diff options
Diffstat (limited to 'security')
50 files changed, 452 insertions, 270 deletions
diff --git a/security/Makefile b/security/Makefile index d8b14da244aa..709e49a80ab7 100644 --- a/security/Makefile +++ b/security/Makefile @@ -1026,6 +1026,7 @@ SUBDIR += py-pyelliptic SUBDIR += py-pyhanko SUBDIR += py-pyhanko-certvalidator + SUBDIR += py-pyhanko-cli SUBDIR += py-pykeepass SUBDIR += py-pykeepass-cache SUBDIR += py-pylibacl diff --git a/security/aws-lc/Makefile b/security/aws-lc/Makefile index e72557e40eea..803ea2798817 100644 --- a/security/aws-lc/Makefile +++ b/security/aws-lc/Makefile @@ -1,5 +1,5 @@ PORTNAME= aws-lc -PORTVERSION= 1.52.1 +PORTVERSION= 1.53.1 DISTVERSIONPREFIX= v CATEGORIES= security diff --git a/security/aws-lc/distinfo b/security/aws-lc/distinfo index 489abb390a58..7e178c8c2194 100644 --- a/security/aws-lc/distinfo +++ b/security/aws-lc/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1748831216 -SHA256 (aws-aws-lc-v1.52.1_GH0.tar.gz) = fe552e3c3522f73afc3c30011745c431c633f7b4e25dcd7b38325f194a7b3b75 -SIZE (aws-aws-lc-v1.52.1_GH0.tar.gz) = 126954534 +TIMESTAMP = 1750954130 +SHA256 (aws-aws-lc-v1.53.1_GH0.tar.gz) = 74137613ea4e322600400fdc2e21c83f08f4c68d368ebe006eab264e4e685e01 +SIZE (aws-aws-lc-v1.53.1_GH0.tar.gz) = 127004586 diff --git a/security/boringssl/Makefile b/security/boringssl/Makefile index 27f7c73d1a2a..d72689f75660 100644 --- a/security/boringssl/Makefile +++ b/security/boringssl/Makefile @@ -1,5 +1,5 @@ PORTNAME= boringssl -PORTVERSION= 0.0.0.0.2025.06.05.01 +PORTVERSION= 0.0.0.0.2025.06.25.01 CATEGORIES= security EXTRACT_ONLY= ${GH_ACCOUNT}-${PORTNAME}-${PORTVERSION}-${GH_TAGNAME}_GH0.tar.gz @@ -19,7 +19,7 @@ CPE_VENDOR= google USE_GITHUB= yes GH_ACCOUNT= google -GH_TAGNAME= 5622da9 +GH_TAGNAME= 78b48c1 CMAKE_ARGS+= -DBUILD_SHARED_LIBS=1 CFLAGS_i386= -msse2 diff --git a/security/boringssl/distinfo b/security/boringssl/distinfo index c05036202f73..64e40c2a4f5f 100644 --- a/security/boringssl/distinfo +++ b/security/boringssl/distinfo @@ -1,4 +1,4 @@ -TIMESTAMP = 1749831968 +TIMESTAMP = 1750950234 SHA256 (filippo.io/edwards25519/@v/v1.1.0.zip) = 9ac43a686d06fdebd719f7af3866c87eb069302272dfb131007adf471c308b65 SIZE (filippo.io/edwards25519/@v/v1.1.0.zip) = 55809 SHA256 (filippo.io/edwards25519/@v/v1.1.0.mod) = 099556fc4d7e6f5cb135efdd8b6bb4c0932e38ea058c53fc5fa5ce285572fb61 @@ -11,5 +11,5 @@ SHA256 (golang.org/x/sys/@v/v0.32.0.zip) = 85d47075d21fd7ef35d9a47fc73f2356fb3cd SIZE (golang.org/x/sys/@v/v0.32.0.zip) = 1991164 SHA256 (golang.org/x/sys/@v/v0.32.0.mod) = f67e3e18f4c08e60a7e80726ab36b691fdcea5b81ae1c696ff64caf518bcfe3d SIZE (golang.org/x/sys/@v/v0.32.0.mod) = 35 -SHA256 (google-boringssl-0.0.0.0.2025.06.05.01-5622da9_GH0.tar.gz) = ae4f97f3adf33f578fc58bfa946e74f16cd1afec4bd213cc53d77c87be027c72 -SIZE (google-boringssl-0.0.0.0.2025.06.05.01-5622da9_GH0.tar.gz) = 46161255 +SHA256 (google-boringssl-0.0.0.0.2025.06.25.01-78b48c1_GH0.tar.gz) = 2cfaa5f01ecedb7d662d7b01cac6f2f5f873a52f694a44af69de9b8efcdb6e90 +SIZE (google-boringssl-0.0.0.0.2025.06.25.01-78b48c1_GH0.tar.gz) = 46168678 diff --git a/security/libssh/Makefile b/security/libssh/Makefile index ee1c50838791..be4f25adb218 100644 --- a/security/libssh/Makefile +++ b/security/libssh/Makefile @@ -1,5 +1,5 @@ PORTNAME= libssh -PORTVERSION= 0.11.1 +PORTVERSION= 0.11.2 CATEGORIES= security devel MASTER_SITES= https://www.libssh.org/files/${PORTVERSION:R}/ diff --git a/security/libssh/distinfo b/security/libssh/distinfo index 0e436ba6518b..a859147ae5e3 100644 --- a/security/libssh/distinfo +++ b/security/libssh/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1725559589 -SHA256 (libssh-0.11.1.tar.xz) = 14b7dcc72e91e08151c58b981a7b570ab2663f630e7d2837645d5a9c612c1b79 -SIZE (libssh-0.11.1.tar.xz) = 621108 +TIMESTAMP = 1750954132 +SHA256 (libssh-0.11.2.tar.xz) = 69529fc18f5b601f0baf0e5a4501a2bc26df5e2f116f5f8f07f19fafaa6d04e7 +SIZE (libssh-0.11.2.tar.xz) = 619428 diff --git a/security/libssh/pkg-plist b/security/libssh/pkg-plist index 0907bfdd05e4..4843dee1421d 100644 --- a/security/libssh/pkg-plist +++ b/security/libssh/pkg-plist @@ -13,5 +13,5 @@ lib/cmake/libssh/libssh-config.cmake %%STATIC%%lib/libssh.a lib/libssh.so lib/libssh.so.4 -lib/libssh.so.4.10.1 +lib/libssh.so.4.10.2 libdata/pkgconfig/libssh.pc diff --git a/security/netbird/Makefile b/security/netbird/Makefile index c5ddbbccf8b7..4c189fbd0f94 100644 --- a/security/netbird/Makefile +++ b/security/netbird/Makefile @@ -1,6 +1,6 @@ PORTNAME= netbird DISTVERSIONPREFIX= v -DISTVERSION= 0.47.2 +DISTVERSION= 0.49.0 CATEGORIES= security net net-vpn MAINTAINER= hakan.external@netbird.io @@ -16,15 +16,15 @@ NOT_FOR_ARCHS_REASON= "no 32-bit builds supported" RUN_DEPENDS= ca_root_nss>0:security/ca_root_nss USES= go:modules -USE_RC_SUBR= netbird +USE_RC_SUBR= ${PORTNAME} GO_MODULE= github.com/netbirdio/netbird -GO_TARGET= ./client:netbird +GO_TARGET= ./client:${PORTNAME} GO_BUILDFLAGS= -tags freebsd -o ${PORTNAME} -ldflags \ "-s -w -X github.com/netbirdio/netbird/version.version=${DISTVERSION}" -WRKSRC= ${WRKDIR}/netbird-${DISTVERSION} +WRKSRC= ${WRKDIR}/${PORTNAME}-${DISTVERSION} -PLIST_FILES= bin/netbird +PLIST_FILES= bin/${PORTNAME} .include <bsd.port.mk> diff --git a/security/netbird/distinfo b/security/netbird/distinfo index 76ba6e320c5e..0806cc6f24f0 100644 --- a/security/netbird/distinfo +++ b/security/netbird/distinfo @@ -1,5 +1,5 @@ -TIMESTAMP = 1749687672 -SHA256 (go/security_netbird/netbird-v0.47.2/v0.47.2.mod) = dd8e2b5f3ee570d2ef933101c6fb7bc5de05dae258f0c7ea7602e8db42238acb -SIZE (go/security_netbird/netbird-v0.47.2/v0.47.2.mod) = 12507 -SHA256 (go/security_netbird/netbird-v0.47.2/v0.47.2.zip) = 8671becd05ff5437daa98b34e76819cd0908c1a040f49a369c9e26ed8cc64831 -SIZE (go/security_netbird/netbird-v0.47.2/v0.47.2.zip) = 2917482 +TIMESTAMP = 1750840361 +SHA256 (go/security_netbird/netbird-v0.49.0/v0.49.0.mod) = dd8e2b5f3ee570d2ef933101c6fb7bc5de05dae258f0c7ea7602e8db42238acb +SIZE (go/security_netbird/netbird-v0.49.0/v0.49.0.mod) = 12507 +SHA256 (go/security_netbird/netbird-v0.49.0/v0.49.0.zip) = c1aa8b8749cdb1a471425ce5aac7d90e318e6f6280f51a8b72ca18ad241f7bfb +SIZE (go/security_netbird/netbird-v0.49.0/v0.49.0.zip) = 2921705 diff --git a/security/netbird/files/netbird.in b/security/netbird/files/netbird.in index a05f7f099ee0..ddd19f27cd52 100644 --- a/security/netbird/files/netbird.in +++ b/security/netbird/files/netbird.in @@ -16,8 +16,8 @@ # Default: 'info' # netbird_logfile (path): Path to the client log file. # Default: /var/log/netbird/client.log -# netbird_env (str): Extra environment variables for the daemon, in KEY=VALUE format. -# Default: 'IS_DAEMON=1' +# netbird_tun_dev (str): Name of the TUN device used by Netbird for its VPN tunnel. +# Default: wt0 # . /etc/rc.subr @@ -32,11 +32,33 @@ load_rc_config "$name" : ${netbird_socket:="/var/run/netbird.sock"} : ${netbird_loglevel:="info"} : ${netbird_logfile:="/var/log/netbird/client.log"} -: ${netbird_env:="IS_DAEMON=1"} +: ${netbird_tun_dev:="wt0"} pidfile="/var/run/${name}.pid" command="/usr/sbin/daemon" daemon_args="-P ${pidfile} -r -t \"${name}: daemon\"" command_args="${daemon_args} %%PREFIX%%/bin/netbird service run --config ${netbird_config} --log-level ${netbird_loglevel} --daemon-addr unix://${netbird_socket} --log-file ${netbird_logfile}" +start_precmd="${name}_start_precmd" +stop_postcmd="${name}_stop_postcmd" + +netbird_start_precmd() { + logger -s -t netbird "Starting ${name}." + # Check for orphaned netbird tunnel interface + # And if it exists, then destroy it + if /sbin/ifconfig ${netbird_tun_dev} >/dev/null 2>&1; then + if ! /sbin/ifconfig ${netbird_tun_dev} | fgrep -qw PID; then + logger -s -t netbird "Found orphaned tunnel interface ${netbird_tun_dev}, destroying" + /sbin/ifconfig ${netbird_tun_dev} destroy + fi + fi +} + +netbird_stop_postcmd() { + if /sbin/ifconfig ${netbird_tun_dev} >/dev/null 2>&1; then + logger -s -t netbird "Destroying tunnel interface ${netbird_tun_dev}" + /sbin/ifconfig ${netbird_tun_dev} destroy || \ + logger -s -t netbird "Failed to destroy interface ${netbird_tun_dev}" + fi +} run_rc_command "$1" diff --git a/security/openvpn-devel/Makefile b/security/openvpn-devel/Makefile index 0390cc0542f7..d41e0dba4a73 100644 --- a/security/openvpn-devel/Makefile +++ b/security/openvpn-devel/Makefile @@ -1,5 +1,5 @@ PORTNAME= openvpn -DISTVERSION= g20250402 +DISTVERSION= g20250629 PORTREVISION= 0 # leave in even if 0 to avoid accidental PORTEPOCH bumps PORTEPOCH= 1 CATEGORIES= security net net-vpn @@ -21,7 +21,7 @@ LIB_DEPENDS+= liblzo2.so:archivers/lzo2 USES= autoreconf cpe libtool pkgconfig python:build shebangfix tar:xz IGNORE_SSL= libressl libressl-devel USE_GITLAB= yes -GL_TAGNAME= b75849ba36433331227ff66430ea06423fab8148 +GL_TAGNAME= df4863aa0e43544ea82ab9d98966a03a95c62334 USE_RC_SUBR= openvpn SHEBANG_FILES= sample/sample-scripts/auth-pam.pl \ @@ -137,8 +137,6 @@ post-build: post-install: ${STRIP_CMD} ${STAGEDIR}${PREFIX}/lib/openvpn/plugins/openvpn-plugin-auth-pam.so ${STRIP_CMD} ${STAGEDIR}${PREFIX}/lib/openvpn/plugins/openvpn-plugin-down-root.so - ${INSTALL_SCRIPT} ${WRKSRC}/contrib/pull-resolv-conf/client.up ${STAGEDIR}${PREFIX}/libexec/openvpn-client.up - ${INSTALL_SCRIPT} ${WRKSRC}/contrib/pull-resolv-conf/client.down ${STAGEDIR}${PREFIX}/libexec/openvpn-client.down ${INSTALL_SCRIPT} ${WRKDIR}/openvpn-client ${STAGEDIR}${PREFIX}/sbin/openvpn-client ${MKDIR} ${STAGEDIR}${PREFIX}/include diff --git a/security/openvpn-devel/distinfo b/security/openvpn-devel/distinfo index f00b4905ceee..415d52c355ea 100644 --- a/security/openvpn-devel/distinfo +++ b/security/openvpn-devel/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1743619255 -SHA256 (openvpn-openvpn-b75849ba36433331227ff66430ea06423fab8148_GL0.tar.gz) = 402e312f3d6be0a881ae068e3a52b96dece7d49cdddb0fd876ea7f06e4cff5dd -SIZE (openvpn-openvpn-b75849ba36433331227ff66430ea06423fab8148_GL0.tar.gz) = 1292100 +TIMESTAMP = 1751182633 +SHA256 (openvpn-openvpn-df4863aa0e43544ea82ab9d98966a03a95c62334_GL0.tar.gz) = a1f756efc7aba2fdb79231a9eede327ce4242a777c88e7eaad3cb11d9197157c +SIZE (openvpn-openvpn-df4863aa0e43544ea82ab9d98966a03a95c62334_GL0.tar.gz) = 1319214 diff --git a/security/openvpn-devel/files/openvpn-client.in b/security/openvpn-devel/files/openvpn-client.in index 471757811795..20f806fd7a9c 100644 --- a/security/openvpn-devel/files/openvpn-client.in +++ b/security/openvpn-devel/files/openvpn-client.in @@ -1,6 +1,5 @@ #!/bin/sh -exec %%PREFIX%%/sbin/openvpn --script-security 2 \ - --up %%PREFIX%%/libexec/openvpn-client.up \ - --plugin openvpn-plugin-down-root.so %%PREFIX%%/libexec/openvpn-client.down \ +exec %%PREFIX%%/sbin/openvpn \ + --dns-updown force \ --config "$@" diff --git a/security/openvpn-devel/pkg-descr b/security/openvpn-devel/pkg-descr index f8b73ab4bde0..8f49325a652c 100644 --- a/security/openvpn-devel/pkg-descr +++ b/security/openvpn-devel/pkg-descr @@ -4,8 +4,8 @@ using an encrypted tunnel over the internet. It can operate over UDP or TCP, can use SSL or a pre-shared secret to authenticate peers, and in SSL mode, one server can handle many clients. -This development port is updated frequently and is likely NOT STABLE. This is -an untested tar of the source tree. We attempt to omit inoperable states, but -there is a good chance this program will not run. +This development port is updated frequently and is much less well tested +than the formal releases, and functionality and APIs may change without +warning. -DO NOT USE IN PRODUCTION WITHOUT CAUTION +DO NOT USE IN PRODUCTION WITHOUT PRIOR TESTING FOR YOUR USE CASE. diff --git a/security/openvpn-devel/pkg-plist b/security/openvpn-devel/pkg-plist index 0f61a65b38a2..c21f84811403 100644 --- a/security/openvpn-devel/pkg-plist +++ b/security/openvpn-devel/pkg-plist @@ -5,6 +5,5 @@ lib/openvpn/plugins/openvpn-plugin-down-root.so share/man/man5/openvpn-examples.5.gz share/man/man8/openvpn.8.gz sbin/openvpn -libexec/openvpn-client.down -libexec/openvpn-client.up sbin/openvpn-client +libexec/openvpn/dns-updown diff --git a/security/p5-Module-Signature/Makefile b/security/p5-Module-Signature/Makefile index c6e3ec9b51ee..e541ff9555b5 100644 --- a/security/p5-Module-Signature/Makefile +++ b/security/p5-Module-Signature/Makefile @@ -1,5 +1,6 @@ PORTNAME= Module-Signature -PORTVERSION= 0.90 +PORTVERSION= 0.93 +PORTREVISION= 1 CATEGORIES= security perl5 MASTER_SITES= CPAN PKGNAMEPREFIX= p5- @@ -10,8 +11,6 @@ WWW= https://metacpan.org/release/Module-Signature LICENSE= CC0-1.0 -BUILD_DEPENDS= ${RUN_DEPENDS} -RUN_DEPENDS= p5-PAR-Dist>=0:devel/p5-PAR-Dist TEST_DEPENDS= p5-IPC-Run>=0:devel/p5-IPC-Run USES= perl5 @@ -20,14 +19,15 @@ USE_PERL5= configure CONFIGURE_ENV= PERL_MM_USE_DEFAULT="yes" NO_ARCH= yes -OPTIONS_DEFAULT= GPG2 -OPTIONS_MULTI= GPG +OPTIONS_MULTI= GPG OPTIONS_MULTI_GPG= GPG1 GPG2 - +OPTIONS_DEFAULT=GPG2 GPG1_DESC= Use GnuPG version 1 GPG2_DESC= Use GnuPG version 2 -GPG1_RUN_DEPENDS= gpgv:security/gnupg1 -GPG2_RUN_DEPENDS= gpgv2:security/gnupg +GPG1_BUILD_DEPENDS= gpg:security/gnupg1 +GPG1_RUN_DEPENDS= gpg:security/gnupg1 +GPG2_BUILD_DEPENDS= gpg2:security/gnupg +GPG2_RUN_DEPENDS= gpg2:security/gnupg .include <bsd.port.mk> diff --git a/security/p5-Module-Signature/distinfo b/security/p5-Module-Signature/distinfo index ac6c709ca38c..aa280e7a3c81 100644 --- a/security/p5-Module-Signature/distinfo +++ b/security/p5-Module-Signature/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1750183710 -SHA256 (Module-Signature-0.90.tar.gz) = ee641ecec4528f5621173e41765344f906a08d7e8a45492a2bd808e5295dc191 -SIZE (Module-Signature-0.90.tar.gz) = 101990 +TIMESTAMP = 1751184071 +SHA256 (Module-Signature-0.93.tar.gz) = d0b128ec34152540f05187b8412808ed3661aa57e81c1cf959d06c35295b1f3a +SIZE (Module-Signature-0.93.tar.gz) = 92260 diff --git a/security/pear-Crypt_Blowfish/Makefile b/security/pear-Crypt_Blowfish/Makefile index e923c60701a7..190490166d09 100644 --- a/security/pear-Crypt_Blowfish/Makefile +++ b/security/pear-Crypt_Blowfish/Makefile @@ -6,6 +6,8 @@ MAINTAINER= sunpoet@FreeBSD.org COMMENT= PEAR class for blowfish encryption WWW= https://pear.php.net/package/Crypt_Blowfish +LICENSE= BSD3CLAUSE + USES= pear OPTIONS_DEFINE= MCRYPT @@ -14,15 +16,4 @@ MCRYPT_DESC= Additional MCrypt PHP support MCRYPT_USES= php MCRYPT_USE= PHP=mcrypt -pre-fetch: - @${ECHO_CMD} "" - @${ECHO_CMD} "You may set envirtonment variable WITH_PHP_MCRYPT to include" - @${ECHO_CMD} "additional MCrypt PHP support" - @${ECHO_CMD} "" - -post-patch: -.for file in ${FILES} - @${REINPLACE_CMD} -e "s|@package_version@|${PORTVERSION}|" ${WRKSRC}/${file} -.endfor - .include <bsd.port.mk> diff --git a/security/py-azure-keyvault-certificates/Makefile b/security/py-azure-keyvault-certificates/Makefile index 7ec5c23f6901..b81913edb19a 100644 --- a/security/py-azure-keyvault-certificates/Makefile +++ b/security/py-azure-keyvault-certificates/Makefile @@ -1,25 +1,25 @@ PORTNAME= azure-keyvault-certificates -PORTVERSION= 4.7.0 -PORTREVISION= 1 +PORTVERSION= 4.10.0 CATEGORIES= security python MASTER_SITES= PYPI PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} +DISTNAME= azure_keyvault_certificates-${PORTVERSION} MAINTAINER= sunpoet@FreeBSD.org -COMMENT= Microsoft Azure Key Vault Certificates Client Library for Python -WWW= https://github.com/Azure/azure-sdk-for-python/tree/master/sdk/keyvault/azure-keyvault-certificates +COMMENT= Microsoft Corporation Key Vault Certificates Client Library for Python +WWW= https://github.com/Azure/azure-sdk-for-python/tree/main/sdk/keyvault/azure-keyvault-certificates \ + https://github.com/Azure/azure-sdk-for-python LICENSE= MIT LICENSE_FILE= ${WRKSRC}/LICENSE BUILD_DEPENDS= ${PYTHON_PKGNAMEPREFIX}setuptools>=0:devel/py-setuptools@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}wheel>=0:devel/py-wheel@${PY_FLAVOR} -RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}azure-common>=1.1<2:www/py-azure-common@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}azure-core>=1.24.0<2.0.0:devel/py-azure-core@${PY_FLAVOR} \ +RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}azure-core>=1.31.0:devel/py-azure-core@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}isodate>=0.6.1:devel/py-isodate@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}typing-extensions>=4.0.1:devel/py-typing-extensions@${PY_FLAVOR} + ${PYTHON_PKGNAMEPREFIX}typing-extensions>=4.6.0:devel/py-typing-extensions@${PY_FLAVOR} -USES= python zip +USES= python USE_PYTHON= autoplist concurrent pep517 NO_ARCH= yes diff --git a/security/py-azure-keyvault-certificates/distinfo b/security/py-azure-keyvault-certificates/distinfo index ba3b5cd1785b..f9571dee5fd8 100644 --- a/security/py-azure-keyvault-certificates/distinfo +++ b/security/py-azure-keyvault-certificates/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1684104534 -SHA256 (azure-keyvault-certificates-4.7.0.zip) = 9e47d9a74825e502b13d5481c99c182040c4f54723f43371e00859436dfcf3ca -SIZE (azure-keyvault-certificates-4.7.0.zip) = 533075 +TIMESTAMP = 1750954224 +SHA256 (azure_keyvault_certificates-4.10.0.tar.gz) = 004ff47a73152f9f40f678e5a07719b753a3ca86f0460bfeaaf6a23304872e05 +SIZE (azure_keyvault_certificates-4.10.0.tar.gz) = 179157 diff --git a/security/py-azure-keyvault-keys/Makefile b/security/py-azure-keyvault-keys/Makefile index dd12c32c1246..e61774379aad 100644 --- a/security/py-azure-keyvault-keys/Makefile +++ b/security/py-azure-keyvault-keys/Makefile @@ -1,23 +1,23 @@ PORTNAME= azure-keyvault-keys -DISTVERSION= 4.9.0b3 -PORTREVISION= 1 +PORTVERSION= 4.11.0 CATEGORIES= security python MASTER_SITES= PYPI PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} +DISTNAME= azure_keyvault_keys-${PORTVERSION} MAINTAINER= sunpoet@FreeBSD.org -COMMENT= Microsoft Azure Key Vault Keys Client Library for Python -WWW= https://github.com/Azure/azure-sdk-for-python/tree/master/sdk/keyvault/azure-keyvault-keys +COMMENT= Microsoft Corporation Key Vault Keys Client Library for Python +WWW= https://github.com/Azure/azure-sdk-for-python/tree/main/sdk/keyvault/azure-keyvault-keys \ + https://github.com/Azure/azure-sdk-for-python LICENSE= MIT LICENSE_FILE= ${WRKSRC}/LICENSE BUILD_DEPENDS= ${PYTHON_PKGNAMEPREFIX}setuptools>=0:devel/py-setuptools@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}wheel>=0:devel/py-wheel@${PY_FLAVOR} -RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}azure-common>=1.1<2:www/py-azure-common@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}azure-core>=1.24.0<2.0.0:devel/py-azure-core@${PY_FLAVOR} \ +RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}azure-core>=1.31.0:devel/py-azure-core@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}isodate>=0.6.1:devel/py-isodate@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}typing-extensions>=4.0.1:devel/py-typing-extensions@${PY_FLAVOR} + ${PYTHON_PKGNAMEPREFIX}typing-extensions>=4.6.0:devel/py-typing-extensions@${PY_FLAVOR} USES= python USE_PYTHON= autoplist concurrent cryptography pep517 diff --git a/security/py-azure-keyvault-keys/distinfo b/security/py-azure-keyvault-keys/distinfo index 100f3be7b3a2..320151e4a28e 100644 --- a/security/py-azure-keyvault-keys/distinfo +++ b/security/py-azure-keyvault-keys/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1703613175 -SHA256 (azure-keyvault-keys-4.9.0b3.tar.gz) = aa8b1ec9fe96a81106f2f3dcd61175ecae3a01693c05af15f4a45e77894e946a -SIZE (azure-keyvault-keys-4.9.0b3.tar.gz) = 208992 +TIMESTAMP = 1750954226 +SHA256 (azure_keyvault_keys-4.11.0.tar.gz) = f257b1917a2c3a88983e3f5675a6419449eb262318888d5b51e1cb3bed79779a +SIZE (azure_keyvault_keys-4.11.0.tar.gz) = 241309 diff --git a/security/py-azure-keyvault-secrets/Makefile b/security/py-azure-keyvault-secrets/Makefile index 8c9a5663efad..8cd59145449b 100644 --- a/security/py-azure-keyvault-secrets/Makefile +++ b/security/py-azure-keyvault-secrets/Makefile @@ -1,25 +1,25 @@ PORTNAME= azure-keyvault-secrets -PORTVERSION= 4.7.0 -PORTREVISION= 1 +PORTVERSION= 4.10.0 CATEGORIES= security python MASTER_SITES= PYPI PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} +DISTNAME= azure_keyvault_secrets-${PORTVERSION} MAINTAINER= sunpoet@FreeBSD.org -COMMENT= Microsoft Azure Key Vault Secrets Client Library for Python -WWW= https://github.com/Azure/azure-sdk-for-python/tree/master/sdk/keyvault/azure-keyvault-secrets +COMMENT= Microsoft Corporation Key Vault Secrets Client Library for Python +WWW= https://github.com/Azure/azure-sdk-for-python/tree/master/sdk/keyvault/azure-keyvault-secrets \ + https://github.com/Azure/azure-sdk-for-python LICENSE= MIT LICENSE_FILE= ${WRKSRC}/LICENSE BUILD_DEPENDS= ${PYTHON_PKGNAMEPREFIX}setuptools>=0:devel/py-setuptools@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}wheel>=0:devel/py-wheel@${PY_FLAVOR} -RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}azure-common>=1.1<2:www/py-azure-common@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}azure-core>=1.24.0<2.0.0:devel/py-azure-core@${PY_FLAVOR} \ +RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}azure-core>=1.31.0:devel/py-azure-core@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}isodate>=0.6.1:devel/py-isodate@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}typing-extensions>=4.0.1:devel/py-typing-extensions@${PY_FLAVOR} + ${PYTHON_PKGNAMEPREFIX}typing-extensions>=4.6.0:devel/py-typing-extensions@${PY_FLAVOR} -USES= python zip +USES= python USE_PYTHON= autoplist concurrent pep517 NO_ARCH= yes diff --git a/security/py-azure-keyvault-secrets/distinfo b/security/py-azure-keyvault-secrets/distinfo index a67ee0b35290..2f539c5a74c5 100644 --- a/security/py-azure-keyvault-secrets/distinfo +++ b/security/py-azure-keyvault-secrets/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1684104538 -SHA256 (azure-keyvault-secrets-4.7.0.zip) = 77ee2534ba651a1f306c85d7b505bc3ccee8fea77450ebafafc26aec16e5445d -SIZE (azure-keyvault-secrets-4.7.0.zip) = 423956 +TIMESTAMP = 1750954228 +SHA256 (azure_keyvault_secrets-4.10.0.tar.gz) = 666fa42892f9cee749563e551a90f060435ab878977c95265173a8246d546a36 +SIZE (azure_keyvault_secrets-4.10.0.tar.gz) = 129695 diff --git a/security/py-certifi/Makefile b/security/py-certifi/Makefile index c1a72415dd68..b4ae106315be 100644 --- a/security/py-certifi/Makefile +++ b/security/py-certifi/Makefile @@ -1,5 +1,5 @@ PORTNAME= certifi -PORTVERSION= 2025.4.26 +PORTVERSION= 2025.6.15 CATEGORIES= security python MASTER_SITES= PYPI PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} @@ -10,7 +10,7 @@ WWW= https://github.com/certifi/python-certifi LICENSE= MPL20 -BUILD_DEPENDS= ${PYTHON_PKGNAMEPREFIX}setuptools>=0:devel/py-setuptools@${PY_FLAVOR} \ +BUILD_DEPENDS= ${PYTHON_PKGNAMEPREFIX}setuptools>=42.0.0:devel/py-setuptools@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}wheel>=0:devel/py-wheel@${PY_FLAVOR} USES= python diff --git a/security/py-certifi/distinfo b/security/py-certifi/distinfo index 7bdf8d62e8ce..fe596debd52b 100644 --- a/security/py-certifi/distinfo +++ b/security/py-certifi/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1745936214 -SHA256 (certifi-2025.4.26.tar.gz) = 0a816057ea3cdefcef70270d2c515e4506bbc954f417fa5ade2021213bb8f0c6 -SIZE (certifi-2025.4.26.tar.gz) = 160705 +TIMESTAMP = 1750188134 +SHA256 (certifi-2025.6.15.tar.gz) = d747aa5a8b9bbbb1bb8c22bb13e22bd1f18e9796defa16bab421f7f7a317323b +SIZE (certifi-2025.6.15.tar.gz) = 158753 diff --git a/security/py-oauthlib/Makefile b/security/py-oauthlib/Makefile index 95d3f5969326..d69518929cc8 100644 --- a/security/py-oauthlib/Makefile +++ b/security/py-oauthlib/Makefile @@ -1,6 +1,5 @@ PORTNAME= oauthlib -PORTVERSION= 3.2.2 -PORTREVISION= 1 +PORTVERSION= 3.3.1 CATEGORIES= security net python MASTER_SITES= PYPI PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} diff --git a/security/py-oauthlib/distinfo b/security/py-oauthlib/distinfo index d4594dac0d20..b7fa2c21e72e 100644 --- a/security/py-oauthlib/distinfo +++ b/security/py-oauthlib/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1669057955 -SHA256 (oauthlib-3.2.2.tar.gz) = 9859c40929662bec5d64f34d01c99e093149682a3f38915dc0655d5a633dd918 -SIZE (oauthlib-3.2.2.tar.gz) = 177352 +TIMESTAMP = 1750954230 +SHA256 (oauthlib-3.3.1.tar.gz) = 0f0f8aa759826a193cf66c12ea1af1637f87b9b4622d46e866952bb022e538c9 +SIZE (oauthlib-3.3.1.tar.gz) = 185918 diff --git a/security/py-pyhanko-cli/Makefile b/security/py-pyhanko-cli/Makefile new file mode 100644 index 000000000000..9072a46e37ba --- /dev/null +++ b/security/py-pyhanko-cli/Makefile @@ -0,0 +1,29 @@ +PORTNAME= pyhanko-cli +DISTNAME= pyhanko_cli-${PORTVERSION} +PORTVERSION= 0.1.2 +CATEGORIES= security python +MASTER_SITES= PYPI +PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} + +MAINTAINER= sunpoet@FreeBSD.org +COMMENT= CLI tools for stamping and signing PDF files +WWW= https://pyhanko.readthedocs.io/en/latest/cli-guide/ \ + https://github.com/MatthiasValvekens/pyHanko + +LICENSE= MIT +LICENSE_FILE= ${WRKSRC}/LICENSE + +BUILD_DEPENDS= ${PYTHON_PKGNAMEPREFIX}setuptools>=61:devel/py-setuptools@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}wheel>=0:devel/py-wheel@${PY_FLAVOR} +RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}asn1crypto>=1.5.1:devel/py-asn1crypto@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}click>=8.1.3:devel/py-click@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}pyhanko>=0.29.1<0.30:security/py-pyhanko@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}pyhanko-certvalidator>=0.27.0<0.28:security/py-pyhanko-certvalidator@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}tzlocal>=4.3:devel/py-tzlocal@${PY_FLAVOR} + +USES= python +USE_PYTHON= autoplist concurrent pep517 + +NO_ARCH= yes + +.include <bsd.port.mk> diff --git a/security/py-pyhanko-cli/distinfo b/security/py-pyhanko-cli/distinfo new file mode 100644 index 000000000000..531fc9827b55 --- /dev/null +++ b/security/py-pyhanko-cli/distinfo @@ -0,0 +1,3 @@ +TIMESTAMP = 1750954096 +SHA256 (pyhanko_cli-0.1.2.tar.gz) = 932c09c46a07ff070db6afc3b1475d3a61cb489ea4b0a0a3be84c70db2c41e6e +SIZE (pyhanko_cli-0.1.2.tar.gz) = 27304 diff --git a/security/py-pyhanko-cli/files/patch-pyproject.toml b/security/py-pyhanko-cli/files/patch-pyproject.toml new file mode 100644 index 000000000000..975a0994ebe7 --- /dev/null +++ b/security/py-pyhanko-cli/files/patch-pyproject.toml @@ -0,0 +1,19 @@ +--- pyproject.toml.orig 2025-06-20 20:47:42 UTC ++++ pyproject.toml +@@ -1,5 +1,5 @@ + [build-system] +-requires = ["setuptools>=80.8.0"] ++requires = ["setuptools>=61"] + build-backend = "setuptools.build_meta" + + [project] +@@ -7,8 +7,7 @@ maintainers = [{name = "Matthias Valvekens", email = " + description = "CLI tools for stamping and signing PDF files" + authors = [{name = "Matthias Valvekens", email = "dev@mvalvekens.be"}] + maintainers = [{name = "Matthias Valvekens", email = "dev@mvalvekens.be"}] +-license = "MIT" +-license-files = ["LICENSE"] ++license = {text = "MIT"} + keywords = [ + "signature", + "pdf", diff --git a/security/py-pyhanko-cli/pkg-descr b/security/py-pyhanko-cli/pkg-descr new file mode 100644 index 000000000000..79ee1fdf337a --- /dev/null +++ b/security/py-pyhanko-cli/pkg-descr @@ -0,0 +1,2 @@ +The lack of open-source CLI tooling to handle digitally signing and stamping PDF +files was bothering me, so I went ahead and rolled my own. diff --git a/security/py-pyhanko/Makefile b/security/py-pyhanko/Makefile index 4c33e36d7851..d2474bde825d 100644 --- a/security/py-pyhanko/Makefile +++ b/security/py-pyhanko/Makefile @@ -1,5 +1,5 @@ PORTNAME= pyhanko -PORTVERSION= 0.29.0 +PORTVERSION= 0.29.1 CATEGORIES= security python MASTER_SITES= PYPI \ https://github.com/MatthiasValvekens/pyHanko/releases/download/v${PORTVERSION}/ @@ -37,13 +37,13 @@ OPENTYPE_DESC= OpenType/TrueType support PKGCS11_DESC= PKGCS\#11 support XMP_DESC= XMP (Extensible Metadata Platform) support -ASYNC_HTTP_RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}aiohttp>=3.9.0<3.12:www/py-aiohttp@${PY_FLAVOR} +ASYNC_HTTP_RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}aiohttp>=3.9<3.13:www/py-aiohttp@${PY_FLAVOR} ETSI_RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}xsdata>=24.4<26.0:devel/py-xsdata@${PY_FLAVOR} IMAGE_SUPPORT_RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}pillow>=7.2.0:graphics/py-pillow@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}python-barcode>=0.15.1<0.15.1_99:graphics/py-python-barcode@${PY_FLAVOR} OPENTYPE_RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}fonttools>=4.33.3:print/py-fonttools@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}uharfbuzz>=0.25.0<0.51.0:print/py-uharfbuzz@${PY_FLAVOR} -PKGCS11_RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}python-pkcs11>=0.7.0<0.8:security/py-python-pkcs11@${PY_FLAVOR} +PKGCS11_RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}python-pkcs11>=0.8.0<0.9:security/py-python-pkcs11@${PY_FLAVOR} XMP_RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}defusedxml>=0.7.1<0.8:devel/py-defusedxml@${PY_FLAVOR} .include <bsd.port.mk> diff --git a/security/py-pyhanko/distinfo b/security/py-pyhanko/distinfo index 50a4af4fe76b..8f219ecc7a0c 100644 --- a/security/py-pyhanko/distinfo +++ b/security/py-pyhanko/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1748495853 -SHA256 (pyhanko-0.29.0.tar.gz) = d4b7b83c51126c430fdd84bbee3399c1826b4c982b3a044644f610396f4e92e5 -SIZE (pyhanko-0.29.0.tar.gz) = 366660 +TIMESTAMP = 1750954232 +SHA256 (pyhanko-0.29.1.tar.gz) = 4b7787fc9ff325012ce85f24b67c13b1c9507991e2570c955b23522e3a2dc3b6 +SIZE (pyhanko-0.29.1.tar.gz) = 366860 diff --git a/security/py-pyhanko/pkg-descr b/security/py-pyhanko/pkg-descr index 2409be54cf91..6f865970a84b 100644 --- a/security/py-pyhanko/pkg-descr +++ b/security/py-pyhanko/pkg-descr @@ -1,5 +1,4 @@ -The lack of open-source CLI tooling to handle digitally signing and stamping PDF -files was bothering me, so I went ahead and rolled my own. +pyhanko is a library for working with signatures in PDF documents. -Note: The working title of this project (and former name of the repository on -GitHub) was pdf-stamp, which might still linger in some references. +pyHanko's CLI is no longer bundled together with the library. This functionality +is now distributed separately as pyhanko-cli. diff --git a/security/py-python-pkcs11/Makefile b/security/py-python-pkcs11/Makefile index de79ce0ba106..b632077457e1 100644 --- a/security/py-python-pkcs11/Makefile +++ b/security/py-python-pkcs11/Makefile @@ -1,23 +1,28 @@ PORTNAME= python-pkcs11 -PORTVERSION= 0.7.0 -PORTREVISION= 1 +PORTVERSION= 0.8.1 CATEGORIES= security python -MASTER_SITES= PYPI +MASTER_SITES= PYPI \ + https://github.com/pyauth/python-pkcs11/releases/download/v${PORTVERSION}/ PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} +DISTNAME= python_pkcs11-${PORTVERSION} MAINTAINER= sunpoet@FreeBSD.org COMMENT= PKCS\#11 (Cryptoki) support for Python -WWW= https://github.com/danni/python-pkcs11 +WWW= https://python-pkcs11.readthedocs.io/en/latest/ \ + https://github.com/danni/python-pkcs11 LICENSE= MIT +LICENSE_FILE= ${WRKSRC}/LICENSE BUILD_DEPENDS= ${PYTHON_PKGNAMEPREFIX}setuptools>=0:devel/py-setuptools@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}setuptools-scm>=0:devel/py-setuptools-scm@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}wheel>=0:devel/py-wheel@${PY_FLAVOR} -RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}asn1crypto>=0:devel/py-asn1crypto@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}cached-property>=0:devel/py-cached-property@${PY_FLAVOR} +RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}asn1crypto>=0:devel/py-asn1crypto@${PY_FLAVOR} USES= python -USE_PYTHON= autoplist concurrent cython pep517 +USE_PYTHON= autoplist concurrent cython3 pep517 + +post-install: + ${FIND} ${STAGEDIR}${PYTHON_SITELIBDIR} -name '*.so' -exec ${STRIP_CMD} {} + .include <bsd.port.mk> diff --git a/security/py-python-pkcs11/distinfo b/security/py-python-pkcs11/distinfo index 264683b9b975..c0a5f4aad13a 100644 --- a/security/py-python-pkcs11/distinfo +++ b/security/py-python-pkcs11/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1607539627 -SHA256 (python-pkcs11-0.7.0.tar.gz) = 9737e0c24cabb8bc9d48bf8c57c3df2a70f8cdd96b70c50290803286f9e46bf7 -SIZE (python-pkcs11-0.7.0.tar.gz) = 106517 +TIMESTAMP = 1750954234 +SHA256 (python_pkcs11-0.8.1.tar.gz) = f9e11df146ce2e6359aeb81fa84c2dd7ab9719f707cdae06ceae22d9e6a10818 +SIZE (python_pkcs11-0.8.1.tar.gz) = 156019 diff --git a/security/py-python-pkcs11/files/patch-pyproject.toml b/security/py-python-pkcs11/files/patch-pyproject.toml new file mode 100644 index 000000000000..df5030c3b30f --- /dev/null +++ b/security/py-python-pkcs11/files/patch-pyproject.toml @@ -0,0 +1,39 @@ +Revert: https://github.com/pyauth/python-pkcs11/commit/d45957fd94abfd01b47cbf6a5b96862cf542dfbb + +--- pyproject.toml.orig 2025-06-22 05:22:53 UTC ++++ pyproject.toml +@@ -1,5 +1,5 @@ + [build-system] +-requires = ["setuptools>=80.8", "cython", "setuptools-scm>=8.3.1"] ++requires = ["setuptools>=61", "cython", "setuptools-scm>=8"] + build-backend = "setuptools.build_meta" + + [project] +@@ -24,7 +24,7 @@ dependencies = ["asn1crypto>=1.5.1"] + "Topic :: Security :: Cryptography", + ] + dependencies = ["asn1crypto>=1.5.1"] +-license = "MIT" ++license = {text = "MIT"} + requires-python = ">=3.9" + dynamic = ["version"] + +@@ -49,11 +49,6 @@ combine-as-imports = true + + [tool.ruff.lint.isort] + combine-as-imports = true +- +-[tool.setuptools] +-ext-modules = [ +- {name = "pkcs11._pkcs11", sources = ["pkcs11/_pkcs11.pyx"]} +-] + + [tool.cibuildwheel.linux] + archs = ["auto64"] +@@ -96,4 +91,4 @@ dev = [ + { include-group = "release" }, + ] + +-[tool.setuptools_scm] +\ No newline at end of file ++[tool.setuptools_scm] diff --git a/security/py-python-pkcs11/files/patch-setup.py b/security/py-python-pkcs11/files/patch-setup.py new file mode 100644 index 000000000000..83b827201bbe --- /dev/null +++ b/security/py-python-pkcs11/files/patch-setup.py @@ -0,0 +1,31 @@ +Revert: https://github.com/pyauth/python-pkcs11/commit/d45957fd94abfd01b47cbf6a5b96862cf542dfbb + +--- setup.py.orig 2025-06-27 14:01:42 UTC ++++ setup.py +@@ -0,0 +1,26 @@ ++# Add cython extension module to build configuration. ++# ++# See also: https://setuptools.pypa.io/en/latest/userguide/ext_modules.html ++ ++import platform ++ ++from setuptools import Extension, setup ++ ++libraries = [] ++ ++# if compiling using MSVC, we need to link against user32 library ++if platform.system() == "Windows": ++ libraries.append("user32") ++ ++ ++setup( ++ ext_modules=[ ++ Extension( ++ name="pkcs11._pkcs11", ++ sources=[ ++ "pkcs11/_pkcs11.pyx", ++ ], ++ libraries=libraries, ++ ), ++ ], ++) diff --git a/security/py-wassima/Makefile b/security/py-wassima/Makefile index 6d66fa3c8092..c6aabb6eb0f3 100644 --- a/security/py-wassima/Makefile +++ b/security/py-wassima/Makefile @@ -1,6 +1,5 @@ PORTNAME= wassima -PORTVERSION= 1.2.2 -PORTREVISION= 2 +PORTVERSION= 2.0.0 CATEGORIES= security python MASTER_SITES= PYPI \ https://github.com/jawah/wassima/releases/download/${PORTVERSION}/ @@ -14,13 +13,11 @@ WWW= https://github.com/jawah/wassima LICENSE= MIT LICENSE_FILE= ${WRKSRC}/LICENSE -BUILD_DEPENDS= ${PYTHON_PKGNAMEPREFIX}maturin>=1.7<2:devel/py-maturin@${PY_FLAVOR} -RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}certifi>=0:security/py-certifi@${PY_FLAVOR} +BUILD_DEPENDS= ${PYTHON_PKGNAMEPREFIX}hatchling>=1.6.0<2:devel/py-hatchling@${PY_FLAVOR} -USES= cargo python +USES= python USE_PYTHON= autoplist concurrent pep517 -CARGO_BUILD= no -CARGO_INSTALL= no +NO_ARCH= yes .include <bsd.port.mk> diff --git a/security/py-wassima/Makefile.crates b/security/py-wassima/Makefile.crates deleted file mode 100644 index ceed7e42128e..000000000000 --- a/security/py-wassima/Makefile.crates +++ /dev/null @@ -1,41 +0,0 @@ -CARGO_CRATES= autocfg-1.4.0 \ - bitflags-2.9.0 \ - cc-1.2.16 \ - cfg-if-1.0.0 \ - core-foundation-0.10.0 \ - core-foundation-sys-0.8.7 \ - heck-0.5.0 \ - indoc-2.0.6 \ - libc-0.2.170 \ - memoffset-0.9.1 \ - once_cell-1.20.3 \ - openssl-probe-0.1.6 \ - portable-atomic-1.11.0 \ - proc-macro2-1.0.94 \ - pyo3-0.23.5 \ - pyo3-build-config-0.23.5 \ - pyo3-ffi-0.23.5 \ - pyo3-macros-0.23.5 \ - pyo3-macros-backend-0.23.5 \ - python3-dll-a-0.2.13 \ - quote-1.0.39 \ - rustls-native-certs-0.8.1 \ - rustls-pki-types-1.11.0 \ - schannel-0.1.27 \ - security-framework-3.2.0 \ - security-framework-sys-2.14.0 \ - shlex-1.3.0 \ - syn-2.0.99 \ - target-lexicon-0.12.16 \ - unicode-ident-1.0.18 \ - unindent-0.2.4 \ - windows-sys-0.59.0 \ - windows-targets-0.52.6 \ - windows_aarch64_gnullvm-0.52.6 \ - windows_aarch64_msvc-0.52.6 \ - windows_i686_gnu-0.52.6 \ - windows_i686_gnullvm-0.52.6 \ - windows_i686_msvc-0.52.6 \ - windows_x86_64_gnu-0.52.6 \ - windows_x86_64_gnullvm-0.52.6 \ - windows_x86_64_msvc-0.52.6 diff --git a/security/py-wassima/distinfo b/security/py-wassima/distinfo index 8ba37feea388..64dbf3f738a6 100644 --- a/security/py-wassima/distinfo +++ b/security/py-wassima/distinfo @@ -1,85 +1,3 @@ -TIMESTAMP = 1742070466 -SHA256 (wassima-1.2.2.tar.gz) = f264827618400ebeab16708c8acf7870f693b03bfb4d7e95253eb9b35074db5c -SIZE (wassima-1.2.2.tar.gz) = 16329 -SHA256 (rust/crates/autocfg-1.4.0.crate) = ace50bade8e6234aa140d9a2f552bbee1db4d353f69b8217bc503490fc1a9f26 -SIZE (rust/crates/autocfg-1.4.0.crate) = 17712 -SHA256 (rust/crates/bitflags-2.9.0.crate) = 5c8214115b7bf84099f1309324e63141d4c5d7cc26862f97a0a857dbefe165bd -SIZE (rust/crates/bitflags-2.9.0.crate) = 47654 -SHA256 (rust/crates/cc-1.2.16.crate) = be714c154be609ec7f5dad223a33bf1482fff90472de28f7362806e6d4832b8c -SIZE (rust/crates/cc-1.2.16.crate) = 103847 -SHA256 (rust/crates/cfg-if-1.0.0.crate) = baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd -SIZE (rust/crates/cfg-if-1.0.0.crate) = 7934 -SHA256 (rust/crates/core-foundation-0.10.0.crate) = b55271e5c8c478ad3f38ad24ef34923091e0548492a266d19b3c0b4d82574c63 -SIZE (rust/crates/core-foundation-0.10.0.crate) = 27023 -SHA256 (rust/crates/core-foundation-sys-0.8.7.crate) = 773648b94d0e5d620f64f280777445740e61fe701025087ec8b57f45c791888b -SIZE (rust/crates/core-foundation-sys-0.8.7.crate) = 37712 -SHA256 (rust/crates/heck-0.5.0.crate) = 2304e00983f87ffb38b55b444b5e3b60a884b5d30c0fca7d82fe33449bbe55ea -SIZE (rust/crates/heck-0.5.0.crate) = 11517 -SHA256 (rust/crates/indoc-2.0.6.crate) = f4c7245a08504955605670dbf141fceab975f15ca21570696aebe9d2e71576bd -SIZE (rust/crates/indoc-2.0.6.crate) = 17164 -SHA256 (rust/crates/libc-0.2.170.crate) = 875b3680cb2f8f71bdcf9a30f38d48282f5d3c95cbf9b3fa57269bb5d5c06828 -SIZE (rust/crates/libc-0.2.170.crate) = 760076 -SHA256 (rust/crates/memoffset-0.9.1.crate) = 488016bfae457b036d996092f6cb448677611ce4449e970ceaf42695203f218a -SIZE (rust/crates/memoffset-0.9.1.crate) = 9032 -SHA256 (rust/crates/once_cell-1.20.3.crate) = 945462a4b81e43c4e3ba96bd7b49d834c6f61198356aa858733bc4acf3cbe62e -SIZE (rust/crates/once_cell-1.20.3.crate) = 33456 -SHA256 (rust/crates/openssl-probe-0.1.6.crate) = d05e27ee213611ffe7d6348b942e8f942b37114c00cc03cec254295a4a17852e -SIZE (rust/crates/openssl-probe-0.1.6.crate) = 8128 -SHA256 (rust/crates/portable-atomic-1.11.0.crate) = 350e9b48cbc6b0e028b0473b114454c6316e57336ee184ceab6e53f72c178b3e -SIZE (rust/crates/portable-atomic-1.11.0.crate) = 181258 -SHA256 (rust/crates/proc-macro2-1.0.94.crate) = a31971752e70b8b2686d7e46ec17fb38dad4051d94024c88df49b667caea9c84 -SIZE (rust/crates/proc-macro2-1.0.94.crate) = 52391 -SHA256 (rust/crates/pyo3-0.23.5.crate) = 7778bffd85cf38175ac1f545509665d0b9b92a198ca7941f131f85f7a4f9a872 -SIZE (rust/crates/pyo3-0.23.5.crate) = 1088533 -SHA256 (rust/crates/pyo3-build-config-0.23.5.crate) = 94f6cbe86ef3bf18998d9df6e0f3fc1050a8c5efa409bf712e661a4366e010fb -SIZE (rust/crates/pyo3-build-config-0.23.5.crate) = 33885 -SHA256 (rust/crates/pyo3-ffi-0.23.5.crate) = e9f1b4c431c0bb1c8fb0a338709859eed0d030ff6daa34368d3b152a63dfdd8d -SIZE (rust/crates/pyo3-ffi-0.23.5.crate) = 74867 -SHA256 (rust/crates/pyo3-macros-0.23.5.crate) = fbc2201328f63c4710f68abdf653c89d8dbc2858b88c5d88b0ff38a75288a9da -SIZE (rust/crates/pyo3-macros-0.23.5.crate) = 8856 -SHA256 (rust/crates/pyo3-macros-backend-0.23.5.crate) = fca6726ad0f3da9c9de093d6f116a93c1a38e417ed73bf138472cf4064f72028 -SIZE (rust/crates/pyo3-macros-backend-0.23.5.crate) = 70938 -SHA256 (rust/crates/python3-dll-a-0.2.13.crate) = 49fe4227a288cf9493942ad0220ea3f185f4d1f2a14f197f7344d6d02f4ed4ed -SIZE (rust/crates/python3-dll-a-0.2.13.crate) = 85018 -SHA256 (rust/crates/quote-1.0.39.crate) = c1f1914ce909e1658d9907913b4b91947430c7d9be598b15a1912935b8c04801 -SIZE (rust/crates/quote-1.0.39.crate) = 31206 -SHA256 (rust/crates/rustls-native-certs-0.8.1.crate) = 7fcff2dd52b58a8d98a70243663a0d234c4e2b79235637849d15913394a247d3 -SIZE (rust/crates/rustls-native-certs-0.8.1.crate) = 31129 -SHA256 (rust/crates/rustls-pki-types-1.11.0.crate) = 917ce264624a4b4db1c364dcc35bfca9ded014d0a958cd47ad3e960e988ea51c -SIZE (rust/crates/rustls-pki-types-1.11.0.crate) = 63933 -SHA256 (rust/crates/schannel-0.1.27.crate) = 1f29ebaa345f945cec9fbbc532eb307f0fdad8161f281b6369539c8d84876b3d -SIZE (rust/crates/schannel-0.1.27.crate) = 42772 -SHA256 (rust/crates/security-framework-3.2.0.crate) = 271720403f46ca04f7ba6f55d438f8bd878d6b8ca0a1046e8228c4145bcbb316 -SIZE (rust/crates/security-framework-3.2.0.crate) = 86095 -SHA256 (rust/crates/security-framework-sys-2.14.0.crate) = 49db231d56a190491cb4aeda9527f1ad45345af50b0851622a7adb8c03b01c32 -SIZE (rust/crates/security-framework-sys-2.14.0.crate) = 20537 -SHA256 (rust/crates/shlex-1.3.0.crate) = 0fda2ff0d084019ba4d7c6f371c95d8fd75ce3524c3cb8fb653a3023f6323e64 -SIZE (rust/crates/shlex-1.3.0.crate) = 18713 -SHA256 (rust/crates/syn-2.0.99.crate) = e02e925281e18ffd9d640e234264753c43edc62d64b2d4cf898f1bc5e75f3fc2 -SIZE (rust/crates/syn-2.0.99.crate) = 297762 -SHA256 (rust/crates/target-lexicon-0.12.16.crate) = 61c41af27dd6d1e27b1b16b489db798443478cef1f06a660c96db617ba5de3b1 -SIZE (rust/crates/target-lexicon-0.12.16.crate) = 26488 -SHA256 (rust/crates/unicode-ident-1.0.18.crate) = 5a5f39404a5da50712a4c1eecf25e90dd62b613502b7e925fd4e4d19b5c96512 -SIZE (rust/crates/unicode-ident-1.0.18.crate) = 47743 -SHA256 (rust/crates/unindent-0.2.4.crate) = 7264e107f553ccae879d21fbea1d6724ac785e8c3bfc762137959b5802826ef3 -SIZE (rust/crates/unindent-0.2.4.crate) = 7422 -SHA256 (rust/crates/windows-sys-0.59.0.crate) = 1e38bc4d79ed67fd075bcc251a1c39b32a1776bbe92e5bef1f0bf1f8c531853b -SIZE (rust/crates/windows-sys-0.59.0.crate) = 2387323 -SHA256 (rust/crates/windows-targets-0.52.6.crate) = 9b724f72796e036ab90c1021d4780d4d3d648aca59e491e6b98e725b84e99973 -SIZE (rust/crates/windows-targets-0.52.6.crate) = 6403 -SHA256 (rust/crates/windows_aarch64_gnullvm-0.52.6.crate) = 32a4622180e7a0ec044bb555404c800bc9fd9ec262ec147edd5989ccd0c02cd3 -SIZE (rust/crates/windows_aarch64_gnullvm-0.52.6.crate) = 435718 -SHA256 (rust/crates/windows_aarch64_msvc-0.52.6.crate) = 09ec2a7bb152e2252b53fa7803150007879548bc709c039df7627cabbd05d469 -SIZE (rust/crates/windows_aarch64_msvc-0.52.6.crate) = 832615 -SHA256 (rust/crates/windows_i686_gnu-0.52.6.crate) = 8e9b5ad5ab802e97eb8e295ac6720e509ee4c243f69d781394014ebfe8bbfa0b -SIZE (rust/crates/windows_i686_gnu-0.52.6.crate) = 880402 -SHA256 (rust/crates/windows_i686_gnullvm-0.52.6.crate) = 0eee52d38c090b3caa76c563b86c3a4bd71ef1a819287c19d586d7334ae8ed66 -SIZE (rust/crates/windows_i686_gnullvm-0.52.6.crate) = 475940 -SHA256 (rust/crates/windows_i686_msvc-0.52.6.crate) = 240948bc05c5e7c6dabba28bf89d89ffce3e303022809e73deaefe4f6ec56c66 -SIZE (rust/crates/windows_i686_msvc-0.52.6.crate) = 901163 -SHA256 (rust/crates/windows_x86_64_gnu-0.52.6.crate) = 147a5c80aabfbf0c7d901cb5895d1de30ef2907eb21fbbab29ca94c5b08b1a78 -SIZE (rust/crates/windows_x86_64_gnu-0.52.6.crate) = 836363 -SHA256 (rust/crates/windows_x86_64_gnullvm-0.52.6.crate) = 24d5b23dc417412679681396f2b49f3de8c1473deb516bd34410872eff51ed0d -SIZE (rust/crates/windows_x86_64_gnullvm-0.52.6.crate) = 435707 -SHA256 (rust/crates/windows_x86_64_msvc-0.52.6.crate) = 589f6da84c646204747d1270a2a5661ea66ed1cced2631d546fdfb155959f9ec -SIZE (rust/crates/windows_x86_64_msvc-0.52.6.crate) = 832564 +TIMESTAMP = 1750954236 +SHA256 (wassima-2.0.0.tar.gz) = 9d0dd4d7f8cdc1247518daf72b656f77f87a870861aeda73e32a43e583202ae6 +SIZE (wassima-2.0.0.tar.gz) = 148821 diff --git a/security/py-webauthn/Makefile b/security/py-webauthn/Makefile index 2c97531fd969..0224d6c5af41 100644 --- a/security/py-webauthn/Makefile +++ b/security/py-webauthn/Makefile @@ -1,5 +1,5 @@ PORTNAME= webauthn -PORTVERSION= 2.5.2 +PORTVERSION= 2.6.0 CATEGORIES= security python MASTER_SITES= PYPI PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} @@ -12,7 +12,7 @@ WWW= https://duo-labs.github.io/py_webauthn/ \ LICENSE= BSD3CLAUSE LICENSE_FILE= ${WRKSRC}/LICENSE -BUILD_DEPENDS= ${PYTHON_PKGNAMEPREFIX}setuptools>=0:devel/py-setuptools@${PY_FLAVOR} \ +BUILD_DEPENDS= ${PYTHON_PKGNAMEPREFIX}setuptools>=61.0:devel/py-setuptools@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}wheel>=0:devel/py-wheel@${PY_FLAVOR} RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}asn1crypto>=1.5.1:devel/py-asn1crypto@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}cbor2>=5.6.5:devel/py-cbor2@${PY_FLAVOR} \ diff --git a/security/py-webauthn/distinfo b/security/py-webauthn/distinfo index 3490692fa0ea..4b6631072a69 100644 --- a/security/py-webauthn/distinfo +++ b/security/py-webauthn/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1749813110 -SHA256 (webauthn-2.5.2.tar.gz) = 09c13dfc1c68c810f32fa4d89b1d37acb9f9ae9091c9d7019e313be4525a95ef -SIZE (webauthn-2.5.2.tar.gz) = 124114 +TIMESTAMP = 1750188136 +SHA256 (webauthn-2.6.0.tar.gz) = 13cf5b009a64cef569599ffecf24550df1d7c0cd4fbaea870f937148484a80b4 +SIZE (webauthn-2.6.0.tar.gz) = 123608 diff --git a/security/py-webauthn/files/patch-pyproject.toml b/security/py-webauthn/files/patch-pyproject.toml new file mode 100644 index 000000000000..e2799155d521 --- /dev/null +++ b/security/py-webauthn/files/patch-pyproject.toml @@ -0,0 +1,12 @@ +--- pyproject.toml.orig 2025-06-16 22:25:09 UTC ++++ pyproject.toml +@@ -7,8 +7,7 @@ readme = "README.md" + dynamic = ["version"] + description = "Pythonic WebAuthn" + readme = "README.md" +-license = "BSD-3-Clause" +-license-files = ["LICENSE"] ++license = { text = "BSD-3-Clause" } + keywords = ["webauthn", "fido2"] + authors = [{ name = "Duo Labs", email = "labs@duo.com" }] + classifiers = [ diff --git a/security/rubygem-rasn1/Makefile b/security/rubygem-rasn1/Makefile index 5a7fc4753d36..a9dda07d9e6f 100644 --- a/security/rubygem-rasn1/Makefile +++ b/security/rubygem-rasn1/Makefile @@ -1,5 +1,5 @@ PORTNAME= rasn1 -PORTVERSION= 0.15.0 +PORTVERSION= 0.16.0 CATEGORIES= security rubygems MASTER_SITES= RG diff --git a/security/rubygem-rasn1/distinfo b/security/rubygem-rasn1/distinfo index 4cd85543dcce..a19adb8a6d67 100644 --- a/security/rubygem-rasn1/distinfo +++ b/security/rubygem-rasn1/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1736671257 -SHA256 (rubygem/rasn1-0.15.0.gem) = 6d3a8c94f8dbdbdc346f1a17ad905e99bbe6c754b1effba80d857b94f8ce5600 -SIZE (rubygem/rasn1-0.15.0.gem) = 29696 +TIMESTAMP = 1750188250 +SHA256 (rubygem/rasn1-0.16.0.gem) = c3f482cd6163822f98f31e3397b0528f3abe1f244093095abf0946e656be5c2b +SIZE (rubygem/rasn1-0.16.0.gem) = 29696 diff --git a/security/vuxml/vuln/2025.xml b/security/vuxml/vuln/2025.xml index 042957fdf1f6..a13b0b1015ce 100644 --- a/security/vuxml/vuln/2025.xml +++ b/security/vuxml/vuln/2025.xml @@ -1,3 +1,162 @@ + <vuln vid="5e64770c-52aa-11f0-b522-b42e991fc52e"> + <topic>MongoDB -- Running certain aggregation operations with the SBE engine may lead to unexpected behavior</topic> + <affects> + <package> + <name>mongodb60</name> + <range><lt>6.0.21</lt></range> + </package> + <package> + <name>mongodb70</name> + <range><lt>7.0.17</lt></range> + </package> + <package> + <name>mongodb80</name> + <range><lt>8.0.4</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>cna@mongodb.com reports:</p> + <blockquote cite="https://jira.mongodb.org/browse/SERVER-106746"> + <p>An authenticated user may trigger a use after free that may result + in MongoDB Server crash and other unexpected behavior, even if the + user does not have authorization to shut down a server. The crash + is triggered on affected versions by issuing an aggregation framework + operation using a specific combination of rarely-used aggregation + pipeline expressions. This issue affects MongoDB Server v6.0 version + prior to 6.0.21, MongoDB Server v7.0 version prior to 7.0.17 and + MongoDB Server v8.0 version prior to 8.0.4 when the SBE engine is + enabled.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-6706</cvename> + <url>https://nvd.nist.gov/vuln/detail/CVE-2025-6706</url> + </references> + <dates> + <discovery>2025-06-26</discovery> + <entry>2025-06-26</entry> + </dates> + </vuln> + + <vuln vid="5cd2bd2b-52aa-11f0-b522-b42e991fc52e"> + <topic>MongoDB -- Race condition in privilege cache invalidation cycle</topic> + <affects> + <package> + <name>mongodb50</name> + <range><lt>5.0.31</lt></range> + </package> + <package> + <name>mongodb60</name> + <range><lt>6.0.24</lt></range> + </package> + <package> + <name>mongodb70</name> + <range><lt>7.0.21</lt></range> + </package> + <package> + <name>mongodb80</name> + <range><lt>8.0.5</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>NVD reports:</p> + <blockquote cite="https://nvd.nist.gov/vuln/detail/CVE-2025-6707"> + <p>Under certain conditions, an authenticated user request + may execute with stale privileges following an intentional + change by an authorized administrator.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-6707</cvename> + <url>https://nvd.nist.gov/vuln/detail/CVE-2025-6707</url> + </references> + <dates> + <discovery>2025-06-26</discovery> + <entry>2025-06-26</entry> + </dates> + </vuln> + + <vuln vid="5b87eef6-52aa-11f0-b522-b42e991fc52e"> + <topic>MongoDB -- Pre-Authentication Denial of Service Vulnerability in MongoDB Server's OIDC Authentication</topic> + <affects> + <package> + <name>mongodb60</name> + <range><lt>6.0.21</lt></range> + </package> + <package> + <name>mongodb70</name> + <range><lt>7.0.17</lt></range> + </package> + <package> + <name>mongodb80</name> + <range><lt>8.0.5</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>NVD reports:</p> + <blockquote cite="https://nvd.nist.gov/vuln/detail/CVE-2025-6709"> + <p>The MongoDB Server is susceptible to a denial of service + vulnerability due to improper handling of specific date + values in JSON input when using OIDC authentication. + This can be reproduced using the mongo shell to send a + malicious JSON payload leading to an invariant failure + and server crash. </p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-6709</cvename> + <url>https://nvd.nist.gov/vuln/detail/CVE-2025-6709</url> + </references> + <dates> + <discovery>2025-06-26</discovery> + <entry>2025-06-26</entry> + </dates> + </vuln> + + <vuln vid="59ed4b19-52aa-11f0-b522-b42e991fc52e"> + <topic>MongoDB -- Pre-authentication Denial of Service Stack Overflow Vulnerability in JSON Parsing via Excessive Recursion in MongoDB</topic> + <affects> + <package> + <name>mongodb70</name> + <range><lt>7.0.17</lt></range> + </package> + <package> + <name>mongodb80</name> + <range><lt>8.0.5</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>cna@mongodb.com reports:</p> + <blockquote cite="https://jira.mongodb.org/browse/SERVER-106749"> + <p>MongoDB Server may be susceptible to stack overflow due to JSON + parsing mechanism, where specifically crafted JSON inputs may induce + unwarranted levels of recursion, resulting in excessive stack space + consumption. Such inputs can lead to a stack overflow that causes + the server to crash which could occur pre-authorisation. This issue + affects MongoDB Server v7.0 versions prior to 7.0.17 and MongoDB + Server v8.0 versions prior to 8.0.5. + The same issue affects MongoDB Server v6.0 versions prior to 6.0.21, + but an attacker can only induce denial of service after authenticating.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-6710</cvename> + <url>https://nvd.nist.gov/vuln/detail/CVE-2025-6710</url> + </references> + <dates> + <discovery>2025-06-26</discovery> + <entry>2025-06-26</entry> + </dates> + </vuln> + <vuln vid="e26608ff-5266-11f0-b522-b42e991fc52e"> <topic>kanboard -- Password Reset Poisoning via Host Header Injection</topic> <affects> diff --git a/security/wolfssl/Makefile b/security/wolfssl/Makefile index 87fa1c88c8d7..b9b9ed9ede8f 100644 --- a/security/wolfssl/Makefile +++ b/security/wolfssl/Makefile @@ -1,6 +1,6 @@ PORTNAME= wolfssl PORTVERSION= 5.8.0 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= security devel MASTER_SITES= https://www.wolfssl.com/ \ LOCAL/fox @@ -41,6 +41,7 @@ CONFIGURE_ARGS= --disable-dependency-tracking \ --enable-context-extra-user-data TEST_TARGET= check CFLAGS+= -DWOLFSSL_ALT_NAMES -DWOLFSSL_GETRANDOM=1 +CFLAGS_i386+= -DWOLFSSL_SHA224 OPTIONS_DEFINE= DEBUG DOCS |