2.14 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= security PKGNAMESUFFIX= -blockchain diff --git a/security/arti/Makefile b/security/arti/Makefile index 4d16a358b2e4..d12436f5eaec 100644 --- a/security/arti/Makefile +++ b/security/arti/Makefile @@ -1,5 +1,6 @@ PORTNAME= arti DISTVERSION= 1.4.4 +PORTREVISION= 1 CATEGORIES= security MAINTAINER= cs@FreeBSD.org diff --git a/security/authenticator/Makefile b/security/authenticator/Makefile index 99e83a054b73..fb1d86d80305 100644 --- a/security/authenticator/Makefile +++ b/security/authenticator/Makefile @@ -1,6 +1,6 @@ PORTNAME= authenticator DISTVERSION= 4.4.0 -PORTREVISION= 7 +PORTREVISION= 8 CATEGORIES= security MAINTAINER= ports@FreeBSD.org diff --git a/security/authoscope/Makefile b/security/authoscope/Makefile index c24c36e7bb0f..94c87c4a6fdf 100644 --- a/security/authoscope/Makefile +++ b/security/authoscope/Makefile @@ -1,7 +1,7 @@ PORTNAME= authoscope DISTVERSIONPREFIX= v DISTVERSION= 0.8.1 -PORTREVISION= 22 +PORTREVISION= 23 CATEGORIES= security MAINTAINER= yuri@FreeBSD.org diff --git a/security/aws-lc/Makefile b/security/aws-lc/Makefile index 803ea2798817..67c1020ba0f6 100644 --- a/security/aws-lc/Makefile +++ b/security/aws-lc/Makefile @@ -1,5 +1,5 @@ PORTNAME= aws-lc -PORTVERSION= 1.53.1 +PORTVERSION= 1.54.0 DISTVERSIONPREFIX= v CATEGORIES= security diff --git a/security/aws-lc/distinfo b/security/aws-lc/distinfo index 7e178c8c2194..2a7e6ae009f0 100644 --- a/security/aws-lc/distinfo +++ b/security/aws-lc/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1750954130 -SHA256 (aws-aws-lc-v1.53.1_GH0.tar.gz) = 74137613ea4e322600400fdc2e21c83f08f4c68d368ebe006eab264e4e685e01 -SIZE (aws-aws-lc-v1.53.1_GH0.tar.gz) = 127004586 +TIMESTAMP = 1751208136 +SHA256 (aws-aws-lc-v1.54.0_GH0.tar.gz) = d491b6d6b233e88314a15170d435e28259f7cf4f950a427acc80a0e977aa683a +SIZE (aws-aws-lc-v1.54.0_GH0.tar.gz) = 127011221 diff --git a/security/boringssl/Makefile b/security/boringssl/Makefile index d72689f75660..ca47e59e4c7d 100644 --- a/security/boringssl/Makefile +++ b/security/boringssl/Makefile @@ -1,5 +1,5 @@ PORTNAME= boringssl -PORTVERSION= 0.0.0.0.2025.06.25.01 +PORTVERSION= 0.0.0.0.2025.07.01.01 CATEGORIES= security EXTRACT_ONLY= ${GH_ACCOUNT}-${PORTNAME}-${PORTVERSION}-${GH_TAGNAME}_GH0.tar.gz @@ -19,7 +19,7 @@ CPE_VENDOR= google USE_GITHUB= yes GH_ACCOUNT= google -GH_TAGNAME= 78b48c1 +GH_TAGNAME= f3dcc46 CMAKE_ARGS+= -DBUILD_SHARED_LIBS=1 CFLAGS_i386= -msse2 diff --git a/security/boringssl/distinfo b/security/boringssl/distinfo index 64e40c2a4f5f..2e858a1aa0eb 100644 --- a/security/boringssl/distinfo +++ b/security/boringssl/distinfo @@ -1,4 +1,4 @@ -TIMESTAMP = 1750950234 +TIMESTAMP = 1751480474 SHA256 (filippo.io/edwards25519/@v/v1.1.0.zip) = 9ac43a686d06fdebd719f7af3866c87eb069302272dfb131007adf471c308b65 SIZE (filippo.io/edwards25519/@v/v1.1.0.zip) = 55809 SHA256 (filippo.io/edwards25519/@v/v1.1.0.mod) = 099556fc4d7e6f5cb135efdd8b6bb4c0932e38ea058c53fc5fa5ce285572fb61 @@ -11,5 +11,5 @@ SHA256 (golang.org/x/sys/@v/v0.32.0.zip) = 85d47075d21fd7ef35d9a47fc73f2356fb3cd SIZE (golang.org/x/sys/@v/v0.32.0.zip) = 1991164 SHA256 (golang.org/x/sys/@v/v0.32.0.mod) = f67e3e18f4c08e60a7e80726ab36b691fdcea5b81ae1c696ff64caf518bcfe3d SIZE (golang.org/x/sys/@v/v0.32.0.mod) = 35 -SHA256 (google-boringssl-0.0.0.0.2025.06.25.01-78b48c1_GH0.tar.gz) = 2cfaa5f01ecedb7d662d7b01cac6f2f5f873a52f694a44af69de9b8efcdb6e90 -SIZE (google-boringssl-0.0.0.0.2025.06.25.01-78b48c1_GH0.tar.gz) = 46168678 +SHA256 (google-boringssl-0.0.0.0.2025.07.01.01-f3dcc46_GH0.tar.gz) = b81478b62838ddaa32f4b304a39659ee4c858289263f73d52a3684364774f94e +SIZE (google-boringssl-0.0.0.0.2025.07.01.01-f3dcc46_GH0.tar.gz) = 46169690 diff --git a/security/bzrtp/Makefile b/security/bzrtp/Makefile index 9816979d199c..800884d25be9 100644 --- a/security/bzrtp/Makefile +++ b/security/bzrtp/Makefile @@ -1,5 +1,5 @@ PORTNAME= bzrtp -DISTVERSION= 5.4.2 +DISTVERSION= 5.4.24 CATEGORIES= security MAINTAINER= bofh@FreeBSD.org @@ -20,8 +20,7 @@ GL_ACCOUNT= public USE_GNOME= libxml2 USE_LDCONFIG= yes -CMAKE_ARGS= -DCMAKE_PREFIX_PATH=${LOCALBASE} \ - -DENABLE_STRICT=NO +CMAKE_ARGS= -DENABLE_STRICT=NO post-patch: @${REINPLACE_CMD} 's/<alloca\.h>/<stdlib.h>/' ${WRKSRC}/src/zidCache.c diff --git a/security/bzrtp/distinfo b/security/bzrtp/distinfo index f980a0a7141b..0511c983a7a5 100644 --- a/security/bzrtp/distinfo +++ b/security/bzrtp/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1743013166 -SHA256 (bzrtp-5.4.2.tar.bz2) = fd7cf3412a541d2866c6adf4d36c3cbb5b56b671ccedefc7e0e8aeff8b26e1c7 -SIZE (bzrtp-5.4.2.tar.bz2) = 154138 +TIMESTAMP = 1751281561 +SHA256 (bzrtp-5.4.24.tar.bz2) = 5fdd590ed302f8f4db3c06902c7a711a307e323a125a265bc3720efeda4ce0d7 +SIZE (bzrtp-5.4.24.tar.bz2) = 154137 diff --git a/security/cargo-audit/Makefile b/security/cargo-audit/Makefile index 5a80b2ac1eb2..750963d30c54 100644 --- a/security/cargo-audit/Makefile +++ b/security/cargo-audit/Makefile @@ -1,7 +1,7 @@ PORTNAME= cargo-audit DISTVERSIONPREFIX= ${PORTNAME}/v DISTVERSION= 0.21.2 -PORTREVISION= 1 +PORTREVISION= 2 PORTEPOCH= 1 CATEGORIES= security diff --git a/security/certmonger/Makefile b/security/certmonger/Makefile index 8e086c03f98e..6b810d2ffe9c 100644 --- a/security/certmonger/Makefile +++ b/security/certmonger/Makefile @@ -21,7 +21,7 @@ LIB_DEPENDS= libcurl.so:ftp/curl \ libpopt.so:devel/popt \ libtalloc.so:devel/talloc \ libtevent.so:devel/tevent \ - libuuid.so:misc/e2fsprogs-libuuid + libuuid.so:misc/libuuid USES= autoreconf gettext gnome gssapi:mit iconv pkgconfig ssl USE_GNOME= libxml2 diff --git a/security/cl-md5-sbcl/Makefile b/security/cl-md5-sbcl/Makefile index ec4639dacf85..a9c48203ce81 100644 --- a/security/cl-md5-sbcl/Makefile +++ b/security/cl-md5-sbcl/Makefile @@ -1,6 +1,6 @@ PORTNAME= md5 PORTVERSION= 2.0.5 -PORTREVISION= 6 +PORTREVISION= 7 CATEGORIES= security lisp PKGNAMEPREFIX= cl- DISTFILES= # none diff --git a/security/clamav-lts/Makefile b/security/clamav-lts/Makefile index 60a6937de18f..4c5fada1da92 100644 --- a/security/clamav-lts/Makefile +++ b/security/clamav-lts/Makefile @@ -1,6 +1,6 @@ PORTNAME= clamav DISTVERSION= 1.0.8 -PORTREVISION= 4 +PORTREVISION= 5 PORTEPOCH= 1 CATEGORIES= security MASTER_SITES= https://www.clamav.net/downloads/production/ diff --git a/security/clamav/Makefile b/security/clamav/Makefile index dec2065af9ae..7c24c7c797b7 100644 --- a/security/clamav/Makefile +++ b/security/clamav/Makefile @@ -1,6 +1,6 @@ PORTNAME= clamav DISTVERSION= 1.4.2 -PORTREVISION= 4 +PORTREVISION= 5 PORTEPOCH= 1 CATEGORIES= security MASTER_SITES= https://www.clamav.net/downloads/production/ diff --git a/security/cloak/Makefile b/security/cloak/Makefile index 31b49980b2ed..0dbc8fc8d3f6 100644 --- a/security/cloak/Makefile +++ b/security/cloak/Makefile @@ -1,7 +1,7 @@ PORTNAME= cloak DISTVERSIONPREFIX= v DISTVERSION= 0.3.0 -PORTREVISION= 30 +PORTREVISION= 31 CATEGORIES= security MAINTAINER= ports@FreeBSD.org diff --git a/security/cosign/Makefile b/security/cosign/Makefile index 5a8e00d37bc2..25aa6f4e1082 100644 --- a/security/cosign/Makefile +++ b/security/cosign/Makefile @@ -1,6 +1,6 @@ PORTNAME= cosign DISTVERSIONPREFIX= v -DISTVERSION= 2.5.0 +DISTVERSION= 2.5.2 CATEGORIES= security MAINTAINER= bofh@FreeBSD.org @@ -10,7 +10,7 @@ WWW= https://www.sigstore.dev/ LICENSE= APACHE20 LICENSE_FILE= ${WRKSRC}/LICENSE -USES= cpe go:1.23,modules +USES= cpe go:modules CPE_VENDOR= sigstore GO_MODULE= github.com/sigstore/cosign/v2 @@ -23,7 +23,7 @@ GO_BUILDFLAGS= -ldflags="-buildid= \ PLIST_FILES= bin/${PORTNAME} -GIT_HASH= 38bb98697005cdc5c092f031594c0e45d039f4a0 +GIT_HASH= af5a988bb15a03919ccaac7a2ddcad7a9d006f38 .include <bsd.port.pre.mk> diff --git a/security/cosign/distinfo b/security/cosign/distinfo index 6a77534390e6..621a1398dec8 100644 --- a/security/cosign/distinfo +++ b/security/cosign/distinfo @@ -1,5 +1,5 @@ -TIMESTAMP = 1746276026 -SHA256 (go/security_cosign/cosign-v2.5.0/v2.5.0.mod) = fc290766dd5324141caa63fed997ce4b975b0a5b9eb2345c43db315bd8969e4e -SIZE (go/security_cosign/cosign-v2.5.0/v2.5.0.mod) = 14751 -SHA256 (go/security_cosign/cosign-v2.5.0/v2.5.0.zip) = 930d7c766f230d56063bc42a2a4cee77260e4fd5d79a6200c531e5e99b354b0c -SIZE (go/security_cosign/cosign-v2.5.0/v2.5.0.zip) = 1260158 +TIMESTAMP = 1751444102 +SHA256 (go/security_cosign/cosign-v2.5.2/v2.5.2.mod) = 5bc5ad2f641929f53eeb4fcec33fba55b78a51cf707f53f74feae8a0e7ad0bae +SIZE (go/security_cosign/cosign-v2.5.2/v2.5.2.mod) = 15326 +SHA256 (go/security_cosign/cosign-v2.5.2/v2.5.2.zip) = 91f0aebf97ae40581273a4e44fad958ce7ff02dd232663f9fffd074596efa82e +SIZE (go/security_cosign/cosign-v2.5.2/v2.5.2.zip) = 1274354 diff --git a/security/diswall/Makefile b/security/diswall/Makefile index f066bdac4a53..0bb4161f86b7 100644 --- a/security/diswall/Makefile +++ b/security/diswall/Makefile @@ -1,7 +1,7 @@ PORTNAME= diswall DISTVERSIONPREFIX= v DISTVERSION= 0.6.0 -PORTREVISION= 6 +PORTREVISION= 7 CATEGORIES= security MAINTAINER= yuri@FreeBSD.org diff --git a/security/flawz/Makefile b/security/flawz/Makefile index f65250d952a4..189d9e0f0b76 100644 --- a/security/flawz/Makefile +++ b/security/flawz/Makefile @@ -1,7 +1,7 @@ PORTNAME= flawz DISTVERSIONPREFIX= v DISTVERSION= 0.3.0 -PORTREVISION= 6 +PORTREVISION= 7 CATEGORIES= security MAINTAINER= yuri@FreeBSD.org diff --git a/security/gpg-tui/Makefile b/security/gpg-tui/Makefile index 4e82b6627493..97881f10986a 100644 --- a/security/gpg-tui/Makefile +++ b/security/gpg-tui/Makefile @@ -1,7 +1,7 @@ PORTNAME= gpg-tui DISTVERSIONPREFIX= v DISTVERSION= 0.11.1 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= security MAINTAINER= se@FreeBSD.org diff --git a/security/gvm-libs/Makefile b/security/gvm-libs/Makefile index 9196b191731d..f7a8987caa7c 100644 --- a/security/gvm-libs/Makefile +++ b/security/gvm-libs/Makefile @@ -22,7 +22,7 @@ LIB_DEPENDS= libassuan.so:security/libassuan \ libnet.so:net/libnet \ libpaho-mqtt3a.so:net/libpaho-mqtt3 \ libssh.so:security/libssh \ - libuuid.so:misc/e2fsprogs-libuuid \ + libuuid.so:misc/libuuid \ libjson-glib-1.0.so:devel/json-glib \ libcurl.so:ftp/curl RUN_DEPENDS= doxygen>0:devel/doxygen diff --git a/security/kanidm/Makefile b/security/kanidm/Makefile index 38a6e4d76654..776a57bba5e0 100644 --- a/security/kanidm/Makefile +++ b/security/kanidm/Makefile @@ -1,6 +1,6 @@ PORTNAME= kanidm DISTVERSIONPREFIX= v -DISTVERSION= 1.6.0 +DISTVERSION= 1.6.3 CATEGORIES= security net MAINTAINER= bofh@FreeBSD.org diff --git a/security/kanidm/Makefile.crates b/security/kanidm/Makefile.crates index ec2cd21bf07f..f49487d21325 100644 --- a/security/kanidm/Makefile.crates +++ b/security/kanidm/Makefile.crates @@ -1,6 +1,6 @@ CARGO_CRATES= addr2line-0.24.2 \ adler2-2.0.0 \ - ahash-0.8.11 \ + ahash-0.8.12 \ aho-corasick-1.1.3 \ allocator-api2-0.2.21 \ android-tzdata-0.1.1 \ @@ -33,7 +33,7 @@ CARGO_CRATES= addr2line-0.24.2 \ axum-extra-0.9.6 \ axum-htmx-0.5.0 \ axum-macros-0.4.2 \ - backtrace-0.3.74 \ + backtrace-0.3.75 \ base32-0.5.1 \ base64-0.13.1 \ base64-0.21.7 \ @@ -60,15 +60,16 @@ CARGO_CRATES= addr2line-0.24.2 \ byteorder-1.5.0 \ byteorder-lite-0.1.0 \ bytes-1.10.1 \ - cc-1.2.21 \ + cc-1.2.22 \ cexpr-0.6.0 \ cfg-if-1.0.0 \ cfg_aliases-0.2.1 \ chrono-0.4.41 \ + cidr-0.3.1 \ clang-sys-1.8.1 \ - clap-4.5.37 \ - clap_builder-4.5.37 \ - clap_complete-4.5.48 \ + clap-4.5.38 \ + clap_builder-4.5.38 \ + clap_complete-4.5.50 \ clap_derive-4.5.32 \ clap_lex-0.7.4 \ clru-0.6.2 \ @@ -160,7 +161,7 @@ CARGO_CRATES= addr2line-0.24.2 \ futures-util-0.3.31 \ generic-array-0.14.7 \ getrandom-0.2.16 \ - getrandom-0.3.2 \ + getrandom-0.3.3 \ gif-0.13.1 \ gimli-0.31.1 \ gix-0.71.0 \ @@ -186,7 +187,7 @@ CARGO_CRATES= addr2line-0.24.2 \ gix-odb-0.68.0 \ gix-pack-0.58.0 \ gix-packetline-0.18.4 \ - gix-path-0.10.17 \ + gix-path-0.10.18 \ gix-protocol-0.49.0 \ gix-quote-0.5.0 \ gix-ref-0.51.0 \ @@ -206,7 +207,7 @@ CARGO_CRATES= addr2line-0.24.2 \ gix-validate-0.10.0 \ glob-0.3.2 \ h2-0.3.26 \ - h2-0.4.9 \ + h2-0.4.10 \ half-1.8.3 \ haproxy-protocol-0.0.1 \ hash32-0.3.1 \ @@ -237,20 +238,17 @@ CARGO_CRATES= addr2line-0.24.2 \ hyper-util-0.1.11 \ iana-time-zone-0.1.63 \ iana-time-zone-haiku-0.1.2 \ - icu_collections-1.5.0 \ - icu_locid-1.5.0 \ - icu_locid_transform-1.5.0 \ - icu_locid_transform_data-1.5.1 \ - icu_normalizer-1.5.0 \ - icu_normalizer_data-1.5.1 \ - icu_properties-1.5.1 \ - icu_properties_data-1.5.1 \ - icu_provider-1.5.0 \ - icu_provider_macros-1.5.0 \ + icu_collections-2.0.0 \ + icu_locale_core-2.0.0 \ + icu_normalizer-2.0.0 \ + icu_normalizer_data-2.0.0 \ + icu_properties-2.0.0 \ + icu_properties_data-2.0.0 \ + icu_provider-2.0.0 \ ident_case-1.0.1 \ idlset-0.2.5 \ idna-1.0.3 \ - idna_adapter-1.2.0 \ + idna_adapter-1.2.1 \ image-0.25.6 \ image-webp-0.2.1 \ indexmap-1.9.3 \ @@ -262,24 +260,24 @@ CARGO_CRATES= addr2line-0.24.2 \ itertools-0.13.0 \ itertools-0.14.0 \ itoa-1.0.15 \ - jiff-0.2.12 \ - jiff-static-0.2.12 \ + jiff-0.2.13 \ + jiff-static-0.2.13 \ jiff-tzdb-0.1.4 \ jiff-tzdb-platform-0.1.3 \ js-sys-0.3.77 \ jsonschema-0.30.0 \ kanidm-hsm-crypto-0.2.0 \ - kqueue-1.0.8 \ + kqueue-1.1.1 \ kqueue-sys-1.0.4 \ - lambert_w-1.2.17 \ + lambert_w-1.2.19 \ lazy_static-1.5.0 \ lazycell-1.3.0 \ lber-0.4.2 \ ldap3_client-0.5.2 \ ldap3_proto-0.5.2 \ libc-0.2.172 \ - libloading-0.8.6 \ - libm-0.2.14 \ + libloading-0.8.7 \ + libm-0.2.15 \ libmimalloc-sys-0.1.42 \ libredox-0.1.3 \ libsqlite3-sys-0.33.0 \ @@ -287,18 +285,19 @@ CARGO_CRATES= addr2line-0.24.2 \ libudev-sys-0.1.4 \ linux-raw-sys-0.4.15 \ linux-raw-sys-0.9.4 \ - litemap-0.7.5 \ + litemap-0.8.0 \ litrs-0.4.1 \ lock_api-0.4.12 \ lodepng-3.11.0 \ log-0.4.27 \ lru-0.13.0 \ lru-0.14.0 \ + lru-slab-0.1.2 \ malloced-1.3.1 \ matchers-0.1.0 \ matchit-0.7.3 \ mathru-0.15.5 \ - matrixmultiply-0.3.9 \ + matrixmultiply-0.3.10 \ maybe-async-0.2.10 \ md-5-0.10.6 \ md4-0.10.2 \ @@ -376,6 +375,7 @@ CARGO_CRATES= addr2line-0.24.2 \ pkg-config-0.3.32 \ portable-atomic-1.11.0 \ portable-atomic-util-0.2.4 \ + potential_utf-0.1.2 \ powerfmt-0.2.0 \ ppv-lite86-0.2.21 \ prctl-1.0.0 \ @@ -391,8 +391,8 @@ CARGO_CRATES= addr2line-0.24.2 \ publicsuffix-2.3.0 \ qrcode-0.14.1 \ quick-error-2.0.1 \ - quinn-0.11.7 \ - quinn-proto-0.11.11 \ + quinn-0.11.8 \ + quinn-proto-0.11.12 \ quinn-udp-0.5.12 \ quote-1.0.40 \ r-efi-5.2.0 \ @@ -420,7 +420,7 @@ CARGO_CRATES= addr2line-0.24.2 \ rpassword-5.0.1 \ runloop-0.1.0 \ rusqlite-0.35.0 \ - rust-embed-8.7.0 \ + rust-embed-8.7.1 \ rust-embed-impl-8.7.0 \ rust-embed-utils-8.7.0 \ rustc-demangle-0.1.24 \ @@ -429,11 +429,11 @@ CARGO_CRATES= addr2line-0.24.2 \ rusticata-macros-4.1.0 \ rustix-0.38.44 \ rustix-1.0.7 \ - rustls-0.23.26 \ + rustls-0.23.27 \ rustls-native-certs-0.8.1 \ rustls-pemfile-2.2.0 \ - rustls-pki-types-1.11.0 \ - rustls-webpki-0.103.1 \ + rustls-pki-types-1.12.0 \ + rustls-webpki-0.103.3 \ rustversion-1.0.20 \ ryu-1.0.20 \ same-file-1.0.6 \ @@ -488,7 +488,7 @@ CARGO_CRATES= addr2line-0.24.2 \ system-configuration-0.5.1 \ system-configuration-sys-0.5.0 \ target-lexicon-0.12.16 \ - tempfile-3.19.1 \ + tempfile-3.20.0 \ thiserror-1.0.69 \ thiserror-2.0.12 \ thiserror-impl-1.0.69 \ @@ -499,12 +499,12 @@ CARGO_CRATES= addr2line-0.24.2 \ time-0.3.41 \ time-core-0.1.4 \ time-macros-0.2.22 \ - tinystr-0.7.6 \ + tinystr-0.8.1 \ tinyvec-1.9.0 \ tinyvec_macros-0.1.1 \ tls_codec-0.4.2 \ tls_codec_derive-0.4.2 \ - tokio-1.44.2 \ + tokio-1.45.0 \ tokio-macros-2.5.0 \ tokio-native-tls-0.3.1 \ tokio-openssl-0.6.5 \ @@ -518,7 +518,7 @@ CARGO_CRATES= addr2line-0.24.2 \ tonic-0.12.3 \ tower-0.4.13 \ tower-0.5.2 \ - tower-http-0.6.2 \ + tower-http-0.6.4 \ tower-layer-0.3.3 \ tower-service-0.3.3 \ tracing-0.1.41 \ @@ -541,7 +541,6 @@ CARGO_CRATES= addr2line-0.24.2 \ untrusted-0.9.0 \ url-2.5.4 \ urlencoding-2.1.3 \ - utf16_iter-1.0.5 \ utf8_iter-1.0.4 \ utf8parse-0.2.2 \ utoipa-4.2.3 \ @@ -572,7 +571,8 @@ CARGO_CRATES= addr2line-0.24.2 \ webauthn-rs-core-0.5.1 \ webauthn-rs-proto-0.5.1 \ webdriver-0.50.0 \ - webpki-roots-0.26.10 \ + webpki-roots-0.26.11 \ + webpki-roots-1.0.0 \ weezl-0.1.8 \ which-4.4.2 \ whoami-1.6.0 \ @@ -626,29 +626,27 @@ CARGO_CRATES= addr2line-0.24.2 \ windows_x86_64_msvc-0.52.6 \ windows_x86_64_msvc-0.53.0 \ winnow-0.6.26 \ - winnow-0.7.9 \ + winnow-0.7.10 \ winreg-0.50.0 \ wit-bindgen-rt-0.39.0 \ - write16-1.0.0 \ - writeable-0.5.5 \ + writeable-0.6.1 \ x509-cert-0.2.5 \ x509-parser-0.16.0 \ - yoke-0.7.5 \ - yoke-derive-0.7.5 \ - zerocopy-0.7.35 \ + yoke-0.8.0 \ + yoke-derive-0.8.0 \ zerocopy-0.8.25 \ - zerocopy-derive-0.7.35 \ zerocopy-derive-0.8.25 \ zerofrom-0.1.6 \ zerofrom-derive-0.1.6 \ zeroize-1.8.1 \ zeroize_derive-1.4.2 \ - zerovec-0.10.4 \ - zerovec-derive-0.10.3 \ + zerotrie-0.2.2 \ + zerovec-0.11.2 \ + zerovec-derive-0.11.1 \ zip-0.6.6 \ zune-core-0.4.12 \ zune-jpeg-0.4.14 \ zxcvbn-3.1.0 \ - sshkeys@git+https://github.com/Firstyear/rust-sshkeys.git?rev=3a081cbf7480628223bcb96fc8aaa8c19109d007\#3a081cbf7480628223bcb96fc8aaa8c19109d007 \ + sshkeys@git+https://github.com/Firstyear/rust-sshkeys.git?rev=49cb53232115d3aea86cd059b151e376293805fc\#49cb53232115d3aea86cd059b151e376293805fc \ libnss@git+https://github.com/Firstyear/libnss-rs.git?branch=20250207-freebsd\#763da4beaadc1e475b89ed876de31a5e393f6d30 \ - compact_jwt@git+https://github.com/Firstyear/compact-jwt.git?rev=b3d2b5700cfe567d384c81df35d25537fbf7f110\#b3d2b5700cfe567d384c81df35d25537fbf7f110 + compact_jwt@git+https://github.com/Firstyear/compact-jwt.git?rev=043976842773dd035fe394261347edeb644e3091\#043976842773dd035fe394261347edeb644e3091 diff --git a/security/kanidm/distinfo b/security/kanidm/distinfo index 53e5c16ee421..d4f4a09b5062 100644 --- a/security/kanidm/distinfo +++ b/security/kanidm/distinfo @@ -1,10 +1,10 @@ -TIMESTAMP = 1749695021 +TIMESTAMP = 1751495652 SHA256 (rust/crates/addr2line-0.24.2.crate) = dfbe277e56a376000877090da837660b4427aad530e3028d44e0bffe4f89a1c1 SIZE (rust/crates/addr2line-0.24.2.crate) = 39015 SHA256 (rust/crates/adler2-2.0.0.crate) = 512761e0bb2578dd7380c6baaa0f4ce03e84f95e960231d1dec8bf4d7d6e2627 SIZE (rust/crates/adler2-2.0.0.crate) = 13529 -SHA256 (rust/crates/ahash-0.8.11.crate) = e89da841a80418a9b391ebaea17f5c112ffaaa96f621d2c285b5174da76b9011 -SIZE (rust/crates/ahash-0.8.11.crate) = 43607 +SHA256 (rust/crates/ahash-0.8.12.crate) = 5a15f179cd60c4584b8a8c596927aadc462e27f2ca70c04e0071964a73ba7a75 +SIZE (rust/crates/ahash-0.8.12.crate) = 43413 SHA256 (rust/crates/aho-corasick-1.1.3.crate) = 8e60d3430d3a69478ad0993f19238d2df97c507009a52b3c10addcd7f6bcb916 SIZE (rust/crates/aho-corasick-1.1.3.crate) = 183311 SHA256 (rust/crates/allocator-api2-0.2.21.crate) = 683d7910e743518b0e34f1186f92494becacb047c7b6bf616c96772180fef923 @@ -69,8 +69,8 @@ SHA256 (rust/crates/axum-htmx-0.5.0.crate) = 40f7051fdc094b6e5ea06cab9bca4b198c5 SIZE (rust/crates/axum-htmx-0.5.0.crate) = 15894 SHA256 (rust/crates/axum-macros-0.4.2.crate) = 57d123550fa8d071b7255cb0cc04dc302baa6c8c4a79f55701552684d8399bce SIZE (rust/crates/axum-macros-0.4.2.crate) = 39245 -SHA256 (rust/crates/backtrace-0.3.74.crate) = 8d82cb332cdfaed17ae235a638438ac4d4839913cc2af585c3c6746e8f8bee1a -SIZE (rust/crates/backtrace-0.3.74.crate) = 88516 +SHA256 (rust/crates/backtrace-0.3.75.crate) = 6806a6321ec58106fea15becdad98371e28d92ccbc7c8f1b3b6dd724fe8f1002 +SIZE (rust/crates/backtrace-0.3.75.crate) = 92665 SHA256 (rust/crates/base32-0.5.1.crate) = 022dfe9eb35f19ebbcb51e0b40a5ab759f46ad60cadf7297e0bd085afb50e076 SIZE (rust/crates/base32-0.5.1.crate) = 9238 SHA256 (rust/crates/base64-0.13.1.crate) = 9e1b586273c5702936fe7b7d6896644d8be71e6314cfe09d3167c95f712589e8 @@ -123,8 +123,8 @@ SHA256 (rust/crates/byteorder-lite-0.1.0.crate) = 8f1fe948ff07f4bd06c30984e69f5b SIZE (rust/crates/byteorder-lite-0.1.0.crate) = 15909 SHA256 (rust/crates/bytes-1.10.1.crate) = d71b6127be86fdcfddb610f7182ac57211d4b18a3e9c82eb2d17662f2227ad6a SIZE (rust/crates/bytes-1.10.1.crate) = 76779 -SHA256 (rust/crates/cc-1.2.21.crate) = 8691782945451c1c383942c4874dbe63814f61cb57ef773cda2972682b7bb3c0 -SIZE (rust/crates/cc-1.2.21.crate) = 106117 +SHA256 (rust/crates/cc-1.2.22.crate) = 32db95edf998450acc7881c932f94cd9b05c87b4b2599e8bab064753da4acfd1 +SIZE (rust/crates/cc-1.2.22.crate) = 106294 SHA256 (rust/crates/cexpr-0.6.0.crate) = 6fac387a98bb7c37292057cffc56d62ecb629900026402633ae9160df93a8766 SIZE (rust/crates/cexpr-0.6.0.crate) = 17966 SHA256 (rust/crates/cfg-if-1.0.0.crate) = baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd @@ -133,14 +133,16 @@ SHA256 (rust/crates/cfg_aliases-0.2.1.crate) = 613afe47fcd5fac7ccf1db93babcb082c SIZE (rust/crates/cfg_aliases-0.2.1.crate) = 6355 SHA256 (rust/crates/chrono-0.4.41.crate) = c469d952047f47f91b68d1cba3f10d63c11d73e4636f24f08daf0278abf01c4d SIZE (rust/crates/chrono-0.4.41.crate) = 234621 +SHA256 (rust/crates/cidr-0.3.1.crate) = bd1b64030216239a2e7c364b13cd96a2097ebf0dfe5025f2dedee14a23f2ab60 +SIZE (rust/crates/cidr-0.3.1.crate) = 39130 SHA256 (rust/crates/clang-sys-1.8.1.crate) = 0b023947811758c97c59bf9d1c188fd619ad4718dcaa767947df1cadb14f39f4 SIZE (rust/crates/clang-sys-1.8.1.crate) = 44009 -SHA256 (rust/crates/clap-4.5.37.crate) = eccb054f56cbd38340b380d4a8e69ef1f02f1af43db2f0cc817a4774d80ae071 -SIZE (rust/crates/clap-4.5.37.crate) = 56962 -SHA256 (rust/crates/clap_builder-4.5.37.crate) = efd9466fac8543255d3b1fcad4762c5e116ffe808c8a3043d4263cd4fd4862a2 -SIZE (rust/crates/clap_builder-4.5.37.crate) = 168761 -SHA256 (rust/crates/clap_complete-4.5.48.crate) = be8c97f3a6f02b9e24cadc12aaba75201d18754b53ea0a9d99642f806ccdb4c9 -SIZE (rust/crates/clap_complete-4.5.48.crate) = 48036 +SHA256 (rust/crates/clap-4.5.38.crate) = ed93b9805f8ba930df42c2590f05453d5ec36cbb85d018868a5b24d31f6ac000 +SIZE (rust/crates/clap-4.5.38.crate) = 57140 +SHA256 (rust/crates/clap_builder-4.5.38.crate) = 379026ff283facf611b0ea629334361c4211d1b12ee01024eec1591133b04120 +SIZE (rust/crates/clap_builder-4.5.38.crate) = 169177 +SHA256 (rust/crates/clap_complete-4.5.50.crate) = c91d3baa3bcd889d60e6ef28874126a0b384fd225ab83aa6d8a801c519194ce1 +SIZE (rust/crates/clap_complete-4.5.50.crate) = 48292 SHA256 (rust/crates/clap_derive-4.5.32.crate) = 09176aae279615badda0765c0c0b3f6ed53f4709118af73cf4655d85d1530cd7 SIZE (rust/crates/clap_derive-4.5.32.crate) = 33441 SHA256 (rust/crates/clap_lex-0.7.4.crate) = f46ad14479a25103f283c0f10005961cf086d8dc42205bb44c46ac563475dca6 @@ -323,8 +325,8 @@ SHA256 (rust/crates/generic-array-0.14.7.crate) = 85649ca51fd72272d7821adaf274ad SIZE (rust/crates/generic-array-0.14.7.crate) = 15950 SHA256 (rust/crates/getrandom-0.2.16.crate) = 335ff9f135e4384c8150d6f27c6daed433577f86b4750418338c01a1a2528592 SIZE (rust/crates/getrandom-0.2.16.crate) = 40163 -SHA256 (rust/crates/getrandom-0.3.2.crate) = 73fea8450eea4bac3940448fb7ae50d91f034f941199fcd9d909a5a07aa455f0 -SIZE (rust/crates/getrandom-0.3.2.crate) = 49140 +SHA256 (rust/crates/getrandom-0.3.3.crate) = 26145e563e54f2cadc477553f1ec5ee650b00862f0a58bcd12cbdc5f0ea2d2f4 +SIZE (rust/crates/getrandom-0.3.3.crate) = 49493 SHA256 (rust/crates/gif-0.13.1.crate) = 3fb2d69b19215e18bb912fa30f7ce15846e301408695e44e0ef719f1da9e19f2 SIZE (rust/crates/gif-0.13.1.crate) = 36408 SHA256 (rust/crates/gimli-0.31.1.crate) = 07e28edb80900c19c28f1072f2e8aeca7fa06b23cd4169cefe1af5aa3260783f @@ -375,8 +377,8 @@ SHA256 (rust/crates/gix-pack-0.58.0.crate) = 9b65fffb09393c26624ca408d32cfe8776f SIZE (rust/crates/gix-pack-0.58.0.crate) = 104138 SHA256 (rust/crates/gix-packetline-0.18.4.crate) = 123844a70cf4d5352441dc06bab0da8aef61be94ec239cb631e0ba01dc6d3a04 SIZE (rust/crates/gix-packetline-0.18.4.crate) = 26579 -SHA256 (rust/crates/gix-path-0.10.17.crate) = c091d2e887e02c3462f52252c5ea61150270c0f2657b642e8d0d6df56c16e642 -SIZE (rust/crates/gix-path-0.10.17.crate) = 30151 +SHA256 (rust/crates/gix-path-0.10.18.crate) = 567f65fec4ef10dfab97ae71f26a27fd4d7fe7b8e3f90c8a58551c41ff3fb65b +SIZE (rust/crates/gix-path-0.10.18.crate) = 30214 SHA256 (rust/crates/gix-protocol-0.49.0.crate) = 5678ddae1d62880bc30e2200be1b9387af3372e0e88e21f81b4e7f8367355b5a SIZE (rust/crates/gix-protocol-0.49.0.crate) = 56678 SHA256 (rust/crates/gix-quote-0.5.0.crate) = 1b005c550bf84de3b24aa5e540a23e6146a1c01c7d30470e35d75a12f827f969 @@ -415,8 +417,8 @@ SHA256 (rust/crates/glob-0.3.2.crate) = a8d1add55171497b4705a648c6b583acafb01d58 SIZE (rust/crates/glob-0.3.2.crate) = 22359 SHA256 (rust/crates/h2-0.3.26.crate) = 81fe527a889e1532da5c525686d96d4c2e74cdd345badf8dfef9f6b39dd5f5e8 SIZE (rust/crates/h2-0.3.26.crate) = 168315 -SHA256 (rust/crates/h2-0.4.9.crate) = 75249d144030531f8dee69fe9cea04d3edf809a017ae445e2abdff6629e86633 -SIZE (rust/crates/h2-0.4.9.crate) = 175002 +SHA256 (rust/crates/h2-0.4.10.crate) = a9421a676d1b147b16b82c9225157dc629087ef8ec4d5e2960f9437a90dac0a5 +SIZE (rust/crates/h2-0.4.10.crate) = 174800 SHA256 (rust/crates/half-1.8.3.crate) = 1b43ede17f21864e81be2fa654110bf1e793774238d86ef8555c37e6519c0403 SIZE (rust/crates/half-1.8.3.crate) = 41624 SHA256 (rust/crates/haproxy-protocol-0.0.1.crate) = f61fc527a2f089b57ebc09301b6371bbbff4ce7b547306c17dfa55766655bec6 @@ -477,34 +479,28 @@ SHA256 (rust/crates/iana-time-zone-0.1.63.crate) = b0c919e5debc312ad217002b8048a SIZE (rust/crates/iana-time-zone-0.1.63.crate) = 32919 SHA256 (rust/crates/iana-time-zone-haiku-0.1.2.crate) = f31827a206f56af32e590ba56d5d2d085f558508192593743f16b2306495269f SIZE (rust/crates/iana-time-zone-haiku-0.1.2.crate) = 7185 -SHA256 (rust/crates/icu_collections-1.5.0.crate) = db2fa452206ebee18c4b5c2274dbf1de17008e874b4dc4f0aea9d01ca79e4526 -SIZE (rust/crates/icu_collections-1.5.0.crate) = 82762 -SHA256 (rust/crates/icu_locid-1.5.0.crate) = 13acbb8371917fc971be86fc8057c41a64b521c184808a698c02acc242dbf637 -SIZE (rust/crates/icu_locid-1.5.0.crate) = 55131 -SHA256 (rust/crates/icu_locid_transform-1.5.0.crate) = 01d11ac35de8e40fdeda00d9e1e9d92525f3f9d887cdd7aa81d727596788b54e -SIZE (rust/crates/icu_locid_transform-1.5.0.crate) = 29094 -SHA256 (rust/crates/icu_locid_transform_data-1.5.1.crate) = 7515e6d781098bf9f7205ab3fc7e9709d34554ae0b21ddbcb5febfa4bc7df11d -SIZE (rust/crates/icu_locid_transform_data-1.5.1.crate) = 42937 -SHA256 (rust/crates/icu_normalizer-1.5.0.crate) = 19ce3e0da2ec68599d193c93d088142efd7f9c5d6fc9b803774855747dc6a84f -SIZE (rust/crates/icu_normalizer-1.5.0.crate) = 53113 -SHA256 (rust/crates/icu_normalizer_data-1.5.1.crate) = c5e8338228bdc8ab83303f16b797e177953730f601a96c25d10cb3ab0daa0cb7 -SIZE (rust/crates/icu_normalizer_data-1.5.1.crate) = 50737 -SHA256 (rust/crates/icu_properties-1.5.1.crate) = 93d6020766cfc6302c15dbbc9c8778c37e62c14427cb7f6e601d849e092aeef5 -SIZE (rust/crates/icu_properties-1.5.1.crate) = 64479 -SHA256 (rust/crates/icu_properties_data-1.5.1.crate) = 85fb8799753b75aee8d2a21d7c14d9f38921b54b3dbda10f5a3c7a7b82dba5e2 -SIZE (rust/crates/icu_properties_data-1.5.1.crate) = 229231 -SHA256 (rust/crates/icu_provider-1.5.0.crate) = 6ed421c8a8ef78d3e2dbc98a973be2f3770cb42b606e3ab18d6237c4dfde68d9 -SIZE (rust/crates/icu_provider-1.5.0.crate) = 52722 -SHA256 (rust/crates/icu_provider_macros-1.5.0.crate) = 1ec89e9337638ecdc08744df490b221a7399bf8d164eb52a665454e60e075ad6 -SIZE (rust/crates/icu_provider_macros-1.5.0.crate) = 6436 +SHA256 (rust/crates/icu_collections-2.0.0.crate) = 200072f5d0e3614556f94a9930d5dc3e0662a652823904c3a75dc3b0af7fee47 +SIZE (rust/crates/icu_collections-2.0.0.crate) = 83033 +SHA256 (rust/crates/icu_locale_core-2.0.0.crate) = 0cde2700ccaed3872079a65fb1a78f6c0a36c91570f28755dda67bc8f7d9f00a +SIZE (rust/crates/icu_locale_core-2.0.0.crate) = 74430 +SHA256 (rust/crates/icu_normalizer-2.0.0.crate) = 436880e8e18df4d7bbc06d58432329d6458cc84531f7ac5f024e93deadb37979 +SIZE (rust/crates/icu_normalizer-2.0.0.crate) = 61543 +SHA256 (rust/crates/icu_normalizer_data-2.0.0.crate) = 00210d6893afc98edb752b664b8890f0ef174c8adbb8d0be9710fa66fbbf72d3 +SIZE (rust/crates/icu_normalizer_data-2.0.0.crate) = 68101 +SHA256 (rust/crates/icu_properties-2.0.0.crate) = 2549ca8c7241c82f59c80ba2a6f415d931c5b58d24fb8412caa1a1f02c49139a +SIZE (rust/crates/icu_properties-2.0.0.crate) = 58065 +SHA256 (rust/crates/icu_properties_data-2.0.0.crate) = 8197e866e47b68f8f7d95249e172903bec06004b18b2937f1095d40a0c57de04 +SIZE (rust/crates/icu_properties_data-2.0.0.crate) = 159069 +SHA256 (rust/crates/icu_provider-2.0.0.crate) = 03c80da27b5f4187909049ee2d72f276f0d9f99a42c306bd0131ecfe04d8e5af +SIZE (rust/crates/icu_provider-2.0.0.crate) = 50966 SHA256 (rust/crates/ident_case-1.0.1.crate) = b9e0384b61958566e926dc50660321d12159025e767c18e043daf26b70104c39 SIZE (rust/crates/ident_case-1.0.1.crate) = 3492 SHA256 (rust/crates/idlset-0.2.5.crate) = ef858150272c6cce9db3710a171edf5d3e8844d38680d7657e9b1698efe8d97b SIZE (rust/crates/idlset-0.2.5.crate) = 106725 SHA256 (rust/crates/idna-1.0.3.crate) = 686f825264d630750a544639377bae737628043f20d38bbc029e8f29ea968a7e SIZE (rust/crates/idna-1.0.3.crate) = 142515 -SHA256 (rust/crates/idna_adapter-1.2.0.crate) = daca1df1c957320b2cf139ac61e7bd64fed304c5040df000a745aa1de3b4ef71 -SIZE (rust/crates/idna_adapter-1.2.0.crate) = 8206 +SHA256 (rust/crates/idna_adapter-1.2.1.crate) = 3acae9609540aa318d1bc588455225fb2085b9ed0c4f6bd0d9d5bcd86f1a0344 +SIZE (rust/crates/idna_adapter-1.2.1.crate) = 10389 SHA256 (rust/crates/image-0.25.6.crate) = db35664ce6b9810857a38a906215e75a9c879f0696556a39f59c62829710251a SIZE (rust/crates/image-0.25.6.crate) = 242367 SHA256 (rust/crates/image-webp-0.2.1.crate) = b77d01e822461baa8409e156015a1d91735549f0f2c17691bd2d996bef238f7f @@ -527,10 +523,10 @@ SHA256 (rust/crates/itertools-0.14.0.crate) = 2b192c782037fadd9cfa75548310488aab SIZE (rust/crates/itertools-0.14.0.crate) = 152715 SHA256 (rust/crates/itoa-1.0.15.crate) = 4a5f13b858c8d314ee3e8f639011f7ccefe71f97f96e50151fb991f267928e2c SIZE (rust/crates/itoa-1.0.15.crate) = 11231 -SHA256 (rust/crates/jiff-0.2.12.crate) = d07d8d955d798e7a4d6f9c58cd1f1916e790b42b092758a9ef6e16fef9f1b3fd -SIZE (rust/crates/jiff-0.2.12.crate) = 706826 -SHA256 (rust/crates/jiff-static-0.2.12.crate) = f244cfe006d98d26f859c7abd1318d85327e1882dc9cef80f62daeeb0adcf300 -SIZE (rust/crates/jiff-static-0.2.12.crate) = 76130 +SHA256 (rust/crates/jiff-0.2.13.crate) = f02000660d30638906021176af16b17498bd0d12813dbfe7b276d8bc7f3c0806 +SIZE (rust/crates/jiff-0.2.13.crate) = 707842 +SHA256 (rust/crates/jiff-static-0.2.13.crate) = f3c30758ddd7188629c6713fc45d1188af4f44c90582311d0c8d8c9907f60c48 +SIZE (rust/crates/jiff-static-0.2.13.crate) = 76123 SHA256 (rust/crates/jiff-tzdb-0.1.4.crate) = c1283705eb0a21404d2bfd6eef2a7593d240bc42a0bdb39db0ad6fa2ec026524 SIZE (rust/crates/jiff-tzdb-0.1.4.crate) = 62435 SHA256 (rust/crates/jiff-tzdb-platform-0.1.3.crate) = 875a5a69ac2bab1a891711cf5eccbec1ce0341ea805560dcd90b7a2e925132e8 @@ -541,12 +537,12 @@ SHA256 (rust/crates/jsonschema-0.30.0.crate) = f1b46a0365a611fbf1d2143104dcf910a SIZE (rust/crates/jsonschema-0.30.0.crate) = 124559 SHA256 (rust/crates/kanidm-hsm-crypto-0.2.0.crate) = 10b3ed8e86cda3da4f274c677a3057d567bd7b715a0feb06a656e55cc75faf5e SIZE (rust/crates/kanidm-hsm-crypto-0.2.0.crate) = 29700 -SHA256 (rust/crates/kqueue-1.0.8.crate) = 7447f1ca1b7b563588a205fe93dea8df60fd981423a768bc1c0ded35ed147d0c -SIZE (rust/crates/kqueue-1.0.8.crate) = 12642 +SHA256 (rust/crates/kqueue-1.1.1.crate) = eac30106d7dce88daf4a3fcb4879ea939476d5074a9b7ddd0fb97fa4bed5596a +SIZE (rust/crates/kqueue-1.1.1.crate) = 21504 SHA256 (rust/crates/kqueue-sys-1.0.4.crate) = ed9625ffda8729b85e45cf04090035ac368927b8cebc34898e7c120f52e4838b SIZE (rust/crates/kqueue-sys-1.0.4.crate) = 7160 -SHA256 (rust/crates/lambert_w-1.2.17.crate) = dc66ddcab7f8a3cc035052b0bb1f9f7f47ac92741b3fe78974bdd356fe023a40 -SIZE (rust/crates/lambert_w-1.2.17.crate) = 39362 +SHA256 (rust/crates/lambert_w-1.2.19.crate) = a3269cd75481b02173ffe6cb30f08e3eae78b20eb2ed6bfbdb3ce2a90446d83f +SIZE (rust/crates/lambert_w-1.2.19.crate) = 39876 SHA256 (rust/crates/lazy_static-1.5.0.crate) = bbd2bcb4c963f2ddae06a2efc7e9f3591312473c50c6685e1f298068316e66fe SIZE (rust/crates/lazy_static-1.5.0.crate) = 14025 SHA256 (rust/crates/lazycell-1.3.0.crate) = 830d08ce1d1d941e6b30645f1a0eb5643013d835ce3779a5fc208261dbe10f55 @@ -559,10 +555,10 @@ SHA256 (rust/crates/ldap3_proto-0.5.2.crate) = e9a047c1b49d3b4da70f52ac54310dcd8 SIZE (rust/crates/ldap3_proto-0.5.2.crate) = 43605 SHA256 (rust/crates/libc-0.2.172.crate) = d750af042f7ef4f724306de029d18836c26c1765a54a6a3f094cbd23a7267ffa SIZE (rust/crates/libc-0.2.172.crate) = 791646 -SHA256 (rust/crates/libloading-0.8.6.crate) = fc2f4eb4bc735547cfed7c0a4922cbd04a4655978c09b54f1f7b228750664c34 -SIZE (rust/crates/libloading-0.8.6.crate) = 28922 -SHA256 (rust/crates/libm-0.2.14.crate) = a25169bd5913a4b437588a7e3d127cd6e90127b60e0ffbd834a38f1599e016b8 -SIZE (rust/crates/libm-0.2.14.crate) = 155948 +SHA256 (rust/crates/libloading-0.8.7.crate) = 6a793df0d7afeac54f95b471d3af7f0d4fb975699f972341a4b76988d49cdf0c +SIZE (rust/crates/libloading-0.8.7.crate) = 30374 +SHA256 (rust/crates/libm-0.2.15.crate) = f9fbbcab51052fe104eb5e5d351cf728d30a5be1fe14d9be8a3b097481fb97de +SIZE (rust/crates/libm-0.2.15.crate) = 156108 SHA256 (rust/crates/libmimalloc-sys-0.1.42.crate) = ec9d6fac27761dabcd4ee73571cdb06b7022dc99089acbe5435691edffaac0f4 SIZE (rust/crates/libmimalloc-sys-0.1.42.crate) = 224614 SHA256 (rust/crates/libredox-0.1.3.crate) = c0ff37bd590ca25063e35af745c343cb7a0271906fb7b37e4813e8f79f00268d @@ -577,8 +573,8 @@ SHA256 (rust/crates/linux-raw-sys-0.4.15.crate) = d26c52dbd32dccf2d10cac7725f8ea SIZE (rust/crates/linux-raw-sys-0.4.15.crate) = 2150898 SHA256 (rust/crates/linux-raw-sys-0.9.4.crate) = cd945864f07fe9f5371a27ad7b52a172b4b499999f1d97574c9fa68373937e12 SIZE (rust/crates/linux-raw-sys-0.9.4.crate) = 2311088 -SHA256 (rust/crates/litemap-0.7.5.crate) = 23fb14cb19457329c82206317a5663005a4d404783dc74f4252769b0d5f42856 -SIZE (rust/crates/litemap-0.7.5.crate) = 29962 +SHA256 (rust/crates/litemap-0.8.0.crate) = 241eaef5fd12c88705a01fc1066c48c4b36e0dd4377dcdc7ec3942cea7a69956 +SIZE (rust/crates/litemap-0.8.0.crate) = 34344 SHA256 (rust/crates/litrs-0.4.1.crate) = b4ce301924b7887e9d637144fdade93f9dfff9b60981d4ac161db09720d39aa5 SIZE (rust/crates/litrs-0.4.1.crate) = 42603 SHA256 (rust/crates/lock_api-0.4.12.crate) = 07af8b9cdd281b7915f413fa73f29ebd5d55d0d3f0155584dade1ff18cea1b17 @@ -591,6 +587,8 @@ SHA256 (rust/crates/lru-0.13.0.crate) = 227748d55f2f0ab4735d87fd623798cb6b664512 SIZE (rust/crates/lru-0.13.0.crate) = 16305 SHA256 (rust/crates/lru-0.14.0.crate) = 9f8cc7106155f10bdf99a6f379688f543ad6596a415375b36a59a054ceda1198 SIZE (rust/crates/lru-0.14.0.crate) = 16345 +SHA256 (rust/crates/lru-slab-0.1.2.crate) = 112b39cec0b298b6c1999fee3e31427f74f676e4cb9879ed1a121b43661a4154 +SIZE (rust/crates/lru-slab-0.1.2.crate) = 9090 SHA256 (rust/crates/malloced-1.3.1.crate) = 6dfebb2f9e0b39509c62eead6ec7ae0c0ed45bb61d12bbcf4e976c566c5400ec SIZE (rust/crates/malloced-1.3.1.crate) = 12129 SHA256 (rust/crates/matchers-0.1.0.crate) = 8263075bb86c5a1b1427b5ae862e8889656f126e9f77c484496e8b47cf5c5558 @@ -599,8 +597,8 @@ SHA256 (rust/crates/matchit-0.7.3.crate) = 0e7465ac9959cc2b1404e8e2367b43684a6d1 SIZE (rust/crates/matchit-0.7.3.crate) = 30372 SHA256 (rust/crates/mathru-0.15.5.crate) = f3df2d16c016b28cd94248072b6cd8106d8abd7184ec90ea09660c4b7fa989f1 SIZE (rust/crates/mathru-0.15.5.crate) = 665528 -SHA256 (rust/crates/matrixmultiply-0.3.9.crate) = 9380b911e3e96d10c1f415da0876389aaf1b56759054eeb0de7df940c456ba1a -SIZE (rust/crates/matrixmultiply-0.3.9.crate) = 57819 +SHA256 (rust/crates/matrixmultiply-0.3.10.crate) = a06de3016e9fae57a36fd14dba131fccf49f74b40b7fbdb472f96e361ec71a08 +SIZE (rust/crates/matrixmultiply-0.3.10.crate) = 58170 SHA256 (rust/crates/maybe-async-0.2.10.crate) = 5cf92c10c7e361d6b99666ec1c6f9805b0bea2c3bd8c78dc6fe98ac5bd78db11 SIZE (rust/crates/maybe-async-0.2.10.crate) = 22107 SHA256 (rust/crates/md-5-0.10.6.crate) = d89e7ee0cfbedfc4da3340218492196241d89eefb6dab27de5df917a6d2e78cf @@ -755,6 +753,8 @@ SHA256 (rust/crates/portable-atomic-1.11.0.crate) = 350e9b48cbc6b0e028b0473b1144 SIZE (rust/crates/portable-atomic-1.11.0.crate) = 181258 SHA256 (rust/crates/portable-atomic-util-0.2.4.crate) = d8a2f0d8d040d7848a709caf78912debcc3f33ee4b3cac47d73d1e1069e83507 SIZE (rust/crates/portable-atomic-util-0.2.4.crate) = 47043 +SHA256 (rust/crates/potential_utf-0.1.2.crate) = e5a7c30837279ca13e7c867e9e40053bc68740f988cb07f7ca6df43cc734b585 +SIZE (rust/crates/potential_utf-0.1.2.crate) = 9613 SHA256 (rust/crates/powerfmt-0.2.0.crate) = 439ee305def115ba05938db6eb1644ff94165c5ab5e9420d1c1bcedbba909391 SIZE (rust/crates/powerfmt-0.2.0.crate) = 15165 SHA256 (rust/crates/ppv-lite86-0.2.21.crate) = 85eae3c4ed2f50dcfe72643da4befc30deadb458a9b590d720cde2f2b1e97da9 @@ -785,10 +785,10 @@ SHA256 (rust/crates/qrcode-0.14.1.crate) = d68782463e408eb1e668cf6152704bd856c78 SIZE (rust/crates/qrcode-0.14.1.crate) = 66224 SHA256 (rust/crates/quick-error-2.0.1.crate) = a993555f31e5a609f617c12db6250dedcac1b0a85076912c436e6fc9b2c8e6a3 SIZE (rust/crates/quick-error-2.0.1.crate) = 14265 -SHA256 (rust/crates/quinn-0.11.7.crate) = c3bd15a6f2967aef83887dcb9fec0014580467e33720d073560cf015a5683012 -SIZE (rust/crates/quinn-0.11.7.crate) = 79387 -SHA256 (rust/crates/quinn-proto-0.11.11.crate) = bcbafbbdbb0f638fe3f35f3c56739f77a8a1d070cb25603226c83339b391472b -SIZE (rust/crates/quinn-proto-0.11.11.crate) = 229381 +SHA256 (rust/crates/quinn-0.11.8.crate) = 626214629cda6781b6dc1d316ba307189c85ba657213ce642d9c77670f8202c8 +SIZE (rust/crates/quinn-0.11.8.crate) = 79949 +SHA256 (rust/crates/quinn-proto-0.11.12.crate) = 49df843a9161c85bb8aae55f101bc0bac8bcafd637a620d9122fd7e0b2f7422e +SIZE (rust/crates/quinn-proto-0.11.12.crate) = 235821 SHA256 (rust/crates/quinn-udp-0.5.12.crate) = ee4e529991f949c5e25755532370b8af5d114acae52326361d68d47af64aa842 SIZE (rust/crates/quinn-udp-0.5.12.crate) = 31825 SHA256 (rust/crates/quote-1.0.40.crate) = 1885c039570dc00dcb4ff087a89e185fd56bae234ddc7f056a945bf36467248d @@ -843,8 +843,8 @@ SHA256 (rust/crates/runloop-0.1.0.crate) = 5d79b4b604167921892e84afbbaad9d5ad74e SIZE (rust/crates/runloop-0.1.0.crate) = 8610 SHA256 (rust/crates/rusqlite-0.35.0.crate) = a22715a5d6deef63c637207afbe68d0c72c3f8d0022d7cf9714c442d6157606b SIZE (rust/crates/rusqlite-0.35.0.crate) = 166186 -SHA256 (rust/crates/rust-embed-8.7.0.crate) = e5fbc0ee50fcb99af7cebb442e5df7b5b45e9460ffa3f8f549cd26b862bec49d -SIZE (rust/crates/rust-embed-8.7.0.crate) = 907480 +SHA256 (rust/crates/rust-embed-8.7.1.crate) = 60e425e204264b144d4c929d126d0de524b40a961686414bab5040f7465c71be +SIZE (rust/crates/rust-embed-8.7.1.crate) = 906558 SHA256 (rust/crates/rust-embed-impl-8.7.0.crate) = 6bf418c9a2e3f6663ca38b8a7134cc2c2167c9d69688860e8961e3faa731702e SIZE (rust/crates/rust-embed-impl-8.7.0.crate) = 10171 SHA256 (rust/crates/rust-embed-utils-8.7.0.crate) = 08d55b95147fe01265d06b3955db798bdaed52e60e2211c41137701b3aba8e21 @@ -861,16 +861,16 @@ SHA256 (rust/crates/rustix-0.38.44.crate) = fdb5bc1ae2baa591800df16c9ca78619bf65 SIZE (rust/crates/rustix-0.38.44.crate) = 379347 SHA256 (rust/crates/rustix-1.0.7.crate) = c71e83d6afe7ff64890ec6b71d6a69bb8a610ab78ce364b3352876bb4c801266 SIZE (rust/crates/rustix-1.0.7.crate) = 414500 -SHA256 (rust/crates/rustls-0.23.26.crate) = df51b5869f3a441595eac5e8ff14d486ff285f7b8c0df8770e49c3b56351f0f0 -SIZE (rust/crates/rustls-0.23.26.crate) = 347849 +SHA256 (rust/crates/rustls-0.23.27.crate) = 730944ca083c1c233a75c09f199e973ca499344a2b7ba9e755c457e86fb4a321 +SIZE (rust/crates/rustls-0.23.27.crate) = 355915 SHA256 (rust/crates/rustls-native-certs-0.8.1.crate) = 7fcff2dd52b58a8d98a70243663a0d234c4e2b79235637849d15913394a247d3 SIZE (rust/crates/rustls-native-certs-0.8.1.crate) = 31129 SHA256 (rust/crates/rustls-pemfile-2.2.0.crate) = dce314e5fee3f39953d46bb63bb8a46d40c2f8fb7cc5a3b6cab2bde9721d6e50 SIZE (rust/crates/rustls-pemfile-2.2.0.crate) = 25849 -SHA256 (rust/crates/rustls-pki-types-1.11.0.crate) = 917ce264624a4b4db1c364dcc35bfca9ded014d0a958cd47ad3e960e988ea51c -SIZE (rust/crates/rustls-pki-types-1.11.0.crate) = 63933 -SHA256 (rust/crates/rustls-webpki-0.103.1.crate) = fef8b8769aaccf73098557a87cd1816b4f9c7c16811c9c77142aa695c16f2c03 -SIZE (rust/crates/rustls-webpki-0.103.1.crate) = 820273 +SHA256 (rust/crates/rustls-pki-types-1.12.0.crate) = 229a4a4c221013e7e1f1a043678c5cc39fe5171437c88fb47151a21e6f5b5c79 +SIZE (rust/crates/rustls-pki-types-1.12.0.crate) = 64740 +SHA256 (rust/crates/rustls-webpki-0.103.3.crate) = e4a72fe2bcf7a6ac6fd7d0b9e5cb68aeb7d4c0a0271730218b3e92d43b4eb435 +SIZE (rust/crates/rustls-webpki-0.103.3.crate) = 81840 SHA256 (rust/crates/rustversion-1.0.20.crate) = eded382c5f5f786b989652c49544c4877d9f015cc22e145a5ea8ea66c2921cd2 SIZE (rust/crates/rustversion-1.0.20.crate) = 20666 SHA256 (rust/crates/ryu-1.0.20.crate) = 28d3b2b1366ec20994f1fd18c3c594f05c5dd4bc44d8bb0c1c632c8d6829481f @@ -979,8 +979,8 @@ SHA256 (rust/crates/system-configuration-sys-0.5.0.crate) = a75fb188eb626b924683 SIZE (rust/crates/system-configuration-sys-0.5.0.crate) = 6730 SHA256 (rust/crates/target-lexicon-0.12.16.crate) = 61c41af27dd6d1e27b1b16b489db798443478cef1f06a660c96db617ba5de3b1 SIZE (rust/crates/target-lexicon-0.12.16.crate) = 26488 -SHA256 (rust/crates/tempfile-3.19.1.crate) = 7437ac7763b9b123ccf33c338a5cc1bac6f69b45a136c19bdd8a65e3916435bf -SIZE (rust/crates/tempfile-3.19.1.crate) = 39634 +SHA256 (rust/crates/tempfile-3.20.0.crate) = e8a64e3985349f2441a1a9ef0b853f869006c3855f2cda6862a94d26ebb9d6a1 +SIZE (rust/crates/tempfile-3.20.0.crate) = 42306 SHA256 (rust/crates/thiserror-1.0.69.crate) = b6aaf5339b578ea85b50e080feb250a3e8ae8cfcdff9a461c9ec2904bc923f52 SIZE (rust/crates/thiserror-1.0.69.crate) = 22198 SHA256 (rust/crates/thiserror-2.0.12.crate) = 567b8a2dae586314f7be2a752ec7474332959c6460e02bde30d702a66d488708 @@ -1001,8 +1001,8 @@ SHA256 (rust/crates/time-core-0.1.4.crate) = c9e9a38711f559d9e3ce1cdb06dd7c5b8ea SIZE (rust/crates/time-core-0.1.4.crate) = 8422 SHA256 (rust/crates/time-macros-0.2.22.crate) = 3526739392ec93fd8b359c8e98514cb3e8e021beb4e5f597b00a0221f8ed8a49 SIZE (rust/crates/time-macros-0.2.22.crate) = 24604 -SHA256 (rust/crates/tinystr-0.7.6.crate) = 9117f5d4db391c1cf6927e7bea3db74b9a1c1add8f7eda9ffd5364f40f57b82f -SIZE (rust/crates/tinystr-0.7.6.crate) = 16971 +SHA256 (rust/crates/tinystr-0.8.1.crate) = 5d4f6d1145dcb577acf783d4e601bc1d76a13337bb54e6233add580b07344c8b +SIZE (rust/crates/tinystr-0.8.1.crate) = 23333 SHA256 (rust/crates/tinyvec-1.9.0.crate) = 09b3661f17e86524eccd4371ab0429194e0d7c008abb45f7a7495b1719463c71 SIZE (rust/crates/tinyvec-1.9.0.crate) = 54137 SHA256 (rust/crates/tinyvec_macros-0.1.1.crate) = 1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20 @@ -1011,8 +1011,8 @@ SHA256 (rust/crates/tls_codec-0.4.2.crate) = 0de2e01245e2bb89d6f05801c564fa27624 SIZE (rust/crates/tls_codec-0.4.2.crate) = 27213 SHA256 (rust/crates/tls_codec_derive-0.4.2.crate) = 2d2e76690929402faae40aebdda620a2c0e25dd6d3b9afe48867dfd95991f4bd SIZE (rust/crates/tls_codec_derive-0.4.2.crate) = 25155 -SHA256 (rust/crates/tokio-1.44.2.crate) = e6b88822cbe49de4185e3a4cbf8321dd487cf5fe0c5c65695fef6346371e9c48 -SIZE (rust/crates/tokio-1.44.2.crate) = 841618 +SHA256 (rust/crates/tokio-1.45.0.crate) = 2513ca694ef9ede0fb23fe71a4ee4107cb102b9dc1930f6d0fd77aae068ae165 +SIZE (rust/crates/tokio-1.45.0.crate) = 800721 SHA256 (rust/crates/tokio-macros-2.5.0.crate) = 6e06d43f1345a3bcd39f6a56dbb7dcab2ba47e68e8ac134855e7e2bdbaf8cab8 SIZE (rust/crates/tokio-macros-2.5.0.crate) = 12617 SHA256 (rust/crates/tokio-native-tls-0.3.1.crate) = bbae76ab933c85776efabc971569dd6119c580d8f5d448769dec1764bf796ef2 @@ -1039,8 +1039,8 @@ SHA256 (rust/crates/tower-0.4.13.crate) = b8fa9be0de6cf49e536ce1851f987bd21a43b7 SIZE (rust/crates/tower-0.4.13.crate) = 106906 SHA256 (rust/crates/tower-0.5.2.crate) = d039ad9159c98b70ecfd540b2573b97f7f52c3e8d9f8ad57a24b916a536975f9 SIZE (rust/crates/tower-0.5.2.crate) = 109417 -SHA256 (rust/crates/tower-http-0.6.2.crate) = 403fa3b783d4b626a8ad51d766ab03cb6d2dbfc46b1c5d4448395e6628dc9697 -SIZE (rust/crates/tower-http-0.6.2.crate) = 129672 +SHA256 (rust/crates/tower-http-0.6.4.crate) = 0fdb0c213ca27a9f57ab69ddb290fd80d970922355b83ae380b395d3986b8a2e +SIZE (rust/crates/tower-http-0.6.4.crate) = 132254 SHA256 (rust/crates/tower-layer-0.3.3.crate) = 121c2a6cda46980bb0fcd1647ffaf6cd3fc79a013de288782836f6df9c48780e SIZE (rust/crates/tower-layer-0.3.3.crate) = 6180 SHA256 (rust/crates/tower-service-0.3.3.crate) = 8df9b6e13f2d32c91b9bd719c00d1958837bc7dec474d94952798cc8e69eeec3 @@ -1085,8 +1085,6 @@ SHA256 (rust/crates/url-2.5.4.crate) = 32f8b686cadd1473f4bd0117a5d28d36b1ade384e SIZE (rust/crates/url-2.5.4.crate) = 81097 SHA256 (rust/crates/urlencoding-2.1.3.crate) = daf8dba3b7eb870caf1ddeed7bc9d2a049f3cfdfae7cb521b087cc33ae4c49da SIZE (rust/crates/urlencoding-2.1.3.crate) = 6538 -SHA256 (rust/crates/utf16_iter-1.0.5.crate) = c8232dd3cdaed5356e0f716d285e4b40b932ac434100fe9b7e0e8e935b9e6246 -SIZE (rust/crates/utf16_iter-1.0.5.crate) = 9736 SHA256 (rust/crates/utf8_iter-1.0.4.crate) = b6c140620e7ffbb22c2dee59cafe6084a59b5ffc27a8859a5f0d494b5d52b6be SIZE (rust/crates/utf8_iter-1.0.4.crate) = 10437 SHA256 (rust/crates/utf8parse-0.2.2.crate) = 06abde3611657adf66d383f00b093d7faecc7fa57071cce2578660c9f1010821 @@ -1147,8 +1145,10 @@ SHA256 (rust/crates/webauthn-rs-proto-0.5.1.crate) = 14e1367f70e7dc7b83afc971ce8 SIZE (rust/crates/webauthn-rs-proto-0.5.1.crate) = 13873 SHA256 (rust/crates/webdriver-0.50.0.crate) = 144ab979b12d36d65065635e646549925de229954de2eb3b47459b432a42db71 SIZE (rust/crates/webdriver-0.50.0.crate) = 32046 -SHA256 (rust/crates/webpki-roots-0.26.10.crate) = 37493cadf42a2a939ed404698ded7fb378bf301b5011f973361779a3a74f8c93 -SIZE (rust/crates/webpki-roots-0.26.10.crate) = 248904 +SHA256 (rust/crates/webpki-roots-0.26.11.crate) = 521bc38abb08001b01866da9f51eb7c5d647a19260e00054a8c7fd5f9e57f7a9 +SIZE (rust/crates/webpki-roots-0.26.11.crate) = 15557 +SHA256 (rust/crates/webpki-roots-1.0.0.crate) = 2853738d1cc4f2da3a225c18ec6c3721abb31961096e9dbf5ab35fa88b19cfdb +SIZE (rust/crates/webpki-roots-1.0.0.crate) = 248893 SHA256 (rust/crates/weezl-0.1.8.crate) = 53a85b86a771b1c87058196170769dd264f66c0782acf1ae6cc51bfd64b39082 SIZE (rust/crates/weezl-0.1.8.crate) = 42175 SHA256 (rust/crates/which-4.4.2.crate) = 87ba24419a2078cd2b0f2ede2691b6c66d8e47836da3b6db8265ebad47afbfc7 @@ -1255,30 +1255,24 @@ SHA256 (rust/crates/windows_x86_64_msvc-0.53.0.crate) = 271414315aff87387382ec3d SIZE (rust/crates/windows_x86_64_msvc-0.53.0.crate) = 834400 SHA256 (rust/crates/winnow-0.6.26.crate) = 1e90edd2ac1aa278a5c4599b1d89cf03074b610800f866d4026dc199d7929a28 SIZE (rust/crates/winnow-0.6.26.crate) = 167349 -SHA256 (rust/crates/winnow-0.7.9.crate) = d9fb597c990f03753e08d3c29efbfcf2019a003b4bf4ba19225c158e1549f0f3 -SIZE (rust/crates/winnow-0.7.9.crate) = 174763 +SHA256 (rust/crates/winnow-0.7.10.crate) = c06928c8748d81b05c9be96aad92e1b6ff01833332f281e8cfca3be4b35fc9ec +SIZE (rust/crates/winnow-0.7.10.crate) = 176073 SHA256 (rust/crates/winreg-0.50.0.crate) = 524e57b2c537c0f9b1e69f1965311ec12182b4122e45035b1508cd24d2adadb1 SIZE (rust/crates/winreg-0.50.0.crate) = 29703 SHA256 (rust/crates/wit-bindgen-rt-0.39.0.crate) = 6f42320e61fe2cfd34354ecb597f86f413484a798ba44a8ca1165c58d42da6c1 SIZE (rust/crates/wit-bindgen-rt-0.39.0.crate) = 12241 -SHA256 (rust/crates/write16-1.0.0.crate) = d1890f4022759daae28ed4fe62859b1236caebfc61ede2f63ed4e695f3f6d936 -SIZE (rust/crates/write16-1.0.0.crate) = 7218 -SHA256 (rust/crates/writeable-0.5.5.crate) = 1e9df38ee2d2c3c5948ea468a8406ff0db0b29ae1ffde1bcf20ef305bcc95c51 -SIZE (rust/crates/writeable-0.5.5.crate) = 22354 +SHA256 (rust/crates/writeable-0.6.1.crate) = ea2f10b9bb0928dfb1b42b65e1f9e36f7f54dbdf08457afefb38afcdec4fa2bb +SIZE (rust/crates/writeable-0.6.1.crate) = 24068 SHA256 (rust/crates/x509-cert-0.2.5.crate) = 1301e935010a701ae5f8655edc0ad17c44bad3ac5ce8c39185f75453b720ae94 SIZE (rust/crates/x509-cert-0.2.5.crate) = 99819 SHA256 (rust/crates/x509-parser-0.16.0.crate) = fcbc162f30700d6f3f82a24bf7cc62ffe7caea42c0b2cba8bf7f3ae50cf51f69 SIZE (rust/crates/x509-parser-0.16.0.crate) = 92925 -SHA256 (rust/crates/yoke-0.7.5.crate) = 120e6aef9aa629e3d4f52dc8cc43a015c7724194c97dfaf45180d2daf2b77f40 -SIZE (rust/crates/yoke-0.7.5.crate) = 29673 -SHA256 (rust/crates/yoke-derive-0.7.5.crate) = 2380878cad4ac9aac1e2435f3eb4020e8374b5f13c296cb75b4620ff8e229154 -SIZE (rust/crates/yoke-derive-0.7.5.crate) = 7525 -SHA256 (rust/crates/zerocopy-0.7.35.crate) = 1b9b4fd18abc82b8136838da5d50bae7bdea537c574d8dc1a34ed098d6c166f0 -SIZE (rust/crates/zerocopy-0.7.35.crate) = 152645 +SHA256 (rust/crates/yoke-0.8.0.crate) = 5f41bb01b8226ef4bfd589436a297c53d118f65921786300e427be8d487695cc +SIZE (rust/crates/yoke-0.8.0.crate) = 28726 +SHA256 (rust/crates/yoke-derive-0.8.0.crate) = 38da3c9736e16c5d3c8c597a9aaa5d1fa565d0532ae05e27c24aa62fb32c0ab6 +SIZE (rust/crates/yoke-derive-0.8.0.crate) = 7521 SHA256 (rust/crates/zerocopy-0.8.25.crate) = a1702d9583232ddb9174e01bb7c15a2ab8fb1bc6f227aa1233858c351a3ba0cb SIZE (rust/crates/zerocopy-0.8.25.crate) = 252714 -SHA256 (rust/crates/zerocopy-derive-0.7.35.crate) = fa4f8080344d4671fb4e831a13ad1e68092748387dfc4f55e356242fae12ce3e -SIZE (rust/crates/zerocopy-derive-0.7.35.crate) = 37829 SHA256 (rust/crates/zerocopy-derive-0.8.25.crate) = 28a6e20d751156648aa063f3800b706ee209a32c0b4d9f24be3d980b01be55ef SIZE (rust/crates/zerocopy-derive-0.8.25.crate) = 87671 SHA256 (rust/crates/zerofrom-0.1.6.crate) = 50cc42e0333e05660c3587f3bf9d0478688e15d870fab3346451ce7f8c9fbea5 @@ -1289,10 +1283,12 @@ SHA256 (rust/crates/zeroize-1.8.1.crate) = ced3678a2879b30306d323f4542626697a464 SIZE (rust/crates/zeroize-1.8.1.crate) = 20029 SHA256 (rust/crates/zeroize_derive-1.4.2.crate) = ce36e65b0d2999d2aafac989fb249189a141aee1f53c612c1f37d72631959f69 SIZE (rust/crates/zeroize_derive-1.4.2.crate) = 11141 -SHA256 (rust/crates/zerovec-0.10.4.crate) = aa2b893d79df23bfb12d5461018d408ea19dfafe76c2c7ef6d4eba614f8ff079 -SIZE (rust/crates/zerovec-0.10.4.crate) = 126398 -SHA256 (rust/crates/zerovec-derive-0.10.3.crate) = 6eafa6dfb17584ea3e2bd6e76e0cc15ad7af12b09abdd1ca55961bed9b1063c6 -SIZE (rust/crates/zerovec-derive-0.10.3.crate) = 19438 +SHA256 (rust/crates/zerotrie-0.2.2.crate) = 36f0bbd478583f79edad978b407914f61b2972f5af6fa089686016be8f9af595 +SIZE (rust/crates/zerotrie-0.2.2.crate) = 74423 +SHA256 (rust/crates/zerovec-0.11.2.crate) = 4a05eb080e015ba39cc9e23bbe5e7fb04d5fb040350f99f34e338d5fdd294428 +SIZE (rust/crates/zerovec-0.11.2.crate) = 124500 +SHA256 (rust/crates/zerovec-derive-0.11.1.crate) = 5b96237efa0c878c64bd89c436f661be4e46b2f3eff1ebb976f7ef2321d2f58f +SIZE (rust/crates/zerovec-derive-0.11.1.crate) = 21294 SHA256 (rust/crates/zip-0.6.6.crate) = 760394e246e4c28189f19d488c058bf16f564016aefac5d32bb1f3b51d5e9261 SIZE (rust/crates/zip-0.6.6.crate) = 65789 SHA256 (rust/crates/zune-core-0.4.12.crate) = 3f423a2c17029964870cfaabb1f13dfab7d092a62a29a89264f4d36990ca414a @@ -1301,11 +1297,11 @@ SHA256 (rust/crates/zune-jpeg-0.4.14.crate) = 99a5bab8d7dedf81405c4bb1f2b83ea057 SIZE (rust/crates/zune-jpeg-0.4.14.crate) = 63388 SHA256 (rust/crates/zxcvbn-3.1.0.crate) = ad76e35b00ad53688d6b90c431cabe3cbf51f7a4a154739e04b63004ab1c736c SIZE (rust/crates/zxcvbn-3.1.0.crate) = 424952 -SHA256 (Firstyear-rust-sshkeys-3a081cbf7480628223bcb96fc8aaa8c19109d007_GH0.tar.gz) = 4dc13e394e5b3237daa197d1952422b4e9b092724bd356de362092fb2f1ce376 -SIZE (Firstyear-rust-sshkeys-3a081cbf7480628223bcb96fc8aaa8c19109d007_GH0.tar.gz) = 31393 +SHA256 (Firstyear-rust-sshkeys-49cb53232115d3aea86cd059b151e376293805fc_GH0.tar.gz) = 20e1c826752b0e144128f020cf953e96532232983831af3afb74f0c81f32fffd +SIZE (Firstyear-rust-sshkeys-49cb53232115d3aea86cd059b151e376293805fc_GH0.tar.gz) = 31429 SHA256 (Firstyear-libnss-rs-763da4beaadc1e475b89ed876de31a5e393f6d30_GH0.tar.gz) = 0ac9d8c22288fc2d236ae447c867cfca07de5a44182631a68a96fb8587f23870 SIZE (Firstyear-libnss-rs-763da4beaadc1e475b89ed876de31a5e393f6d30_GH0.tar.gz) = 12094 -SHA256 (Firstyear-compact-jwt-b3d2b5700cfe567d384c81df35d25537fbf7f110_GH0.tar.gz) = f9308a607e2ad1755c67452f52acd1d7c0f3d30d40f15551d3e7ad3bacc4a3da -SIZE (Firstyear-compact-jwt-b3d2b5700cfe567d384c81df35d25537fbf7f110_GH0.tar.gz) = 62309 -SHA256 (kanidm-kanidm-v1.6.0_GH0.tar.gz) = ece0c090eecddbda54c12d1e50e72daca5c9348bc199c7cb1c0f25935b5c786b -SIZE (kanidm-kanidm-v1.6.0_GH0.tar.gz) = 8648803 +SHA256 (Firstyear-compact-jwt-043976842773dd035fe394261347edeb644e3091_GH0.tar.gz) = 8ef6d8217b5cde04f624cac7eb27dd922b08aa3d815d38a11920a032115c5584 +SIZE (Firstyear-compact-jwt-043976842773dd035fe394261347edeb644e3091_GH0.tar.gz) = 62413 +SHA256 (kanidm-kanidm-v1.6.3_GH0.tar.gz) = f1e9a52a1d9f829e278a9fdb56aac85767efa768f92b3158719b8c5353302dbd +SIZE (kanidm-kanidm-v1.6.3_GH0.tar.gz) = 8650715 diff --git a/security/keysmith/distinfo b/security/keysmith/distinfo index 4bd948e4c76e..32a474b7923f 100644 --- a/security/keysmith/distinfo +++ b/security/keysmith/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1749036945 -SHA256 (KDE/release-service/25.04.2/keysmith-25.04.2.tar.xz) = abda95423d1b66d334a5723a71f25c274088526dc25bd42abfcbdc7ffe8300f2 -SIZE (KDE/release-service/25.04.2/keysmith-25.04.2.tar.xz) = 237388 +TIMESTAMP = 1751381646 +SHA256 (KDE/release-service/25.04.3/keysmith-25.04.3.tar.xz) = 7c823ac8a6f7d70dfb0d2b8a5c4bbca5c0bfa43959671776d0178c4e5969ae90 +SIZE (KDE/release-service/25.04.3/keysmith-25.04.3.tar.xz) = 237392 diff --git a/security/kgpg/distinfo b/security/kgpg/distinfo index 71ebbc8d276d..d651c8c80ffd 100644 --- a/security/kgpg/distinfo +++ b/security/kgpg/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1749036948 -SHA256 (KDE/release-service/25.04.2/kgpg-25.04.2.tar.xz) = aad9c322e3f07de55bc9fd5a55c655ba0afdb24cb2500879b7cafc1f1ee03bed -SIZE (KDE/release-service/25.04.2/kgpg-25.04.2.tar.xz) = 3048980 +TIMESTAMP = 1751381649 +SHA256 (KDE/release-service/25.04.3/kgpg-25.04.3.tar.xz) = 3f2ec6dc5b1221908730066274bd0d2f6efe5c04c2a79b720cb25dce547e0e4e +SIZE (KDE/release-service/25.04.3/kgpg-25.04.3.tar.xz) = 3048996 diff --git a/security/kleopatra/Makefile b/security/kleopatra/Makefile index 021af0b579e1..afa65c5857a7 100644 --- a/security/kleopatra/Makefile +++ b/security/kleopatra/Makefile @@ -1,6 +1,5 @@ PORTNAME= kleopatra DISTVERSION= ${KDE_APPLICATIONS_VERSION} -PORTREVISION= 1 CATEGORIES= security kde kde-applications PATCH_SITES= https://invent.kde.org/pim/kleopatra/-/commit/ diff --git a/security/kleopatra/distinfo b/security/kleopatra/distinfo index f1f3b98769a3..3462d27fed3b 100644 --- a/security/kleopatra/distinfo +++ b/security/kleopatra/distinfo @@ -1,9 +1,9 @@ -TIMESTAMP = 1750496363 -SHA256 (KDE/release-service/25.04.2/kleopatra-25.04.2.tar.xz) = d155c416103fad173c361ea10f3ea1f6142297cc5be3598e9b062461336a3476 -SIZE (KDE/release-service/25.04.2/kleopatra-25.04.2.tar.xz) = 2851360 -SHA256 (KDE/release-service/25.04.2/10b618703d74618c09b5e2b16e2db9d829aed93b.patch) = 75f5c94d85eadad74dcef21f66c019946217a051a9e8b90803d5eceaadb3fcd4 -SIZE (KDE/release-service/25.04.2/10b618703d74618c09b5e2b16e2db9d829aed93b.patch) = 1241 -SHA256 (KDE/release-service/25.04.2/b1f3736de7ed3c2d4f58aa454064a4cd0f423250.patch) = c2796b58683b07eabeae48a517192460c474a1722d7022e796b94df6553d933d -SIZE (KDE/release-service/25.04.2/b1f3736de7ed3c2d4f58aa454064a4cd0f423250.patch) = 1585 -SHA256 (KDE/release-service/25.04.2/d4f777ffa137148302ca39d5a2238c01c896605d.patch) = 0120d812f9a57cbd4a5a2718fbbc9acef090841701cb2c6b4f11a596986840e6 -SIZE (KDE/release-service/25.04.2/d4f777ffa137148302ca39d5a2238c01c896605d.patch) = 1573 +TIMESTAMP = 1751381652 +SHA256 (KDE/release-service/25.04.3/kleopatra-25.04.3.tar.xz) = 7c9ad9d10cd368d58cdadd41f78b8a41853b8cd2b15eb55472f3b5ce707ad1c2 +SIZE (KDE/release-service/25.04.3/kleopatra-25.04.3.tar.xz) = 2850224 +SHA256 (KDE/release-service/25.04.3/10b618703d74618c09b5e2b16e2db9d829aed93b.patch) = 75f5c94d85eadad74dcef21f66c019946217a051a9e8b90803d5eceaadb3fcd4 +SIZE (KDE/release-service/25.04.3/10b618703d74618c09b5e2b16e2db9d829aed93b.patch) = 1241 +SHA256 (KDE/release-service/25.04.3/b1f3736de7ed3c2d4f58aa454064a4cd0f423250.patch) = c2796b58683b07eabeae48a517192460c474a1722d7022e796b94df6553d933d +SIZE (KDE/release-service/25.04.3/b1f3736de7ed3c2d4f58aa454064a4cd0f423250.patch) = 1585 +SHA256 (KDE/release-service/25.04.3/d4f777ffa137148302ca39d5a2238c01c896605d.patch) = 0120d812f9a57cbd4a5a2718fbbc9acef090841701cb2c6b4f11a596986840e6 +SIZE (KDE/release-service/25.04.3/d4f777ffa137148302ca39d5a2238c01c896605d.patch) = 1573 diff --git a/security/kpkpass/distinfo b/security/kpkpass/distinfo index aedda9c2c49a..0a1d98b0270a 100644 --- a/security/kpkpass/distinfo +++ b/security/kpkpass/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1749036952 -SHA256 (KDE/release-service/25.04.2/kpkpass-25.04.2.tar.xz) = f317db3bd8c7c34d70727353315c831673a16b0a70da75f075cbb5a9dad2f931 -SIZE (KDE/release-service/25.04.2/kpkpass-25.04.2.tar.xz) = 29692 +TIMESTAMP = 1751381655 +SHA256 (KDE/release-service/25.04.3/kpkpass-25.04.3.tar.xz) = 68a9a069cd2ed7c911b6c4a515feec75a88507a445294d5a5391bbb8030081de +SIZE (KDE/release-service/25.04.3/kpkpass-25.04.3.tar.xz) = 29684 diff --git a/security/kwalletmanager/distinfo b/security/kwalletmanager/distinfo index 8b9380d7b9fd..0f541d8d4a38 100644 --- a/security/kwalletmanager/distinfo +++ b/security/kwalletmanager/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1749036955 -SHA256 (KDE/release-service/25.04.2/kwalletmanager-25.04.2.tar.xz) = 626a240826f551841395bc61742ef45390995df57cd9aecd44a9fdb17b96cf28 -SIZE (KDE/release-service/25.04.2/kwalletmanager-25.04.2.tar.xz) = 1052996 +TIMESTAMP = 1751381657 +SHA256 (KDE/release-service/25.04.3/kwalletmanager-25.04.3.tar.xz) = 25b66d8e3da9548ecb0236fd0cfc50d6e98a385ca2092d6565f75a753f3229ea +SIZE (KDE/release-service/25.04.3/kwalletmanager-25.04.3.tar.xz) = 1053004 diff --git a/security/libkleo/Makefile b/security/libkleo/Makefile index 19824ceb7dda..ad3c33e5d9fb 100644 --- a/security/libkleo/Makefile +++ b/security/libkleo/Makefile @@ -1,6 +1,5 @@ PORTNAME= libkleo DISTVERSION= ${KDE_APPLICATIONS_VERSION} -PORTREVISION= 1 CATEGORIES= security kde kde-applications MAINTAINER= kde@FreeBSD.org diff --git a/security/libkleo/distinfo b/security/libkleo/distinfo index 09e3eb9eb240..7d0f179e2181 100644 --- a/security/libkleo/distinfo +++ b/security/libkleo/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1749036957 -SHA256 (KDE/release-service/25.04.2/libkleo-25.04.2.tar.xz) = 34feb9871d8a0e6ded0a7baa95f78fdac28c13d7b00ee9296bd1669e0c605f6a -SIZE (KDE/release-service/25.04.2/libkleo-25.04.2.tar.xz) = 655088 +TIMESTAMP = 1751381660 +SHA256 (KDE/release-service/25.04.3/libkleo-25.04.3.tar.xz) = 7c9b334b226c990d5193b2e66a3ce8de1c5ea6c2afc9175280e6f44d02a7caa8 +SIZE (KDE/release-service/25.04.3/libkleo-25.04.3.tar.xz) = 655108 diff --git a/security/lime/Makefile b/security/lime/Makefile index d94686d00af0..0315dec4d176 100644 --- a/security/lime/Makefile +++ b/security/lime/Makefile @@ -1,5 +1,5 @@ PORTNAME= lime -DISTVERSION= 5.4.2 +DISTVERSION= 5.4.24 CATEGORIES= security MAINTAINER= bofh@FreeBSD.org @@ -20,8 +20,7 @@ USE_GITLAB= yes GL_SITE= https://gitlab.linphone.org/BC GL_ACCOUNT= public -CMAKE_ARGS= -DCMAKE_PREFIX_PATH=${LOCALBASE} \ - -DENABLE_STRICT=NO \ +CMAKE_ARGS= -DENABLE_STRICT=NO \ -DENABLE_UNIT_TESTS=NO .include <bsd.port.mk> diff --git a/security/lime/distinfo b/security/lime/distinfo index c58fa25b259f..ad4f709f3363 100644 --- a/security/lime/distinfo +++ b/security/lime/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1743023454 -SHA256 (lime-5.4.2.tar.bz2) = 46f03be330a37186ed330dfbfe64fb4887a683bfb889f33aa1bfd3c54780a8a6 -SIZE (lime-5.4.2.tar.bz2) = 677782 +TIMESTAMP = 1751281759 +SHA256 (lime-5.4.24.tar.bz2) = e06de2ad663f8735dc22a06153910aa511834493b17c2f2e1dfce2c247fcc02b +SIZE (lime-5.4.24.tar.bz2) = 677362 diff --git a/security/nettle/Makefile b/security/nettle/Makefile index 79573ea82af5..ddea868f1be1 100644 --- a/security/nettle/Makefile +++ b/security/nettle/Makefile @@ -1,5 +1,5 @@ PORTNAME= nettle -PORTVERSION= 3.10.1 +PORTVERSION= 3.10.2 CATEGORIES= security MASTER_SITES= GNU \ https://www.lysator.liu.se/~nisse/archive/ diff --git a/security/nettle/distinfo b/security/nettle/distinfo index 97625f47b80f..ceeab63d0f14 100644 --- a/security/nettle/distinfo +++ b/security/nettle/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1735705131 -SHA256 (nettle-3.10.1.tar.gz) = b0fcdd7fc0cdea6e80dcf1dd85ba794af0d5b4a57e26397eee3bc193272d9132 -SIZE (nettle-3.10.1.tar.gz) = 2643267 +TIMESTAMP = 1751208138 +SHA256 (nettle-3.10.2.tar.gz) = fe9ff51cb1f2abb5e65a6b8c10a92da0ab5ab6eaf26e7fc2b675c45f1fb519b5 +SIZE (nettle-3.10.2.tar.gz) = 2644644 diff --git a/security/nettle/files/extra-patch-Makefile.in b/security/nettle/files/extra-patch-Makefile.in index 2974b822043a..2c1480398adf 100644 --- a/security/nettle/files/extra-patch-Makefile.in +++ b/security/nettle/files/extra-patch-Makefile.in @@ -1,6 +1,6 @@ ---- Makefile.in.orig 2023-06-01 18:40:35 UTC +--- Makefile.in.orig 2025-06-26 18:29:02 UTC +++ Makefile.in -@@ -19,7 +19,7 @@ OPT_NETTLE_SOURCES = @OPT_NETTLE_SOURCES@ +@@ -19,7 +19,7 @@ FAT_TEST_LIST = @FAT_TEST_LIST@ FAT_TEST_LIST = @FAT_TEST_LIST@ diff --git a/security/nettle/files/patch-configure b/security/nettle/files/patch-configure index 1b8f460d9501..d210a2e1be01 100644 --- a/security/nettle/files/patch-configure +++ b/security/nettle/files/patch-configure @@ -1,6 +1,6 @@ ---- configure.orig 2023-06-01 18:40:35 UTC +--- configure.orig 2025-06-26 18:29:02 UTC +++ configure -@@ -6638,7 +6638,7 @@ $as_echo "$as_me: WARNING: Cross compiling for linux. +@@ -7532,7 +7532,7 @@ printf "%s\n" "$as_me: WARNING: Cross compiling for li # and 64-bit in lib. Don't know about "kfreebsd", does # it follow the Linux fhs conventions? *:freebsd*:32) diff --git a/security/nettle/files/patch-examples-nettle-openssl.c b/security/nettle/files/patch-examples-nettle-openssl.c index d7cf037c61c3..006e654aa899 100644 --- a/security/nettle/files/patch-examples-nettle-openssl.c +++ b/security/nettle/files/patch-examples-nettle-openssl.c @@ -1,6 +1,6 @@ ---- examples/nettle-openssl.c.orig 2021-03-21 08:32:25 UTC +--- examples/nettle-openssl.c.orig 2025-06-26 18:29:03 UTC +++ examples/nettle-openssl.c -@@ -374,6 +374,7 @@ openssl_hash_update(void *p, +@@ -291,6 +291,7 @@ openssl_hash_update(void *p, EVP_DigestUpdate(ctx->evp, src, length); } @@ -8,7 +8,7 @@ #define OPENSSL_HASH(NAME, name) \ static void \ openssl_##name##_init(void *p) \ -@@ -404,6 +405,38 @@ nettle_openssl_##name = { \ +@@ -321,6 +322,38 @@ nettle_openssl_##name = { \ openssl_hash_update, \ openssl_##name##_digest \ }; @@ -46,4 +46,4 @@ +#endif OPENSSL_HASH(MD5, md5) - OPENSSL_HASH(SHA, sha1) + OPENSSL_HASH(SHA1, sha1) diff --git a/security/nettle/files/patch-powerpc64-p8-aes-decrypt-internal.asm b/security/nettle/files/patch-powerpc64-p8-aes-decrypt-internal.asm index 67ceabec79c5..e23c8a8f6463 100644 --- a/security/nettle/files/patch-powerpc64-p8-aes-decrypt-internal.asm +++ b/security/nettle/files/patch-powerpc64-p8-aes-decrypt-internal.asm @@ -1,4 +1,4 @@ ---- powerpc64/p8/aes-decrypt-internal.asm.orig 2024-06-16 15:27:54 UTC +--- powerpc64/p8/aes-decrypt-internal.asm.orig 2025-06-26 18:29:03 UTC +++ powerpc64/p8/aes-decrypt-internal.asm @@ -64,7 +64,7 @@ PROLOGUE(_nettle_aes_decrypt) diff --git a/security/nettle/files/patch-powerpc64-p8-aes-encrypt-internal.asm b/security/nettle/files/patch-powerpc64-p8-aes-encrypt-internal.asm index 313ba61a4f6b..67218e1caaf4 100644 --- a/security/nettle/files/patch-powerpc64-p8-aes-encrypt-internal.asm +++ b/security/nettle/files/patch-powerpc64-p8-aes-encrypt-internal.asm @@ -1,6 +1,6 @@ ---- powerpc64/p8/aes-encrypt-internal.asm.orig 2022-06-02 17:57:16 UTC +--- powerpc64/p8/aes-encrypt-internal.asm.orig 2025-06-26 18:29:03 UTC +++ powerpc64/p8/aes-encrypt-internal.asm -@@ -63,7 +63,7 @@ define(`S7', `v9') +@@ -64,7 +64,7 @@ PROLOGUE(_nettle_aes_encrypt) define(`FUNC_ALIGN', `5') PROLOGUE(_nettle_aes_encrypt) @@ -9,7 +9,7 @@ subi ROUNDS,ROUNDS,1 srdi LENGTH,LENGTH,4 -@@ -328,6 +328,6 @@ EPILOGUE(_nettle_aes_encrypt) +@@ -269,6 +269,6 @@ EPILOGUE(_nettle_aes_encrypt) .data .align 4 diff --git a/security/nettle/pkg-plist b/security/nettle/pkg-plist index 25ba25f62658..48c756c49b45 100644 --- a/security/nettle/pkg-plist +++ b/security/nettle/pkg-plist @@ -79,11 +79,11 @@ include/nettle/yarrow.h lib/libhogweed.a lib/libhogweed.so lib/libhogweed.so.6 -lib/libhogweed.so.6.10 +lib/libhogweed.so.6.11 lib/libnettle.a lib/libnettle.so lib/libnettle.so.8 -lib/libnettle.so.8.10 +lib/libnettle.so.8.11 libdata/pkgconfig/hogweed.pc libdata/pkgconfig/nettle.pc %%PORTDOCS%%%%DOCSDIR%%/NEWS diff --git a/security/nss/Makefile b/security/nss/Makefile index 9078124dc1b9..b99ebcb77547 100644 --- a/security/nss/Makefile +++ b/security/nss/Makefile @@ -1,5 +1,5 @@ PORTNAME= nss -PORTVERSION= 3.113 +PORTVERSION= 3.113.1 CATEGORIES= security MASTER_SITES= MOZILLA/security/${PORTNAME}/releases/${DISTNAME:tu:C/[-.]/_/g}_RTM/src diff --git a/security/nss/distinfo b/security/nss/distinfo index 1b9b86ef2940..fe38e674c30a 100644 --- a/security/nss/distinfo +++ b/security/nss/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1750348960 -SHA256 (nss-3.113.tar.gz) = acef06b512d3bd81c87a63b3c8653d258bb689d2191fc0e64decf5a1efa01c0f -SIZE (nss-3.113.tar.gz) = 76625834 +TIMESTAMP = 1751391207 +SHA256 (nss-3.113.1.tar.gz) = b8c586cc0ac60b76477f62483f664f119c26000a8189dd9ef417df7dbd33a2cc +SIZE (nss-3.113.1.tar.gz) = 76626220 diff --git a/security/openssl/Makefile b/security/openssl/Makefile index 863590936744..0c43cf9a6808 100644 --- a/security/openssl/Makefile +++ b/security/openssl/Makefile @@ -1,5 +1,5 @@ PORTNAME= openssl -PORTVERSION= 3.0.16 +PORTVERSION= 3.0.17 PORTEPOCH= 1 CATEGORIES= security devel MASTER_SITES= https://github.com/openssl/openssl/releases/download/${DISTNAME}/ diff --git a/security/openssl/distinfo b/security/openssl/distinfo index a995eee15899..110c105d736f 100644 --- a/security/openssl/distinfo +++ b/security/openssl/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1739293708 -SHA256 (openssl-3.0.16.tar.gz) = 57e03c50feab5d31b152af2b764f10379aecd8ee92f16c985983ce4a99f7ef86 -SIZE (openssl-3.0.16.tar.gz) = 15334967 +TIMESTAMP = 1751448128 +SHA256 (openssl-3.0.17.tar.gz) = dfdd77e4ea1b57ff3a6dbde6b0bdc3f31db5ac99e7fdd4eaf9e1fbb6ec2db8ce +SIZE (openssl-3.0.17.tar.gz) = 15344831 diff --git a/security/openssl31-quictls/Makefile b/security/openssl31-quictls/Makefile index 68804cb00ff3..f6b137be1d18 100644 --- a/security/openssl31-quictls/Makefile +++ b/security/openssl31-quictls/Makefile @@ -10,10 +10,13 @@ MAINTAINER= brnrd@FreeBSD.org COMMENT= QUIC capable fork of OpenSSL WWW= https://www.github.com/quictls/openssl +DEPRECATED= End-of-Life, please switch to security/quictls or OpenSSL 3.5 +EXPIRATION_DATE= 2025-03-14 + LICENSE= APACHE20 LICENSE_FILE= ${WRKSRC}/LICENSE.txt -CONFLICTS_INSTALL= boringssl libressl libressl-devel openssl openssl111 openssl3* openssl-quictls +CONFLICTS_INSTALL= boringssl libressl libressl-devel openssl openssl111 openssl3* openssl-quictls openssl33-quictls BROKEN_i386= ld: error: undefined symbol: __atomic_is_lock_free diff --git a/security/openssl31/Makefile b/security/openssl31/Makefile index 3f98568e46a7..4ef745ce5e89 100644 --- a/security/openssl31/Makefile +++ b/security/openssl31/Makefile @@ -11,7 +11,8 @@ WWW= https://www.openssl.org/ LICENSE= APACHE20 LICENSE_FILE= ${WRKSRC}/LICENSE.txt -#EXPIRATION_DATE= 2025-03-14 +DEPRECECATED= End-of-Life, will be removed when new vulnerabilities are reported or at end of quarter. Upgrade to security/openssl35 latest LTS. +EXPIRATION_DATE= 2025-03-14 CONFLICTS_INSTALL= boringssl libressl libressl-devel openssl openssl111 openssl3[2345] openssl*-quictls diff --git a/security/openssl32/Makefile b/security/openssl32/Makefile index ae59b26936e6..597dd245415c 100644 --- a/security/openssl32/Makefile +++ b/security/openssl32/Makefile @@ -1,5 +1,5 @@ PORTNAME= openssl -PORTVERSION= 3.2.4 +PORTVERSION= 3.2.5 CATEGORIES= security devel PKGNAMESUFFIX= 32 MASTER_SITES= https://github.com/openssl/openssl/releases/download/${DISTNAME}/ @@ -11,6 +11,8 @@ WWW= https://www.openssl.org/ LICENSE= APACHE20 LICENSE_FILE= ${WRKSRC}/LICENSE.txt +EXPIRATION_DATE= 2025-11-23 + CONFLICTS_INSTALL= boringssl libressl libressl-devel openssl openssl111 openssl3[1345] openssl*-quictls HAS_CONFIGURE= yes diff --git a/security/openssl32/distinfo b/security/openssl32/distinfo index 24e08af5bfb9..a79020e9f3da 100644 --- a/security/openssl32/distinfo +++ b/security/openssl32/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1739293970 -SHA256 (openssl-3.2.4.tar.gz) = b23ad7fd9f73e43ad1767e636040e88ba7c9e5775bfa5618436a0dd2c17c3716 -SIZE (openssl-3.2.4.tar.gz) = 17782746 +TIMESTAMP = 1751448354 +SHA256 (openssl-3.2.5.tar.gz) = b36347d024a0f5bd09fefcd6af7a58bb30946080eb8ce8f7be78562190d09879 +SIZE (openssl-3.2.5.tar.gz) = 17800797 diff --git a/security/openssl33-quictls/Makefile b/security/openssl33-quictls/Makefile new file mode 100644 index 000000000000..4d53a2b5a87d --- /dev/null +++ b/security/openssl33-quictls/Makefile @@ -0,0 +1,190 @@ +PORTNAME= openssl +DISTVERSIONPREFIX= ${PORTNAME}- +PORTVERSION= 3.3.0 +CATEGORIES= security devel +PKGNAMESUFFIX= 33-quictls + +MAINTAINER= brnrd@FreeBSD.org +COMMENT= QUIC capable fork of OpenSSL +WWW= https://www.github.com/quictls/quictls + +LICENSE= APACHE20 +LICENSE_FILE= ${WRKSRC}/LICENSE.txt + +CONFLICTS_INSTALL= boringssl libressl libressl-devel openssl openssl111 openssl3* openssl*-quictls + +BROKEN_i386= ld: error: undefined symbol: __atomic_is_lock_free + +HAS_CONFIGURE= yes +CONFIGURE_SCRIPT= config +CONFIGURE_ENV= PERL="${PERL}" +CONFIGURE_ARGS= --openssldir=${OPENSSLDIR} \ + --prefix=${PREFIX} + +USES= cpe perl5 +USE_PERL5= build +USE_GITHUB= yes +GH_ACCOUNT= quictls +GH_PROJECT= quictls + +TEST_TARGET= test + +LDFLAGS_i386= -Wl,-znotext + +MAKE_ARGS+= WHOLE_ARCHIVE_FLAG=--whole-archive CNF_LDFLAGS="${LDFLAGS}" +MAKE_ENV+= LIBRPATH="${PREFIX}/lib" GREP_OPTIONS= + +EXTRA_PATCHES+= ${.CURDIR}/../openssl/files/patch-crypto_async_arch_async__posix.h + +OPTIONS_GROUP= CIPHERS HASHES MODULES OPTIMIZE PROTOCOLS +OPTIONS_GROUP_CIPHERS= ARIA DES GOST IDEA SM4 RC2 RC4 RC5 WEAK-SSL-CIPHERS +OPTIONS_GROUP_HASHES= MD2 MD4 MDC2 RMD160 SM2 SM3 +OPTIONS_GROUP_OPTIMIZE= ASM SSE2 THREADS +OPTIONS_GROUP_MODULES= FIPS LEGACY +OPTIONS_DEFINE_i386= I386 +OPTIONS_GROUP_PROTOCOLS=NEXTPROTONEG SCTP SSL3 TLS1 TLS1_1 TLS1_2 + +OPTIONS_DEFINE= ASYNC CT MAN3 RFC3779 SHARED ZLIB + +OPTIONS_DEFAULT=ASM ASYNC CT DES EC FIPS GOST MAN3 MD4 NEXTPROTONEG \ + RC2 RC4 RMD160 SCTP SHARED SSE2 THREADS TLS1 TLS1_1 TLS1_2 + +OPTIONS_EXCLUDE_i386= FIPS + +OPTIONS_GROUP_OPTIMIZE_amd64= EC + +.if ${MACHINE_ARCH} == "amd64" +OPTIONS_GROUP_OPTIMIZE+= EC +.elif ${MACHINE_ARCH} == "mips64el" +OPTIONS_GROUP_OPTIMIZE+= EC +.endif + +OPTIONS_SUB= yes + +ARIA_DESC= ARIA (South Korean standard) +ASM_DESC= Assembler code +ASYNC_DESC= Asynchronous mode +CIPHERS_DESC= Block Cipher Support +CT_DESC= Certificate Transparency Support +DES_DESC= (Triple) Data Encryption Standard +EC_DESC= Optimize NIST elliptic curves +FIPS_DESC= Build FIPS provider (Note: NOT yet FIPS validated) +GOST_DESC= GOST (Russian standard) +HASHES_DESC= Hash Function Support +I386_DESC= i386 (instead of i486+) +IDEA_DESC= International Data Encryption Algorithm +LEGACY_DESC= Older algorithms +MAN3_DESC= Install API manpages (section 3, 7) +MD2_DESC= MD2 (obsolete) (requires LEGACY) +MD4_DESC= MD4 (unsafe) +MDC2_DESC= MDC-2 (patented, requires DES) +MODULES_DESC= Provider modules +NEXTPROTONEG_DESC= Next Protocol Negotiation (SPDY) +OPTIMIZE_DESC= Optimizations +PROTOCOLS_DESC= Protocol Support +RC2_DESC= RC2 (unsafe) +RC4_DESC= RC4 (unsafe) +RC5_DESC= RC5 (patented) +RMD160_DESC= RIPEMD-160 +RFC3779_DESC= RFC3779 support (BGP) +SCTP_DESC= SCTP (Stream Control Transmission) +SHARED_DESC= Build shared libraries +SM2_DESC= SM2 Elliptic Curve DH (Chinese standard) +SM3_DESC= SM3 256bit (Chinese standard) +SM4_DESC= SM4 128bit (Chinese standard) +SSE2_DESC= Runtime SSE2 detection +SSL3_DESC= SSLv3 (unsafe) +TLS1_DESC= TLSv1.0 (requires TLS1_1, TLS1_2) +TLS1_1_DESC= TLSv1.1 (requires TLS1_2) +TLS1_2_DESC= TLSv1.2 +WEAK-SSL-CIPHERS_DESC= Weak cipher support (unsafe) + +# Upstream default disabled options +.for _option in fips md2 ktls rc5 sctp ssl3 weak-ssl-ciphers zlib +${_option:tu}_CONFIGURE_ON= enable-${_option} +.endfor + +# Upstream default enabled options +.for _option in aria asm async ct des gost idea md4 mdc2 legacy \ + nextprotoneg rc2 rc4 rfc3779 rmd160 shared sm2 sm3 sm4 sse2 \ + threads tls1 tls1_1 tls1_2 +${_option:tu}_CONFIGURE_OFF= no-${_option} +.endfor + +MD2_IMPLIES= LEGACY +MDC2_IMPLIES= DES +TLS1_IMPLIES= TLS1_1 +TLS1_1_IMPLIES= TLS1_2 + +EC_CONFIGURE_ON= enable-ec_nistp_64_gcc_128 +FIPS_VARS= shlibs+=lib/ossl-modules/fips.so +I386_CONFIGURE_ON= 386 +LEGACY_VARS= shlibs+=lib/ossl-modules/legacy.so +MAN3_EXTRA_PATCHES_OFF= ${FILESDIR}/extra-patch-util_find-doc-nits +SHARED_MAKE_ENV= SHLIBVER=${OPENSSL_SHLIBVER} +SHARED_PLIST_SUB= SHLIBVER=${OPENSSL_SHLIBVER} +SHARED_USE= ldconfig=yes +SHARED_VARS= shlibs+="lib/libcrypto.so.${OPENSSL_SHLIBVER} \ + lib/libssl.so.${OPENSSL_SHLIBVER} \ + lib/engines-${OPENSSL_SHLIBVER}/capi.so \ + lib/engines-${OPENSSL_SHLIBVER}/devcrypto.so \ + lib/engines-${OPENSSL_SHLIBVER}/padlock.so" +SSL3_CONFIGURE_ON+= enable-ssl3-method +ZLIB_CONFIGURE_ON= zlib-dynamic + +SHLIBS= lib/engines-${OPENSSL_SHLIBVER}/loader_attic.so + +PORTSCOUT= limit:^${DISTVERSION:R:S/./\./g}\. + +.include <bsd.port.options.mk> + +.if ${ARCH} == powerpc64 +CONFIGURE_ARGS+= BSD-ppc64 +.elif ${ARCH} == powerpc64le +CONFIGURE_ARGS+= BSD-ppc64le +.elif ${ARCH} == riscv64 +CONFIGURE_ARGS+= BSD-riscv64 +.endif + +.include <bsd.port.pre.mk> +.if ${PREFIX} == /usr +IGNORE= the OpenSSL port can not be installed over the base version +.endif + +OPENSSLDIR?= ${PREFIX}/openssl +PLIST_SUB+= OPENSSLDIR=${OPENSSLDIR:S=^${PREFIX}/==} + +.include "version.mk" + +post-patch: + ${REINPLACE_CMD} -Ee 's|^MANDIR=.*$$|MANDIR=$$(INSTALLTOP)/share/man|' \ + -e 's|^(build\|install)_docs: .*|\1_docs: \1_man_docs|' \ + ${WRKSRC}/Configurations/unix-Makefile.tmpl + ${REINPLACE_CMD} 's|SHLIB_VERSION=3|SHLIB_VERSION=${OPENSSL_SHLIBVER}|' \ + ${WRKSRC}/VERSION.dat + +post-configure: + ( cd ${WRKSRC} ; ${PERL} configdata.pm --dump ) + +post-configure-MAN3-off: + ${REINPLACE_CMD} \ + -e 's|^build_man_docs:.*|build_man_docs: $$(MANDOCS1) $$(MANDOCS5)|' \ + -e 's|dummy $$(MANDOCS[37]); do |dummy; do |' \ + ${WRKSRC}/Makefile + +post-install-SHARED-on: +.for i in ${SHLIBS} + -@${STRIP_CMD} ${STAGEDIR}${PREFIX}/$i +.endfor + +post-install-SHARED-off: + ${RMDIR} ${STAGEDIR}${PREFIX}/lib/engines-${OPENSSL_SHLIBVER} + +post-install: + ${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/openssl + +post-install-MAN3-on: + ( cd ${STAGEDIR}/${PREFIX} ; find share/man/man3 -not -type d ; \ + find share/man/man7 -not -type d ) | sed 's/$$/.gz/' >> ${TMPPLIST} + +.include <bsd.port.post.mk> diff --git a/security/openssl33-quictls/distinfo b/security/openssl33-quictls/distinfo new file mode 100644 index 000000000000..4003eb7cc283 --- /dev/null +++ b/security/openssl33-quictls/distinfo @@ -0,0 +1,3 @@ +TIMESTAMP = 1751486314 +SHA256 (quictls-quictls-openssl-3.3.0_GH0.tar.gz) = ff194511e53c0bead06d316e6891deebb07e3713efc65ef938e22962a43579a4 +SIZE (quictls-quictls-openssl-3.3.0_GH0.tar.gz) = 18220759 diff --git a/security/openssl33-quictls/files/extra-patch-util_find-doc-nits b/security/openssl33-quictls/files/extra-patch-util_find-doc-nits new file mode 100644 index 000000000000..947f7447a445 --- /dev/null +++ b/security/openssl33-quictls/files/extra-patch-util_find-doc-nits @@ -0,0 +1,20 @@ +--- util/find-doc-nits.orig 2023-08-03 13:45:48 UTC ++++ util/find-doc-nits +@@ -80,7 +80,7 @@ my $temp = '/tmp/docnits.txt'; + my $OUT; + my $status = 0; + +-$opt_m = "man1,man3,man5,man7" unless $opt_m; ++$opt_m = "man1,man5" unless $opt_m; + die "Argument of -m option may contain only man1, man3, man5, and/or man7" + unless $opt_m =~ /^(man[1357][, ]?)*$/; + my @sections = ( split /[, ]/, $opt_m ); +@@ -725,7 +725,7 @@ sub check { + next if $target eq ''; # Skip if links within page, or + next if $target =~ /::/; # links to a Perl module, or + next if $target =~ /^https?:/; # is a URL link, or +- next if $target =~ /\([1357]\)$/; # it has a section ++ next if $target =~ /\([15]\)$/; # it has a section + err($id, "Missing man section number (likely, $mansect) in L<$target>") + } + # Check for proper links to commands. diff --git a/security/openssl33-quictls/files/patch-CVE-2024-9143 b/security/openssl33-quictls/files/patch-CVE-2024-9143 new file mode 100644 index 000000000000..f36b97f194f7 --- /dev/null +++ b/security/openssl33-quictls/files/patch-CVE-2024-9143 @@ -0,0 +1,198 @@ +From fdf6723362ca51bd883295efe206cb5b1cfa5154 Mon Sep 17 00:00:00 2001 +From: Viktor Dukhovni <viktor@openssl.org> +Date: Thu, 19 Sep 2024 01:02:40 +1000 +Subject: [PATCH] Harden BN_GF2m_poly2arr against misuse. + +The BN_GF2m_poly2arr() function converts characteristic-2 field +(GF_{2^m}) Galois polynomials from a representation as a BIGNUM bitmask, +to a compact array with just the exponents of the non-zero terms. + +These polynomials are then used in BN_GF2m_mod_arr() to perform modular +reduction. A precondition of calling BN_GF2m_mod_arr() is that the +polynomial must have a non-zero constant term (i.e. the array has `0` as +its final element). + +Internally, callers of BN_GF2m_poly2arr() did not verify that +precondition, and binary EC curve parameters with an invalid polynomial +could lead to out of bounds memory reads and writes in BN_GF2m_mod_arr(). + +The precondition is always true for polynomials that arise from the +standard form of EC parameters for characteristic-two fields (X9.62). +See the "Finite Field Identification" section of: + + https://www.itu.int/ITU-T/formal-language/itu-t/x/x894/2018-cor1/ANSI-X9-62.html + +The OpenSSL GF(2^m) code supports only the trinomial and pentanomial +basis X9.62 forms. + +This commit updates BN_GF2m_poly2arr() to return `0` (failure) when +the constant term is zero (i.e. the input bitmask BIGNUM is not odd). + +Additionally, the return value is made unambiguous when there is not +enough space to also pad the array with a final `-1` sentinel value. +The return value is now always the number of elements (including the +final `-1`) that would be filled when the output array is sufficiently +large. Previously the same count was returned both when the array has +just enough room for the final `-1` and when it had only enough space +for non-sentinel values. + +Finally, BN_GF2m_poly2arr() is updated to reject polynomials whose +degree exceeds `OPENSSL_ECC_MAX_FIELD_BITS`, this guards against +CPU exhausition attacks via excessively large inputs. + +The above issues do not arise in processing X.509 certificates. These +generally have EC keys from "named curves", and RFC5840 (Section 2.1.1) +disallows explicit EC parameters. The TLS code in OpenSSL enforces this +constraint only after the certificate is decoded, but, even if explicit +parameters are specified, they are in X9.62 form, which cannot represent +problem values as noted above. + +Initially reported as oss-fuzz issue 71623. + +A closely related issue was earlier reported in +<https://github.com/openssl/openssl/issues/19826>. + +Severity: Low, CVE-2024-9143 + +Reviewed-by: Matt Caswell <matt@openssl.org> +Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> +Reviewed-by: Paul Dale <ppzgs1@gmail.com> +Reviewed-by: Tomas Mraz <tomas@openssl.org> +(Merged from https://github.com/openssl/openssl/pull/25639) + +(cherry picked from commit 8e008cb8b23ec7dc75c45a66eeed09c815b11cd2) +--- + crypto/bn/bn_gf2m.c | 28 +++++++++++++++------- + test/ec_internal_test.c | 51 +++++++++++++++++++++++++++++++++++++++++ + 2 files changed, 71 insertions(+), 8 deletions(-) + +diff --git a/crypto/bn/bn_gf2m.c b/crypto/bn/bn_gf2m.c +index c811ae82d6b15..bcc66613cc14d 100644 +--- crypto/bn/bn_gf2m.c.orig ++++ crypto/bn/bn_gf2m.c +@@ -15,6 +15,7 @@ + #include "bn_local.h" + + #ifndef OPENSSL_NO_EC2M ++# include <openssl/ec.h> + + /* + * Maximum number of iterations before BN_GF2m_mod_solve_quad_arr should +@@ -1140,16 +1141,26 @@ int BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, + /* + * Convert the bit-string representation of a polynomial ( \sum_{i=0}^n a_i * + * x^i) into an array of integers corresponding to the bits with non-zero +- * coefficient. Array is terminated with -1. Up to max elements of the array +- * will be filled. Return value is total number of array elements that would +- * be filled if array was large enough. ++ * coefficient. The array is intended to be suitable for use with ++ * `BN_GF2m_mod_arr()`, and so the constant term of the polynomial must not be ++ * zero. This translates to a requirement that the input BIGNUM `a` is odd. ++ * ++ * Given sufficient room, the array is terminated with -1. Up to max elements ++ * of the array will be filled. ++ * ++ * The return value is total number of array elements that would be filled if ++ * array was large enough, including the terminating `-1`. It is `0` when `a` ++ * is not odd or the constant term is zero contrary to requirement. ++ * ++ * The return value is also `0` when the leading exponent exceeds ++ * `OPENSSL_ECC_MAX_FIELD_BITS`, this guards against CPU exhaustion attacks, + */ + int BN_GF2m_poly2arr(const BIGNUM *a, int p[], int max) + { + int i, j, k = 0; + BN_ULONG mask; + +- if (BN_is_zero(a)) ++ if (!BN_is_odd(a)) + return 0; + + for (i = a->top - 1; i >= 0; i--) { +@@ -1167,12 +1178,13 @@ int BN_GF2m_poly2arr(const BIGNUM *a, int p[], int max) + } + } + +- if (k < max) { ++ if (k > 0 && p[0] > OPENSSL_ECC_MAX_FIELD_BITS) ++ return 0; ++ ++ if (k < max) + p[k] = -1; +- k++; +- } + +- return k; ++ return k + 1; + } + + /* +diff --git a/test/ec_internal_test.c b/test/ec_internal_test.c +index 8c2cd05631696..02cfd4e9d8858 100644 +--- test/ec_internal_test.c.orig ++++ test/ec_internal_test.c +@@ -155,6 +155,56 @@ static int field_tests_ecp_mont(void) + } + + #ifndef OPENSSL_NO_EC2M ++/* Test that decoding of invalid GF2m field parameters fails. */ ++static int ec2m_field_sanity(void) ++{ ++ int ret = 0; ++ BN_CTX *ctx = BN_CTX_new(); ++ BIGNUM *p, *a, *b; ++ EC_GROUP *group1 = NULL, *group2 = NULL, *group3 = NULL; ++ ++ TEST_info("Testing GF2m hardening\n"); ++ ++ BN_CTX_start(ctx); ++ p = BN_CTX_get(ctx); ++ a = BN_CTX_get(ctx); ++ if (!TEST_ptr(b = BN_CTX_get(ctx)) ++ || !TEST_true(BN_one(a)) ++ || !TEST_true(BN_one(b))) ++ goto out; ++ ++ /* Even pentanomial value should be rejected */ ++ if (!TEST_true(BN_set_word(p, 0xf2))) ++ goto out; ++ if (!TEST_ptr_null(group1 = EC_GROUP_new_curve_GF2m(p, a, b, ctx))) ++ TEST_error("Zero constant term accepted in GF2m polynomial"); ++ ++ /* Odd hexanomial should also be rejected */ ++ if (!TEST_true(BN_set_word(p, 0xf3))) ++ goto out; ++ if (!TEST_ptr_null(group2 = EC_GROUP_new_curve_GF2m(p, a, b, ctx))) ++ TEST_error("Hexanomial accepted as GF2m polynomial"); ++ ++ /* Excessive polynomial degree should also be rejected */ ++ if (!TEST_true(BN_set_word(p, 0x71)) ++ || !TEST_true(BN_set_bit(p, OPENSSL_ECC_MAX_FIELD_BITS + 1))) ++ goto out; ++ if (!TEST_ptr_null(group3 = EC_GROUP_new_curve_GF2m(p, a, b, ctx))) ++ TEST_error("GF2m polynomial degree > %d accepted", ++ OPENSSL_ECC_MAX_FIELD_BITS); ++ ++ ret = group1 == NULL && group2 == NULL && group3 == NULL; ++ ++ out: ++ EC_GROUP_free(group1); ++ EC_GROUP_free(group2); ++ EC_GROUP_free(group3); ++ BN_CTX_end(ctx); ++ BN_CTX_free(ctx); ++ ++ return ret; ++} ++ + /* test EC_GF2m_simple_method directly */ + static int field_tests_ec2_simple(void) + { +@@ -443,6 +493,7 @@ int setup_tests(void) + ADD_TEST(field_tests_ecp_simple); + ADD_TEST(field_tests_ecp_mont); + #ifndef OPENSSL_NO_EC2M ++ ADD_TEST(ec2m_field_sanity); + ADD_TEST(field_tests_ec2_simple); + #endif + ADD_ALL_TESTS(field_tests_default, crv_len); diff --git a/security/openssl33-quictls/pkg-descr b/security/openssl33-quictls/pkg-descr new file mode 100644 index 000000000000..0373df3f0b26 --- /dev/null +++ b/security/openssl33-quictls/pkg-descr @@ -0,0 +1,8 @@ +This is a fork of OpenSSL to enable QUIC. This fork adds API that can be +used by QUIC implementations for connection handshakes. + +There is a community need for a QUIC capable TLS library. This fork is +intended as stopgap solution to enable higher level frameworks and runtimes +to use QUIC with the proven and reliable TLS functionality from OpenSSL. +This fork will be maintained until OpenSSL officially provides reasonable +support for QUIC implementations. diff --git a/security/openssl33-quictls/pkg-message b/security/openssl33-quictls/pkg-message new file mode 100644 index 000000000000..7cd49c285a43 --- /dev/null +++ b/security/openssl33-quictls/pkg-message @@ -0,0 +1,20 @@ +[ +{ type: install + message: <<EOM + +This QUIC capable OpenSSL fork is in an ALPHA stage + +Do NOT use for production! + +EOM +} +{ type: upgrade + message: <<EOM + +This QUIC capable OpenSSL fork is in an ALPHA stage + +Do NOT use for production! + +EOM +} +] diff --git a/security/openssl33-quictls/pkg-plist b/security/openssl33-quictls/pkg-plist new file mode 100644 index 000000000000..3e3f644f4a2c --- /dev/null +++ b/security/openssl33-quictls/pkg-plist @@ -0,0 +1,281 @@ +bin/c_rehash +bin/openssl +include/openssl/aes.h +include/openssl/asn1.h +include/openssl/asn1_mac.h +include/openssl/asn1err.h +include/openssl/asn1t.h +include/openssl/async.h +include/openssl/asyncerr.h +include/openssl/bio.h +include/openssl/bioerr.h +include/openssl/blowfish.h +include/openssl/bn.h +include/openssl/bnerr.h +include/openssl/buffer.h +include/openssl/buffererr.h +include/openssl/camellia.h +include/openssl/cast.h +include/openssl/cmac.h +include/openssl/cmp.h +include/openssl/cmp_util.h +include/openssl/cmperr.h +include/openssl/cms.h +include/openssl/cmserr.h +include/openssl/comp.h +include/openssl/comperr.h +include/openssl/conf.h +include/openssl/conf_api.h +include/openssl/conferr.h +include/openssl/configuration.h +include/openssl/conftypes.h +include/openssl/core.h +include/openssl/core_dispatch.h +include/openssl/core_names.h +include/openssl/core_object.h +include/openssl/crmf.h +include/openssl/crmferr.h +include/openssl/crypto.h +include/openssl/cryptoerr.h +include/openssl/cryptoerr_legacy.h +include/openssl/ct.h +include/openssl/cterr.h +include/openssl/decoder.h +include/openssl/decodererr.h +include/openssl/des.h +include/openssl/dh.h +include/openssl/dherr.h +include/openssl/dsa.h +include/openssl/dsaerr.h +include/openssl/dtls1.h +include/openssl/e_os2.h +include/openssl/e_ostime.h +include/openssl/ebcdic.h +include/openssl/ec.h +include/openssl/ecdh.h +include/openssl/ecdsa.h +include/openssl/ecerr.h +include/openssl/encoder.h +include/openssl/encodererr.h +include/openssl/engine.h +include/openssl/engineerr.h +include/openssl/err.h +include/openssl/ess.h +include/openssl/esserr.h +include/openssl/evp.h +include/openssl/evperr.h +include/openssl/fips_names.h +include/openssl/fipskey.h +include/openssl/hmac.h +include/openssl/hpke.h +include/openssl/http.h +include/openssl/httperr.h +include/openssl/idea.h +include/openssl/kdf.h +include/openssl/kdferr.h +include/openssl/lhash.h +include/openssl/macros.h +include/openssl/md2.h +include/openssl/md4.h +include/openssl/md5.h +include/openssl/mdc2.h +include/openssl/modes.h +include/openssl/obj_mac.h +include/openssl/objects.h +include/openssl/objectserr.h +include/openssl/ocsp.h +include/openssl/ocsperr.h +include/openssl/opensslconf.h +include/openssl/opensslv.h +include/openssl/ossl_typ.h +include/openssl/param_build.h +include/openssl/params.h +include/openssl/pem.h +include/openssl/pem2.h +include/openssl/pemerr.h +include/openssl/pkcs12.h +include/openssl/pkcs12err.h +include/openssl/pkcs7.h +include/openssl/pkcs7err.h +include/openssl/prov_ssl.h +include/openssl/proverr.h +include/openssl/provider.h +include/openssl/quic.h +include/openssl/rand.h +include/openssl/randerr.h +include/openssl/rc2.h +include/openssl/rc4.h +include/openssl/rc5.h +include/openssl/ripemd.h +include/openssl/rsa.h +include/openssl/rsaerr.h +include/openssl/safestack.h +include/openssl/seed.h +include/openssl/self_test.h +include/openssl/sha.h +include/openssl/srp.h +include/openssl/srtp.h +include/openssl/ssl.h +include/openssl/ssl2.h +include/openssl/ssl3.h +include/openssl/sslerr.h +include/openssl/sslerr_legacy.h +include/openssl/stack.h +include/openssl/store.h +include/openssl/storeerr.h +include/openssl/symhacks.h +include/openssl/thread.h +include/openssl/tls1.h +include/openssl/trace.h +include/openssl/ts.h +include/openssl/tserr.h +include/openssl/txt_db.h +include/openssl/types.h +include/openssl/ui.h +include/openssl/uierr.h +include/openssl/whrlpool.h +include/openssl/x509.h +include/openssl/x509_vfy.h +include/openssl/x509err.h +include/openssl/x509v3.h +include/openssl/x509v3err.h +lib/cmake/OpenSSL/OpenSSLConfig.cmake +lib/cmake/OpenSSL/OpenSSLConfigVersion.cmake +%%SHARED%%lib/engines-%%SHLIBVER%%/capi.so +%%SHARED%%lib/engines-%%SHLIBVER%%/devcrypto.so +%%SHARED%%lib/engines-%%SHLIBVER%%/loader_attic.so +%%SHARED%%lib/engines-%%SHLIBVER%%/padlock.so +lib/libcrypto.a +%%SHARED%%lib/libcrypto.so +%%SHARED%%lib/libcrypto.so.%%SHLIBVER%% +lib/libssl.a +%%SHARED%%lib/libssl.so +%%SHARED%%lib/libssl.so.%%SHLIBVER%% +%%FIPS%%%%SHARED%%lib/ossl-modules/fips.so +%%LEGACY%%%%SHARED%%lib/ossl-modules/legacy.so +libdata/pkgconfig/libcrypto.pc +libdata/pkgconfig/libssl.pc +libdata/pkgconfig/openssl.pc +share/man/man1/CA.pl.1ossl.gz +share/man/man1/asn1parse.1ossl.gz +share/man/man1/c_rehash.1ossl.gz +share/man/man1/ca.1ossl.gz +share/man/man1/ciphers.1ossl.gz +share/man/man1/cms.1ossl.gz +share/man/man1/cmp.1ossl.gz +share/man/man1/crl.1ossl.gz +share/man/man1/crl2pkcs7.1ossl.gz +share/man/man1/dgst.1ossl.gz +share/man/man1/dhparam.1ossl.gz +share/man/man1/dsa.1ossl.gz +share/man/man1/dsaparam.1ossl.gz +share/man/man1/ec.1ossl.gz +share/man/man1/ecparam.1ossl.gz +share/man/man1/enc.1ossl.gz +share/man/man1/engine.1ossl.gz +share/man/man1/errstr.1ossl.gz +share/man/man1/gendsa.1ossl.gz +share/man/man1/genpkey.1ossl.gz +share/man/man1/genrsa.1ossl.gz +share/man/man1/info.1ossl.gz +share/man/man1/kdf.1ossl.gz +share/man/man1/mac.1ossl.gz +share/man/man1/nseq.1ossl.gz +share/man/man1/ocsp.1ossl.gz +share/man/man1/openssl-asn1parse.1ossl.gz +share/man/man1/openssl-ca.1ossl.gz +share/man/man1/openssl-ciphers.1ossl.gz +share/man/man1/openssl-cmds.1ossl.gz +share/man/man1/openssl-cmp.1ossl.gz +share/man/man1/openssl-cms.1ossl.gz +share/man/man1/openssl-crl.1ossl.gz +share/man/man1/openssl-crl2pkcs7.1ossl.gz +share/man/man1/openssl-dgst.1ossl.gz +share/man/man1/openssl-dhparam.1ossl.gz +share/man/man1/openssl-dsa.1ossl.gz +share/man/man1/openssl-dsaparam.1ossl.gz +share/man/man1/openssl-ec.1ossl.gz +share/man/man1/openssl-ecparam.1ossl.gz +share/man/man1/openssl-enc.1ossl.gz +share/man/man1/openssl-engine.1ossl.gz +share/man/man1/openssl-errstr.1ossl.gz +share/man/man1/openssl-fipsinstall.1ossl.gz +share/man/man1/openssl-format-options.1ossl.gz +share/man/man1/openssl-gendsa.1ossl.gz +share/man/man1/openssl-genpkey.1ossl.gz +share/man/man1/openssl-genrsa.1ossl.gz +share/man/man1/openssl-info.1ossl.gz +share/man/man1/openssl-kdf.1ossl.gz +share/man/man1/openssl-list.1ossl.gz +share/man/man1/openssl-mac.1ossl.gz +share/man/man1/openssl-namedisplay-options.1ossl.gz +share/man/man1/openssl-nseq.1ossl.gz +share/man/man1/openssl-ocsp.1ossl.gz +share/man/man1/openssl-passphrase-options.1ossl.gz +share/man/man1/openssl-passwd.1ossl.gz +share/man/man1/openssl-pkcs12.1ossl.gz +share/man/man1/openssl-pkcs7.1ossl.gz +share/man/man1/openssl-pkcs8.1ossl.gz +share/man/man1/openssl-pkey.1ossl.gz +share/man/man1/openssl-pkeyparam.1ossl.gz +share/man/man1/openssl-pkeyutl.1ossl.gz +share/man/man1/openssl-prime.1ossl.gz +share/man/man1/openssl-rand.1ossl.gz +share/man/man1/openssl-rehash.1ossl.gz +share/man/man1/openssl-req.1ossl.gz +share/man/man1/openssl-rsa.1ossl.gz +share/man/man1/openssl-rsautl.1ossl.gz +share/man/man1/openssl-s_client.1ossl.gz +share/man/man1/openssl-s_server.1ossl.gz +share/man/man1/openssl-s_time.1ossl.gz +share/man/man1/openssl-sess_id.1ossl.gz +share/man/man1/openssl-smime.1ossl.gz +share/man/man1/openssl-speed.1ossl.gz +share/man/man1/openssl-spkac.1ossl.gz +share/man/man1/openssl-srp.1ossl.gz +share/man/man1/openssl-storeutl.1ossl.gz +share/man/man1/openssl-ts.1ossl.gz +share/man/man1/openssl-verification-options.1ossl.gz +share/man/man1/openssl-verify.1ossl.gz +share/man/man1/openssl-version.1ossl.gz +share/man/man1/openssl-x509.1ossl.gz +share/man/man1/openssl.1ossl.gz +share/man/man1/passwd.1ossl.gz +share/man/man1/pkcs12.1ossl.gz +share/man/man1/pkcs7.1ossl.gz +share/man/man1/pkcs8.1ossl.gz +share/man/man1/pkey.1ossl.gz +share/man/man1/pkeyparam.1ossl.gz +share/man/man1/pkeyutl.1ossl.gz +share/man/man1/prime.1ossl.gz +share/man/man1/rand.1ossl.gz +share/man/man1/rehash.1ossl.gz +share/man/man1/req.1ossl.gz +share/man/man1/rsa.1ossl.gz +share/man/man1/rsautl.1ossl.gz +share/man/man1/s_client.1ossl.gz +share/man/man1/s_server.1ossl.gz +share/man/man1/s_time.1ossl.gz +share/man/man1/sess_id.1ossl.gz +share/man/man1/smime.1ossl.gz +share/man/man1/speed.1ossl.gz +share/man/man1/spkac.1ossl.gz +share/man/man1/srp.1ossl.gz +share/man/man1/storeutl.1ossl.gz +share/man/man1/ts.1ossl.gz +share/man/man1/tsget.1ossl.gz +share/man/man1/verify.1ossl.gz +share/man/man1/version.1ossl.gz +share/man/man1/x509.1ossl.gz +share/man/man5/config.5ossl.gz +share/man/man5/fips_config.5ossl.gz +share/man/man5/x509v3_config.5ossl.gz +%%OPENSSLDIR%%/misc/CA.pl +@comment %%OPENSSLDIR%%/misc/tsget.pl +%%OPENSSLDIR%%/misc/tsget +@sample %%OPENSSLDIR%%/ct_log_list.cnf.dist %%OPENSSLDIR%%/ct_log_list.cnf +%%FIPS%%%%OPENSSLDIR%%/fipsmodule.cnf +@sample %%OPENSSLDIR%%/openssl.cnf.dist %%OPENSSLDIR%%/openssl.cnf +@dir lib/ossl-modules +@dir %%OPENSSLDIR%%/private +@dir %%OPENSSLDIR%%/certs diff --git a/security/openssl33-quictls/version.mk b/security/openssl33-quictls/version.mk new file mode 100644 index 000000000000..c3fe2e51c987 --- /dev/null +++ b/security/openssl33-quictls/version.mk @@ -0,0 +1 @@ +OPENSSL_SHLIBVER?= 15 diff --git a/security/openssl33/Makefile b/security/openssl33/Makefile index 92b2a3b70d07..f4cdbb7a8866 100644 --- a/security/openssl33/Makefile +++ b/security/openssl33/Makefile @@ -1,5 +1,5 @@ PORTNAME= openssl -PORTVERSION= 3.3.3 +PORTVERSION= 3.3.4 CATEGORIES= security devel PKGNAMESUFFIX= 33 MASTER_SITES= https://github.com/openssl/openssl/releases/download/${DISTNAME}/ @@ -11,6 +11,8 @@ WWW= https://www.openssl.org/ LICENSE= APACHE20 LICENSE_FILE= ${WRKSRC}/LICENSE.txt +EXPIRATION_DATE= 2026-04-09 + CONFLICTS_INSTALL= boringssl libressl libressl-devel openssl openssl111 openssl3[1245] openssl*-quictls HAS_CONFIGURE= yes diff --git a/security/openssl33/distinfo b/security/openssl33/distinfo index ba314a4dcc7f..a6394ed16a43 100644 --- a/security/openssl33/distinfo +++ b/security/openssl33/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1739294023 -SHA256 (openssl-3.3.3.tar.gz) = 712590fd20aaa60ec75d778fe5b810d6b829ca7fb1e530577917a131f9105539 -SIZE (openssl-3.3.3.tar.gz) = 18102481 +TIMESTAMP = 1751448373 +SHA256 (openssl-3.3.4.tar.gz) = 8d1a5fc323d3fd351dc05458457fd48f78652d2a498e1d70ffea07b4d0eb3fa8 +SIZE (openssl-3.3.4.tar.gz) = 18113350 diff --git a/security/openssl34/Makefile b/security/openssl34/Makefile index b1ab27b4efc0..4bc0fe6c59a2 100644 --- a/security/openssl34/Makefile +++ b/security/openssl34/Makefile @@ -1,5 +1,5 @@ PORTNAME= openssl -DISTVERSION= 3.4.1 +DISTVERSION= 3.4.2 CATEGORIES= security devel PKGNAMESUFFIX= 34 MASTER_SITES= https://github.com/openssl/openssl/releases/download/${DISTNAME}/ @@ -11,6 +11,8 @@ WWW= https://www.openssl.org/ LICENSE= APACHE20 LICENSE_FILE= ${WRKSRC}/LICENSE.txt +EXPIRATION_DATE= 2026-10-22 + CONFLICTS_INSTALL= boringssl libressl libressl-devel openssl openssl111 openssl3[1235] openssl*-quictls HAS_CONFIGURE= yes diff --git a/security/openssl34/distinfo b/security/openssl34/distinfo index d8af1d8ae114..f57015331c43 100644 --- a/security/openssl34/distinfo +++ b/security/openssl34/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1739294109 -SHA256 (openssl-3.4.1.tar.gz) = 002a2d6b30b58bf4bea46c43bdd96365aaf8daa6c428782aa4feee06da197df3 -SIZE (openssl-3.4.1.tar.gz) = 18346056 +TIMESTAMP = 1751448388 +SHA256 (openssl-3.4.2.tar.gz) = 17b02459fc28be415470cccaae7434f3496cac1306b86b52c83886580e82834c +SIZE (openssl-3.4.2.tar.gz) = 18357346 diff --git a/security/openssl35/Makefile b/security/openssl35/Makefile index 03c8a5cf9203..f98afc6ba292 100644 --- a/security/openssl35/Makefile +++ b/security/openssl35/Makefile @@ -1,6 +1,5 @@ PORTNAME= openssl -PORTVERSION= 3.5.0 -PORTREVISION= 1 +PORTVERSION= 3.5.1 CATEGORIES= security devel PKGNAMESUFFIX= 35 MASTER_SITES= https://github.com/openssl/openssl/releases/download/${DISTNAME}/ diff --git a/security/openssl35/distinfo b/security/openssl35/distinfo index a607cb09a0e2..dbaa6f6357a6 100644 --- a/security/openssl35/distinfo +++ b/security/openssl35/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1744140897 -SHA256 (openssl-3.5.0.tar.gz) = 344d0a79f1a9b08029b0744e2cc401a43f9c90acd1044d09a530b4885a8e9fc0 -SIZE (openssl-3.5.0.tar.gz) = 53136912 +TIMESTAMP = 1751448415 +SHA256 (openssl-3.5.1.tar.gz) = 529043b15cffa5f36077a4d0af83f3de399807181d607441d734196d889b641f +SIZE (openssl-3.5.1.tar.gz) = 53158817 diff --git a/security/openssl35/files/patch-CVE-2025-4575 b/security/openssl35/files/patch-CVE-2025-4575 deleted file mode 100644 index 1bcec34bcb96..000000000000 --- a/security/openssl35/files/patch-CVE-2025-4575 +++ /dev/null @@ -1,61 +0,0 @@ -From e96d22446e633d117e6c9904cb15b4693e956eaa Mon Sep 17 00:00:00 2001 -From: Tomas Mraz <tomas@openssl.org> -Date: Tue, 20 May 2025 16:34:10 +0200 -Subject: [PATCH] apps/x509.c: Fix the -addreject option adding trust instead - of rejection - -Fixes CVE-2025-4575 - -Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> -Reviewed-by: Paul Dale <ppzgs1@gmail.com> -(Merged from https://github.com/openssl/openssl/pull/27672) - -(cherry picked from commit 0eb9acc24febb1f3f01f0320cfba9654cf66b0ac) ---- - apps/x509.c | 2 +- - test/recipes/25-test_x509.t | 12 +++++++++++- - 2 files changed, 12 insertions(+), 2 deletions(-) - -diff --git a/apps/x509.c b/apps/x509.c -index fdae8f383a667..0c340c15b321a 100644 ---- apps/x509.c.orig -+++ apps/x509.c -@@ -465,7 +465,7 @@ int x509_main(int argc, char **argv) - prog, opt_arg()); - goto opthelp; - } -- if (!sk_ASN1_OBJECT_push(trust, objtmp)) -+ if (!sk_ASN1_OBJECT_push(reject, objtmp)) - goto end; - trustout = 1; - break; -diff --git a/test/recipes/25-test_x509.t b/test/recipes/25-test_x509.t -index 09b61708ff8a5..dfa0a428f5f0c 100644 ---- test/recipes/25-test_x509.t.orig -+++ test/recipes/25-test_x509.t -@@ -16,7 +16,7 @@ use OpenSSL::Test qw/:DEFAULT srctop_file/; - - setup("test_x509"); - --plan tests => 134; -+plan tests => 138; - - # Prevent MSys2 filename munging for arguments that look like file paths but - # aren't -@@ -110,6 +110,16 @@ ok(run(app(["openssl", "x509", "-new", "-force_pubkey", $key, "-subj", "/CN=EE", - && run(app(["openssl", "verify", "-no_check_time", - "-trusted", $ca, "-partial_chain", $caout]))); - -+# test trust decoration -+ok(run(app(["openssl", "x509", "-in", $ca, "-addtrust", "emailProtection", -+ "-out", "ca-trusted.pem"]))); -+cert_contains("ca-trusted.pem", "Trusted Uses: E-mail Protection", -+ 1, 'trusted use - E-mail Protection'); -+ok(run(app(["openssl", "x509", "-in", $ca, "-addreject", "emailProtection", -+ "-out", "ca-rejected.pem"]))); -+cert_contains("ca-rejected.pem", "Rejected Uses: E-mail Protection", -+ 1, 'rejected use - E-mail Protection'); -+ - subtest 'x509 -- x.509 v1 certificate' => sub { - tconversion( -type => 'x509', -prefix => 'x509v1', - -in => srctop_file("test", "testx509.pem") ); diff --git a/security/osslsigncode/Makefile b/security/osslsigncode/Makefile index 506113da3bfb..90ad102b8086 100644 --- a/security/osslsigncode/Makefile +++ b/security/osslsigncode/Makefile @@ -1,5 +1,5 @@ PORTNAME= osslsigncode -DISTVERSION= 2.9 +DISTVERSION= 2.10 CATEGORIES= security devel MAINTAINER= bofh@FreeBSD.org diff --git a/security/osslsigncode/distinfo b/security/osslsigncode/distinfo index 7fcd2eecd6b3..28a1ff301015 100644 --- a/security/osslsigncode/distinfo +++ b/security/osslsigncode/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1722080494 -SHA256 (mtrojnar-osslsigncode-2.9_GH0.tar.gz) = 3fe5488e442ad99f91410efeb7b029275366b5df9aa02371dcc89a8f8569ff55 -SIZE (mtrojnar-osslsigncode-2.9_GH0.tar.gz) = 1033420 +TIMESTAMP = 1751273239 +SHA256 (mtrojnar-osslsigncode-2.10_GH0.tar.gz) = 2a864e6127ee2350fb648070fa0d459c534ac6400ca0048886aeab7afb250f65 +SIZE (mtrojnar-osslsigncode-2.10_GH0.tar.gz) = 1038769 diff --git a/security/pam_rssh/Makefile b/security/pam_rssh/Makefile index 561ddf5078cf..dcea9616f1c4 100644 --- a/security/pam_rssh/Makefile +++ b/security/pam_rssh/Makefile @@ -1,7 +1,7 @@ PORTNAME= pam_rssh DISTVERSIONPREFIX=v DISTVERSION= 1.1.0 -PORTREVISION= 17 +PORTREVISION= 18 CATEGORIES= security MAINTAINER= romain@FreeBSD.org diff --git a/security/php85-filter/Makefile b/security/php85-filter/Makefile new file mode 100644 index 000000000000..1d4737ba51c9 --- /dev/null +++ b/security/php85-filter/Makefile @@ -0,0 +1,7 @@ +CATEGORIES= security + +MASTERDIR= ${.CURDIR}/../../lang/php85 + +PKGNAMESUFFIX= -filter + +.include "${MASTERDIR}/Makefile" diff --git a/security/php85-sodium/Makefile b/security/php85-sodium/Makefile new file mode 100644 index 000000000000..aff3c5308849 --- /dev/null +++ b/security/php85-sodium/Makefile @@ -0,0 +1,7 @@ +CATEGORIES= security + +MASTERDIR= ${.CURDIR}/../../lang/php85 + +PKGNAMESUFFIX= -sodium + +.include "${MASTERDIR}/Makefile" diff --git a/security/plasma6-kscreenlocker/distinfo b/security/plasma6-kscreenlocker/distinfo index 9b45a355b193..b29b38d6d151 100644 --- a/security/plasma6-kscreenlocker/distinfo +++ b/security/plasma6-kscreenlocker/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1750789611 -SHA256 (KDE/plasma/6.4.1/kscreenlocker-6.4.1.tar.xz) = c849dc939a050a26f270393f8b59e8b86d671983a752e014af7c89a1c955b925 -SIZE (KDE/plasma/6.4.1/kscreenlocker-6.4.1.tar.xz) = 183776 +TIMESTAMP = 1751380541 +SHA256 (KDE/plasma/6.4.2/kscreenlocker-6.4.2.tar.xz) = ef2bc8c2f1f0df75c67778c4208a5ee02c0546356ef8352dd1ffdee867283cc4 +SIZE (KDE/plasma/6.4.2/kscreenlocker-6.4.2.tar.xz) = 183732 diff --git a/security/plasma6-ksshaskpass/distinfo b/security/plasma6-ksshaskpass/distinfo index 8196ba2a8c6e..87b4a2ee1759 100644 --- a/security/plasma6-ksshaskpass/distinfo +++ b/security/plasma6-ksshaskpass/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1750789611 -SHA256 (KDE/plasma/6.4.1/ksshaskpass-6.4.1.tar.xz) = 5495db2d45f9b2ac50a81382f7e38c99ab83d7ea34adcf72b05c260d9d8a3433 -SIZE (KDE/plasma/6.4.1/ksshaskpass-6.4.1.tar.xz) = 30796 +TIMESTAMP = 1751380542 +SHA256 (KDE/plasma/6.4.2/ksshaskpass-6.4.2.tar.xz) = 6ef3811239c2ec505859f6c483927d6d69a59fbd8d6da41b385a977c231efffc +SIZE (KDE/plasma/6.4.2/ksshaskpass-6.4.2.tar.xz) = 30792 diff --git a/security/plasma6-kwallet-pam/distinfo b/security/plasma6-kwallet-pam/distinfo index 81c94e309bb8..3eb96bb2863b 100644 --- a/security/plasma6-kwallet-pam/distinfo +++ b/security/plasma6-kwallet-pam/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1750789612 -SHA256 (KDE/plasma/6.4.1/kwallet-pam-6.4.1.tar.xz) = 04d4d7075cb93cac10a7e0504836d961c7a2eda4f08987bb500f927200298b7c -SIZE (KDE/plasma/6.4.1/kwallet-pam-6.4.1.tar.xz) = 22400 +TIMESTAMP = 1751380542 +SHA256 (KDE/plasma/6.4.2/kwallet-pam-6.4.2.tar.xz) = fc5578ae860d74ce7695cf0b561a72bcf4730636694d8debfc10c85e97296ae9 +SIZE (KDE/plasma/6.4.2/kwallet-pam-6.4.2.tar.xz) = 22396 diff --git a/security/py-bcrypt/Makefile b/security/py-bcrypt/Makefile index 40c109fa58b9..fe1618ce8018 100644 --- a/security/py-bcrypt/Makefile +++ b/security/py-bcrypt/Makefile @@ -1,5 +1,6 @@ PORTNAME= bcrypt DISTVERSION= 4.3.0 +PORTREVISION= 1 CATEGORIES= security python MASTER_SITES= PYPI PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} diff --git a/security/py-cryptography/Makefile b/security/py-cryptography/Makefile index a75891c6d7c5..b42dbc8ae694 100644 --- a/security/py-cryptography/Makefile +++ b/security/py-cryptography/Makefile @@ -1,6 +1,6 @@ PORTNAME= cryptography PORTVERSION= 44.0.3 -PORTREVISION= 1 +PORTREVISION= 2 PORTEPOCH= 1 CATEGORIES= security python MASTER_SITES= PYPI diff --git a/security/py-keyring/Makefile b/security/py-keyring/Makefile index 16295f7c5fbd..3351a75034bc 100644 --- a/security/py-keyring/Makefile +++ b/security/py-keyring/Makefile @@ -1,6 +1,5 @@ PORTNAME= keyring -PORTVERSION= 23.9.3 -PORTREVISION= 3 +PORTVERSION= 25.6.0 PORTEPOCH= 1 CATEGORIES= security python MASTER_SITES= PYPI @@ -13,7 +12,10 @@ WWW= https://github.com/jaraco/keyring LICENSE= PSFL BUILD_DEPENDS= ${PYTHON_PKGNAMEPREFIX}setuptools-scm>=1.15.0:devel/py-setuptools-scm@${PY_FLAVOR} -RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}jaraco.classes>=0:devel/py-jaraco.classes@${PY_FLAVOR} +RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}jaraco.classes>=0:devel/py-jaraco.classes@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}jaraco.context>=0:devel/py-jaraco.context@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}jaraco.functools>=0:devel/py-jaraco.functools@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}importlib-metadata>=0:devel/py-importlib-metadata@${PY_FLAVOR} USES= cpe python CPE_VENDOR= python diff --git a/security/py-keyring/distinfo b/security/py-keyring/distinfo index f1a4b7d2fb95..8c9a3f741e77 100644 --- a/security/py-keyring/distinfo +++ b/security/py-keyring/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1666640101 -SHA256 (keyring-23.9.3.tar.gz) = 69b01dd83c42f590250fe7a1f503fc229b14de83857314b1933a3ddbf595c4a5 -SIZE (keyring-23.9.3.tar.gz) = 56674 +TIMESTAMP = 1748966316 +SHA256 (keyring-25.6.0.tar.gz) = 0b39998aa941431eb3d9b0d4b2460bc773b9df6fed7621c2dfb291a7e0187a66 +SIZE (keyring-25.6.0.tar.gz) = 62750 diff --git a/security/rage-encryption/Makefile b/security/rage-encryption/Makefile index 2e8a925c3407..6a0dd637ff94 100644 --- a/security/rage-encryption/Makefile +++ b/security/rage-encryption/Makefile @@ -1,7 +1,7 @@ PORTNAME= rage DISTVERSIONPREFIX= v DISTVERSION= 0.11.1 -PORTREVISION= 4 +PORTREVISION= 5 CATEGORIES= security PKGNAMESUFFIX= -encryption diff --git a/security/ratify/Makefile b/security/ratify/Makefile index cf31a75770b3..db9db6f9fdb5 100644 --- a/security/ratify/Makefile +++ b/security/ratify/Makefile @@ -1,6 +1,6 @@ PORTNAME= ratify DISTVERSION= 2.2.0 -PORTREVISION= 8 +PORTREVISION= 9 CATEGORIES= security MAINTAINER= yuri@FreeBSD.org diff --git a/security/rpm-sequoia/Makefile b/security/rpm-sequoia/Makefile index edf9cc14fc22..37158498d014 100644 --- a/security/rpm-sequoia/Makefile +++ b/security/rpm-sequoia/Makefile @@ -1,7 +1,7 @@ PORTNAME= rpm-sequoia DISTVERSIONPREFIX= v DISTVERSION= 1.8.0 -PORTREVISION= 2 +PORTREVISION= 3 CATEGORIES= security archivers MAINTAINER= yuri@FreeBSD.org diff --git a/security/rubygem-gitlab-cloud-connector/Makefile b/security/rubygem-gitlab-cloud-connector/Makefile index b59e9cf5734e..17348ef607c0 100644 --- a/security/rubygem-gitlab-cloud-connector/Makefile +++ b/security/rubygem-gitlab-cloud-connector/Makefile @@ -1,5 +1,5 @@ PORTNAME= gitlab-cloud-connector -PORTVERSION= 1.17.0 +PORTVERSION= 1.19.0 CATEGORIES= security rubygems MASTER_SITES= RG diff --git a/security/rubygem-gitlab-cloud-connector/distinfo b/security/rubygem-gitlab-cloud-connector/distinfo index f3bc3876d43c..b702ac666f5a 100644 --- a/security/rubygem-gitlab-cloud-connector/distinfo +++ b/security/rubygem-gitlab-cloud-connector/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1750222196 -SHA256 (rubygem/gitlab-cloud-connector-1.17.0.gem) = b9eaf5544cebb66667be560cc032fd6e26ccb6c35c0912b3cd1fadb7cbcfbf34 -SIZE (rubygem/gitlab-cloud-connector-1.17.0.gem) = 18432 +TIMESTAMP = 1750912646 +SHA256 (rubygem/gitlab-cloud-connector-1.19.0.gem) = cfa644b4d827062f5c625d391ca3e6904e7667f0f6efe96adab81e051d8d07ad +SIZE (rubygem/gitlab-cloud-connector-1.19.0.gem) = 18432 diff --git a/security/rustls-ffi/Makefile b/security/rustls-ffi/Makefile index edf8ead7bf65..65a625c0905d 100644 --- a/security/rustls-ffi/Makefile +++ b/security/rustls-ffi/Makefile @@ -1,7 +1,7 @@ PORTNAME= rustls-ffi DISTVERSIONPREFIX= v DISTVERSION= 0.15.0 -PORTREVISION= 2 +PORTREVISION= 3 CATEGORIES= security MAINTAINER= brnrd@FreeBSD.org diff --git a/security/rustscan/Makefile b/security/rustscan/Makefile index f529781f3c9d..0c0e061e5907 100644 --- a/security/rustscan/Makefile +++ b/security/rustscan/Makefile @@ -1,6 +1,6 @@ PORTNAME= rustscan PORTVERSION= 2.4.1 -PORTREVISION= 2 +PORTREVISION= 3 CATEGORIES= security MAINTAINER= bofh@FreeBSD.org diff --git a/security/sequoia-chameleon-gnupg/Makefile b/security/sequoia-chameleon-gnupg/Makefile index 11356e0db288..b93f3584cd69 100644 --- a/security/sequoia-chameleon-gnupg/Makefile +++ b/security/sequoia-chameleon-gnupg/Makefile @@ -1,6 +1,7 @@ PORTNAME= sequoia-chameleon-gnupg DISTVERSIONPREFIX= v DISTVERSION= 0.13.1 +PORTREVISION= 1 CATEGORIES= security MAINTAINER= vishwin@FreeBSD.org diff --git a/security/sequoia-sq/Makefile b/security/sequoia-sq/Makefile index 3a098e4d8119..4ce523dcf47c 100644 --- a/security/sequoia-sq/Makefile +++ b/security/sequoia-sq/Makefile @@ -1,7 +1,7 @@ PORTNAME= sq DISTVERSIONPREFIX= v DISTVERSION= 1.3.1 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= security PKGNAMEPREFIX= sequoia- diff --git a/security/sniffglue/Makefile b/security/sniffglue/Makefile index cf209348751b..9a1ab670897b 100644 --- a/security/sniffglue/Makefile +++ b/security/sniffglue/Makefile @@ -1,7 +1,7 @@ PORTNAME= sniffglue DISTVERSIONPREFIX= v DISTVERSION= 0.16.1 -PORTREVISION= 5 +PORTREVISION= 6 CATEGORIES= security MAINTAINER= freebsd@sysctl.cz diff --git a/security/snort3/Makefile b/security/snort3/Makefile index de56987b3447..833bdf00cb11 100644 --- a/security/snort3/Makefile +++ b/security/snort3/Makefile @@ -1,5 +1,5 @@ PORTNAME= snort -DISTVERSION= 3.8.1.0 +DISTVERSION= 3.9.0.0 PORTEPOCH= 1 CATEGORIES= security PKGNAMESUFFIX= 3 @@ -17,7 +17,7 @@ LIB_DEPENDS= libdaq.so:net/libdaq \ libhwloc.so:devel/hwloc2 \ libpcap.so:net/libpcap \ libpcre2-8.so:devel/pcre2 \ - libuuid.so:misc/e2fsprogs-libuuid + libuuid.so:misc/libuuid USES= cmake compiler:c++14-lang cpe iconv localbase luajit pathfix pkgconfig \ shebangfix ssl diff --git a/security/snort3/distinfo b/security/snort3/distinfo index 3b5d7f18d701..043da5daa3cb 100644 --- a/security/snort3/distinfo +++ b/security/snort3/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1748521147 -SHA256 (snort3-snort3-3.8.1.0_GH0.tar.gz) = adbd958bd0f9b2c78997bfda5a36cbbc843f07a71712db0b56f085e2cd124164 -SIZE (snort3-snort3-3.8.1.0_GH0.tar.gz) = 3484205 +TIMESTAMP = 1751444666 +SHA256 (snort3-snort3-3.9.0.0_GH0.tar.gz) = a294be2921440ec39a265e770c15dc52ab011918c6fd288d99e442ceb12f961d +SIZE (snort3-snort3-3.9.0.0_GH0.tar.gz) = 3484705 diff --git a/security/snort3/pkg-plist b/security/snort3/pkg-plist index 5da84b8b5dd6..67291c403269 100644 --- a/security/snort3/pkg-plist +++ b/security/snort3/pkg-plist @@ -39,7 +39,6 @@ include/snort/flow/flow_key.h include/snort/flow/flow_stash.h include/snort/flow/ha.h include/snort/flow/session.h -include/snort/flow/stash_item.h include/snort/flow/stream_flow.h include/snort/framework/api_options.h include/snort/framework/base_api.h diff --git a/security/snuffleupagus/Makefile b/security/snuffleupagus/Makefile index 9b113b64de11..5783534cd0a0 100644 --- a/security/snuffleupagus/Makefile +++ b/security/snuffleupagus/Makefile @@ -21,7 +21,7 @@ USES= localbase:ldflags php:build,ext USE_GITHUB= yes GH_ACCOUNT= jvoisin USE_PHP= session:build -IGNORE_WITH_PHP= 84 +IGNORE_WITH_PHP= 84 85 CONFIGURE_ARGS= --enable-snuffleupagus diff --git a/security/ssh-vault/Makefile b/security/ssh-vault/Makefile index 8dd05cba98e8..b987279ac1eb 100644 --- a/security/ssh-vault/Makefile +++ b/security/ssh-vault/Makefile @@ -1,6 +1,6 @@ PORTNAME= ssh-vault PORTVERSION= 1.0.10 -PORTREVISION= 12 +PORTREVISION= 13 CATEGORIES= security MASTER_SITES= CRATESIO DISTFILES= ${CARGO_DIST_SUBDIR}/${DISTNAME}${CARGO_CRATE_EXT} diff --git a/security/sssd2/Makefile b/security/sssd2/Makefile index 3c4f642a401b..eacfd0a175da 100644 --- a/security/sssd2/Makefile +++ b/security/sssd2/Makefile @@ -1,6 +1,6 @@ PORTNAME= sssd PORTVERSION= 2.9.6 -PORTREVISION= 3 +PORTREVISION= 4 CATEGORIES= security PKGNAMESUFFIX= 2 @@ -45,7 +45,7 @@ LIB_DEPENDS= libcares.so:dns/c-ares \ libtdb.so:${SAMBA_TDB_PORT} \ libtevent.so:${SAMBA_TEVENT_PORT} \ libunistring.so:devel/libunistring \ - libuuid.so:misc/e2fsprogs-libuuid + libuuid.so:misc/libuuid RUN_DEPENDS= adcli:net-mgmt/adcli \ cyrus-sasl-gssapi>0:security/cyrus-sasl2-gssapi diff --git a/security/strongswan/Makefile b/security/strongswan/Makefile index b65637df0d71..1eb1f164081d 100644 --- a/security/strongswan/Makefile +++ b/security/strongswan/Makefile @@ -1,6 +1,5 @@ PORTNAME= strongswan -DISTVERSION= 6.0.0 -PORTREVISION= 1 +DISTVERSION= 6.0.1 CATEGORIES= security net-vpn MASTER_SITES= https://download.strongswan.org/ \ https://download2.strongswan.org/ diff --git a/security/strongswan/distinfo b/security/strongswan/distinfo index c9460511cb81..6596d8ab97bf 100644 --- a/security/strongswan/distinfo +++ b/security/strongswan/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1740055222 -SHA256 (strongswan-6.0.0.tar.bz2) = 72fe58b7523155703b65b08c3cc559c2c9a5c96da54afebd8136f6623e7dda82 -SIZE (strongswan-6.0.0.tar.bz2) = 4863821 +TIMESTAMP = 1747651788 +SHA256 (strongswan-6.0.1.tar.bz2) = 212368cbc674fed31f3292210303fff06da8b90acad2d1387375ed855e6879c4 +SIZE (strongswan-6.0.1.tar.bz2) = 4844260 diff --git a/security/sudo-rs/Makefile b/security/sudo-rs/Makefile index 51983bf73ac8..5d6bb16de08b 100644 --- a/security/sudo-rs/Makefile +++ b/security/sudo-rs/Makefile @@ -1,7 +1,7 @@ PORTNAME= sudo-rs PORTVERSION= 0.2.6 DISTVERSIONPREFIX= v -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= security MAINTAINER= marc@trifectatech.org diff --git a/security/sudo/Makefile b/security/sudo/Makefile index 14466a9e7774..b9bea691da08 100644 --- a/security/sudo/Makefile +++ b/security/sudo/Makefile @@ -1,5 +1,5 @@ PORTNAME= sudo -PORTVERSION= 1.9.17 +PORTVERSION= 1.9.17p1 CATEGORIES= security MASTER_SITES= SUDO diff --git a/security/sudo/distinfo b/security/sudo/distinfo index 9b38cd2b5a6c..a01a900722c6 100644 --- a/security/sudo/distinfo +++ b/security/sudo/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1750523514 -SHA256 (sudo-1.9.17.tar.gz) = 3f212c69d534d5822b492d099abb02a593f91ca99f5afde5cb9bd3e1dcdad069 -SIZE (sudo-1.9.17.tar.gz) = 5447899 +TIMESTAMP = 1751356446 +SHA256 (sudo-1.9.17p1.tar.gz) = ff607ea717072197738a78f778692cd6df9a7e3e404565f51de063ca27455d32 +SIZE (sudo-1.9.17p1.tar.gz) = 5449076 diff --git a/security/suricata/Makefile b/security/suricata/Makefile index 88ce45bc1e87..67bc1d7768e7 100644 --- a/security/suricata/Makefile +++ b/security/suricata/Makefile @@ -1,6 +1,6 @@ PORTNAME= suricata DISTVERSION= 7.0.10 -PORTREVISION= 2 +PORTREVISION= 3 CATEGORIES= security MASTER_SITES= https://www.openinfosecfoundation.org/download/ diff --git a/security/tpm2-tools/Makefile b/security/tpm2-tools/Makefile index 42aa7da55eeb..99cb1ffb5ab0 100644 --- a/security/tpm2-tools/Makefile +++ b/security/tpm2-tools/Makefile @@ -1,6 +1,6 @@ PORTNAME= tpm2-tools DISTVERSION= 5.6 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= security MASTER_SITES= https://github.com/tpm2-software/tpm2-tools/releases/download/${DISTVERSION}/ @@ -12,7 +12,7 @@ LICENSE= BSD2CLAUSE LIB_DEPENDS= libtss2-esys.so:security/tpm2-tss \ libcurl.so:ftp/curl \ - libuuid.so:misc/e2fsprogs-libuuid + libuuid.so:misc/libuuid USES= compiler:c11 gmake libtool pkgconfig ssl diff --git a/security/tpm2-tss/Makefile b/security/tpm2-tss/Makefile index 8d60a2b418bc..e7f599522a33 100644 --- a/security/tpm2-tss/Makefile +++ b/security/tpm2-tss/Makefile @@ -1,6 +1,6 @@ PORTNAME= tpm2-tss DISTVERSION= 4.0.1 -PORTREVISION= 2 +PORTREVISION= 3 CATEGORIES= security MASTER_SITES= https://github.com/tpm2-software/tpm2-tss/releases/download/${DISTVERSION}/ @@ -11,7 +11,7 @@ LICENSE= BSD2CLAUSE LIB_DEPENDS= libjson-c.so:devel/json-c \ libcurl.so:ftp/curl \ - libuuid.so:misc/e2fsprogs-libuuid + libuuid.so:misc/libuuid USES= compiler:c11 gmake libtool pkgconfig ssl USE_LDCONFIG= yes diff --git a/security/trivy/Makefile b/security/trivy/Makefile index 05cfa55f0b39..d208cccbab53 100644 --- a/security/trivy/Makefile +++ b/security/trivy/Makefile @@ -1,7 +1,6 @@ PORTNAME= trivy DISTVERSIONPREFIX= v -DISTVERSION= 0.63.0 -PORTREVISION= 1 +DISTVERSION= 0.64.0 CATEGORIES= security MAINTAINER= mfechner@FreeBSD.org diff --git a/security/trivy/distinfo b/security/trivy/distinfo index 14015874c1c6..24ad8282e01f 100644 --- a/security/trivy/distinfo +++ b/security/trivy/distinfo @@ -1,5 +1,5 @@ -TIMESTAMP = 1748580283 -SHA256 (go/security_trivy/trivy-v0.63.0/v0.63.0.mod) = f0b5b8182a3155cfd22aedd2f1266794a26549664c18b8358a411ba634188fa3 -SIZE (go/security_trivy/trivy-v0.63.0/v0.63.0.mod) = 23467 -SHA256 (go/security_trivy/trivy-v0.63.0/v0.63.0.zip) = 638bc4adc54bf61afc8647c9f4fa5db30e6352dfe033655c30d0af02eca5c14d -SIZE (go/security_trivy/trivy-v0.63.0/v0.63.0.zip) = 58804833 +TIMESTAMP = 1751363247 +SHA256 (go/security_trivy/trivy-v0.64.0/v0.64.0.mod) = 0cdadb981316deab57b0abfdca161b8a907173478b82770c901c8d58ce4a2016 +SIZE (go/security_trivy/trivy-v0.64.0/v0.64.0.mod) = 23200 +SHA256 (go/security_trivy/trivy-v0.64.0/v0.64.0.zip) = f5f0943b22846cd637d140585dd5a318e303cf0fe9f45b5f138153e2a292fc06 +SIZE (go/security_trivy/trivy-v0.64.0/v0.64.0.zip) = 58856559 diff --git a/security/vault/Makefile b/security/vault/Makefile index 6f65c1a69795..95b5e0e4fea8 100644 --- a/security/vault/Makefile +++ b/security/vault/Makefile @@ -1,6 +1,6 @@ PORTNAME= vault DISTVERSIONPREFIX= v -DISTVERSION= 1.19.5 +DISTVERSION= 1.20.0 CATEGORIES= security MASTER_SITES= https://raw.githubusercontent.com/hashicorp/vault/${DISTVERSIONFULL}/ \ LOCAL/bofh/security/${PORTNAME}/:web_ui @@ -27,7 +27,7 @@ EXTRACT_DEPENDS=npm-node20>0:www/npm-node20 \ yarn-node20>0:www/yarn-node20 .endif -USES= cpe go:1.24,modules +USES= cpe go:modules CPE_VENDOR= hashicorp USE_GITHUB= yes GH_ACCOUNT= hashicorp @@ -46,7 +46,7 @@ GROUPS= vault PLIST_FILES= bin/${PORTNAME} -GITID= 7010adf2c67686681908f04ec8e9357f19066f4f +GITID= 6fdd6b59e97d97a9e19b0fb5304bf879c190295e .include <bsd.port.pre.mk> diff --git a/security/vault/distinfo b/security/vault/distinfo index 91abadf4847a..8ae380ecfa61 100644 --- a/security/vault/distinfo +++ b/security/vault/distinfo @@ -1,17 +1,17 @@ -TIMESTAMP = 1749701093 -SHA256 (go/security_vault/hashicorp-vault-v1.19.5_GH0/go.mod) = eb4c04065aeb9f30a71a31229fa197336d6b93f6380ee67afc94a51245423dfc -SIZE (go/security_vault/hashicorp-vault-v1.19.5_GH0/go.mod) = 29839 -SHA256 (go/security_vault/hashicorp-vault-v1.19.5_GH0/api/go.mod) = 0d652a7ef05e4031f5cc927151101672f29851c4a227e6082263a8aa32918667 -SIZE (go/security_vault/hashicorp-vault-v1.19.5_GH0/api/go.mod) = 1678 -SHA256 (go/security_vault/hashicorp-vault-v1.19.5_GH0/api/auth/approle/go.mod) = 58a8a86c96adddbe7d63ca3aa6be8b4972048639084ed8191522f60610cdb811 -SIZE (go/security_vault/hashicorp-vault-v1.19.5_GH0/api/auth/approle/go.mod) = 1084 -SHA256 (go/security_vault/hashicorp-vault-v1.19.5_GH0/api/auth/kubernetes/go.mod) = 877dd47a4ba1d2e0b4be63bb30178433e7be72e3bf7454619be502af4d05332f -SIZE (go/security_vault/hashicorp-vault-v1.19.5_GH0/api/auth/kubernetes/go.mod) = 1087 -SHA256 (go/security_vault/hashicorp-vault-v1.19.5_GH0/api/auth/userpass/go.mod) = 380860700e965d112bbb40ed96a0da01a9ff9e16a5127fc7c6496ae3aaa14538 -SIZE (go/security_vault/hashicorp-vault-v1.19.5_GH0/api/auth/userpass/go.mod) = 1085 -SHA256 (go/security_vault/hashicorp-vault-v1.19.5_GH0/sdk/go.mod) = bf6fdc7aade5d5ab3308c1782a4e7831218dd30bc5362aaf9999c68811bc5883 -SIZE (go/security_vault/hashicorp-vault-v1.19.5_GH0/sdk/go.mod) = 6583 -SHA256 (go/security_vault/hashicorp-vault-v1.19.5_GH0/vault-web_ui-1.19.5.tar.gz) = dec3f028c5b1fc021b43f911c7834f6fb96cce19a867c729f7f901bb68471e0a -SIZE (go/security_vault/hashicorp-vault-v1.19.5_GH0/vault-web_ui-1.19.5.tar.gz) = 3402738 -SHA256 (go/security_vault/hashicorp-vault-v1.19.5_GH0/hashicorp-vault-v1.19.5_GH0.tar.gz) = 195ac1f9cfb2c6618633794b74807d2a06db6e6b5b24eeeb55aaaa4f5faba65d -SIZE (go/security_vault/hashicorp-vault-v1.19.5_GH0/hashicorp-vault-v1.19.5_GH0.tar.gz) = 37816526 +TIMESTAMP = 1751270126 +SHA256 (go/security_vault/hashicorp-vault-v1.20.0_GH0/go.mod) = 2ba77e161beb4cb09d49a8050c29c3f04e3eebdadfa6acc41c75adffec1305b7 +SIZE (go/security_vault/hashicorp-vault-v1.20.0_GH0/go.mod) = 30423 +SHA256 (go/security_vault/hashicorp-vault-v1.20.0_GH0/api/go.mod) = 4e249690767897bd2050076246927eef319d4b981711c44d1303a2e61b6a8b84 +SIZE (go/security_vault/hashicorp-vault-v1.20.0_GH0/api/go.mod) = 1686 +SHA256 (go/security_vault/hashicorp-vault-v1.20.0_GH0/api/auth/approle/go.mod) = bd0424483d992f8909a0c581079a8cfe0418a83035cd64cad592da71aee024ec +SIZE (go/security_vault/hashicorp-vault-v1.20.0_GH0/api/auth/approle/go.mod) = 1092 +SHA256 (go/security_vault/hashicorp-vault-v1.20.0_GH0/api/auth/kubernetes/go.mod) = 031d60cabed3e3d38954745e59623cddd02a58c8c0616dd6b8f0834b6180b229 +SIZE (go/security_vault/hashicorp-vault-v1.20.0_GH0/api/auth/kubernetes/go.mod) = 1095 +SHA256 (go/security_vault/hashicorp-vault-v1.20.0_GH0/api/auth/userpass/go.mod) = 35297d2e71346bf96738f03f57a9ba0389a12267852dbc2bf0b6aa314d2274ab +SIZE (go/security_vault/hashicorp-vault-v1.20.0_GH0/api/auth/userpass/go.mod) = 1093 +SHA256 (go/security_vault/hashicorp-vault-v1.20.0_GH0/sdk/go.mod) = a3da120c91c4a0a9a2ad7e2fac36034da35a1527668359a6c9f19800aa88f2f1 +SIZE (go/security_vault/hashicorp-vault-v1.20.0_GH0/sdk/go.mod) = 6759 +SHA256 (go/security_vault/hashicorp-vault-v1.20.0_GH0/vault-web_ui-1.20.0.tar.gz) = 4bb7caa0ff55170fcc21de4e095ea8e0aa120f6b71ec7005fdc81f2ba6a3e36c +SIZE (go/security_vault/hashicorp-vault-v1.20.0_GH0/vault-web_ui-1.20.0.tar.gz) = 3586169 +SHA256 (go/security_vault/hashicorp-vault-v1.20.0_GH0/hashicorp-vault-v1.20.0_GH0.tar.gz) = 12e388d5aecdcef7fe24cd1a65964d3a643e952b659e6748d9a85767a4bda0f0 +SIZE (go/security_vault/hashicorp-vault-v1.20.0_GH0/hashicorp-vault-v1.20.0_GH0.tar.gz) = 41609921 diff --git a/security/vaultwarden/Makefile b/security/vaultwarden/Makefile index d5642346bed5..acfb1177cbf1 100644 --- a/security/vaultwarden/Makefile +++ b/security/vaultwarden/Makefile @@ -1,6 +1,6 @@ PORTNAME= vaultwarden DISTVERSION= 1.34.1 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= security MAINTAINER= mr@FreeBSD.org diff --git a/security/vuls/Makefile b/security/vuls/Makefile index f2f41cbbf54c..2dc6d13b4b89 100644 --- a/security/vuls/Makefile +++ b/security/vuls/Makefile @@ -1,6 +1,6 @@ PORTNAME= vuls DISTVERSIONPREFIX=v -DISTVERSION= 0.33.1 +DISTVERSION= 0.33.2 CATEGORIES= security MAINTAINER= girgen@FreeBSD.org diff --git a/security/vuls/distinfo b/security/vuls/distinfo index 1524e85119a6..d9947208f662 100644 --- a/security/vuls/distinfo +++ b/security/vuls/distinfo @@ -1,5 +1,5 @@ -TIMESTAMP = 1750837237 -SHA256 (go/security_vuls/vuls-v0.33.1/v0.33.1.mod) = cffef0d92a21a68ae82e1eeb7dbf6504887496b042af76cb182e1e3fba9ece20 -SIZE (go/security_vuls/vuls-v0.33.1/v0.33.1.mod) = 20804 -SHA256 (go/security_vuls/vuls-v0.33.1/v0.33.1.zip) = 0bca1fe58726ef06e60e98d0849baff1c2aff6e1bd0de3722fe64314efec49c3 -SIZE (go/security_vuls/vuls-v0.33.1/v0.33.1.zip) = 1401641 +TIMESTAMP = 1751501710 +SHA256 (go/security_vuls/vuls-v0.33.2/v0.33.2.mod) = 0b0947e2e7f76a71fb628bd2fc9d1c3d905f5479811a5b3077e4cd71730b4a80 +SIZE (go/security_vuls/vuls-v0.33.2/v0.33.2.mod) = 20476 +SHA256 (go/security_vuls/vuls-v0.33.2/v0.33.2.zip) = 8648d1937f5eb955e444cf8aa12e647d9f0daf982cb0e1d2b0e2ca731b96d32d +SIZE (go/security_vuls/vuls-v0.33.2/v0.33.2.zip) = 1399904 diff --git a/security/vuxml/vuln/2025.xml b/security/vuxml/vuln/2025.xml index e9e2390a00f0..6bc7dd3de85f 100644 --- a/security/vuxml/vuln/2025.xml +++ b/security/vuxml/vuln/2025.xml @@ -1,3 +1,338 @@ + <vuln vid="d607b12c-5821-11f0-ab92-f02f7497ecda"> + <topic>php -- Multiple vulnerabilities</topic> + <affects> + <package> + <name>php81</name> + <range><lt>8.1.33</lt></range> + </package> + <package> + <name>php82</name> + <range><lt>8.2.29</lt></range> + </package> + <package> + <name>php83</name> + <range><lt>8.3.23</lt></range> + </package> + <package> + <name>php84</name> + <range><lt>8.4.10</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>php.net reports:</p> + <blockquote cite="https://www.php.net/ChangeLog-8.php"> + <ul> + <li> + CVE-2025-1735: pgsql extension does not check for errors during escaping + </li> + <li> + CVE-2025-6491: NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix + </li> + <li> + CVE-2025-1220: Null byte termination in hostnames + </li> + </ul> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-1735</cvename> + <cvename>CVE-2025-6491</cvename> + <cvename>CVE-2025-1220</cvename> + </references> + <dates> + <discovery>2025-02-27</discovery> + <entry>2025-07-03</entry> + </dates> + </vuln> + + <vuln vid="bab7386a-582f-11f0-97d0-b42e991fc52e"> + <topic>Mozilla -- exploitable crash</topic> + <affects> + <package> + <name>firefox</name> + <range><lt>140.0,2</lt></range> + </package> + <package> + <name>firefox-esr</name> + <range><lt>115.25.0</lt></range> + </package> + <package> + <name>thunderbird</name> + <range><lt>140.0</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>security@mozilla.org reports:</p> + <blockquote cite="https://bugzilla.mozilla.org/show_bug.cgi?id=1966423"> + <p>A use-after-free in FontFaceSet resulted in a potentially + exploitable crash.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-6424</cvename> + <url>https://nvd.nist.gov/vuln/detail/CVE-2025-6424</url> + </references> + <dates> + <discovery>2025-06-24</discovery> + <entry>2025-07-03</entry> + </dates> + </vuln> + + <vuln vid="5c777f88-40ff-4e1e-884b-ad63dfb9bb15"> + <topic>chromium -- multiple security fixes</topic> + <affects> + <package> + <name>chromium</name> + <range><lt>138.0.7204.96</lt></range> + </package> + <package> + <name>ungoogled-chromium</name> + <range><lt>138.0.7204.96</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Chrome Releases reports:</p> + <blockquote cite="https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop_30.html"> + <p>This update includes 1 security fix:</p> + <ul> + <li>[427663123] High CVE-2025-6554: Type Confusion in V8.</li> + </ul> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-6554</cvename> + <url>https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop_30.html</url> + </references> + <dates> + <discovery>2025-06-30</discovery> + <entry>2025-07-02</entry> + </dates> + </vuln> + + <vuln vid="9c91e1f8-f255-4b57-babe-2e385558f1dc"> + <topic>chromium -- multiple security fixes</topic> + <affects> + <package> + <name>chromium</name> + <range><lt>138.0.7204.49</lt></range> + </package> + <package> + <name>ungoogled-chromium</name> + <range><lt>138.0.7204.49</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Chrome Releases reports:</p> + <blockquote cite="https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop_24.html"> + <p>This update includes 11 security fixes:</p> + <ul> + <li>[407328533] Medium CVE-2025-6555: Use after free in Animation. Reported by Lyra Rebane (rebane2001) on 2025-03-30</li> + <li>[40062462] Low CVE-2025-6556: Insufficient policy enforcement in Loader. Reported by Shaheen Fazim on 2023-01-02</li> + <li>[406631048] Low CVE-2025-6557: Insufficient data validation in DevTools. Reported by Ameen Basha M K on 2025-03-27</li> + </ul> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-6555</cvename> + <cvename>CVE-2025-6556</cvename> + <cvename>CVE-2025-6557</cvename> + <url>https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop_24.html</url> + </references> + <dates> + <discovery>2025-06-24</discovery> + <entry>2025-07-02</entry> + </dates> + </vuln> + + <vuln vid="24f4b495-56a1-11f0-9621-93abbef07693"> + <topic>sudo -- privilege escalation vulnerability through host and chroot options</topic> + <affects> + <package> + <name>sudo</name> + <range><lt>1.9.17p1</lt></range> + </package> + <package> + <name>sudo-sssd</name> + <range><lt>1.9.17p1</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Todd C. Miller reports, crediting Rich Mirch from Stratascale Cyber Research Unit (CRU):</p> + <blockquote cite="https://www.sudo.ws/releases/stable/"> + <p>Sudo 1.9.17p1:</p> + <ul> + <li> + Fixed CVE-2025-32462. Sudo's -h (--host) option could be specified + when running a command or editing a file. This could enable a + local privilege escalation attack if the sudoers file allows the + user to run commands on a different host. For more information, + see Local Privilege Escalation via host option. + </li> + <li> + Fixed CVE-2025-32463. An attacker can leverage sudo's -R + (--chroot) option to run arbitrary commands as root, even if they + are not listed in the sudoers file. The chroot support has been + deprecated an will be removed entirely in a future release. For + more information, see Local Privilege Escalation via chroot + option. + </li> + </ul> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-32462</cvename> + <cvename>CVE-2025-32463</cvename> + <url>https://www.sudo.ws/releases/stable/</url> + <url>https://www.stratascale.com/vulnerability-alert-CVE-2025-32462-sudo-host</url> + <url>https://www.stratascale.com/vulnerability-alert-CVE-2025-32463-sudo-chroot</url> + </references> + <dates> + <discovery>2025-04-01</discovery> + <entry>2025-07-01</entry> + </dates> + </vuln> + + <vuln vid="8df49466-5664-11f0-943a-18c04d5ea3dc"> + <topic>xorg server -- Multiple vulnerabilities</topic> + <affects> + <package> + <name>xorg-server</name> + <name>xephyr</name> + <name>xorg-vfbserver</name> + <range><lt>21.1.18,1</lt></range> + </package> + <package> + <name>xorg-nextserver</name> + <range><lt>21.1.18,2</lt></range> + </package> + <package> + <name>xwayland</name> + <range><lt>24.1.8,1</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>The X.Org project reports:</p> + <blockquote cite="https://lists.x.org/archives/xorg-announce/2025-February/003584.html"> + <ul> + <li> + CVE-2025-49176: Integer overflow in Big Requests Extension + <p>The Big Requests extension allows requests larger than the 16-bit length + limit. + It uses integers for the request length and checks for the size not to + exceed the maxBigRequestSize limit, but does so after translating the + length to integer by multiplying the given size in bytes by 4. + In doing so, it might overflow the integer size limit before actually + checking for the overflow, defeating the purpose of the test.</p> + </li> + </ul> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-49176</cvename> + <url>https://lists.x.org/archives/xorg/2025-June/062055.html</url> + </references> + <dates> + <discovery>2025-06-17</discovery> + <entry>2025-07-01</entry> + </dates> + </vuln> + + <vuln vid="b14cabf7-5663-11f0-943a-18c04d5ea3dc"> + <topic>xorg server -- Multiple vulnerabilities</topic> + <affects> + <package> + <name>xorg-server</name> + <name>xephyr</name> + <name>xorg-vfbserver</name> + <range><lt>21.1.17,1</lt></range> + </package> + <package> + <name>xorg-nextserver</name> + <range><lt>21.1.17,2</lt></range> + </package> + <package> + <name>xwayland</name> + <range><lt>24.1.7,1</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>The X.Org project reports:</p> + <blockquote cite="https://lists.x.org/archives/xorg-announce/2025-February/003584.html"> + <ul> + <li> + CVE-2025-49175: Out-of-bounds access in X Rendering extension (Animated cursors) + <p>The X Rendering extension allows creating animated cursors providing a + list of cursors. + By default, the Xserver assumes at least one cursor is provided while a + client may actually pass no cursor at all, which causes an out-of-bound + read creating the animated cursor and a crash of the Xserver.</p> + </li> + <li> + CVE-2025-49177: Data leak in XFIXES Extension 6 (XFixesSetClientDisconnectMode) + + <p>The handler of XFixesSetClientDisconnectMode does not check the client + request length. + A client could send a shorter request and read data from a former + request.</p> + </li> + <li> + CVE-2025-49178: Unprocessed client request via bytes to ignore + + <p>When reading requests from the clients, the input buffer might be shared + and used between different clients. + If a given client sends a full request with non-zero bytes to ignore, + the bytes to ignore may still be non-zero even though the request is + full, in which case the buffer could be shared with another client who's + request will not be processed because of those bytes to ignore, leading + to a possible hang of the other client request.</p> + </li> + <li> + CVE-2025-49179: Integer overflow in X Record extension + + <p>The RecordSanityCheckRegisterClients() function in the X Record extension + implementation of the Xserver checks for the request length, but does not + check for integer overflow. + A client might send a very large value for either the number of clients + or the number of protocol ranges that will cause an integer overflow in + the request length computation, defeating the check for request length.</p> + </li> + <li> + CVE-2025-49180: Integer overflow in RandR extension (RRChangeProviderProperty) + + <p>A client might send a request causing an integer overflow when computing + the total size to allocate in RRChangeProviderProperty().</p> + </li> + </ul> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-49175</cvename> + <cvename>CVE-2025-49177</cvename> + <cvename>CVE-2025-49178</cvename> + <cvename>CVE-2025-49179</cvename> + <cvename>CVE-2025-49180</cvename> + <url>https://lists.x.org/archives/xorg/2025-June/062055.html</url> + </references> + <dates> + <discovery>2025-06-17</discovery> + <entry>2025-07-01</entry> + </dates> + </vuln> + <vuln vid="6b1b8989-55b0-11f0-ac64-589cfc10a551"> <topic>podman -- TLS connection used to pull VM images was not validated</topic> <affects> |