diff options
Diffstat (limited to 'security')
36 files changed, 350 insertions, 67 deletions
diff --git a/security/Makefile b/security/Makefile index 0343c9fd1932..15488729f2b5 100644 --- a/security/Makefile +++ b/security/Makefile @@ -255,6 +255,7 @@ SUBDIR += keepass SUBDIR += keepass-plugin-keepassrpc SUBDIR += keepassxc + SUBDIR += keepassxc276 SUBDIR += keybase SUBDIR += keychain SUBDIR += keyprint diff --git a/security/cyrus-sasl2-saslauthd/Makefile b/security/cyrus-sasl2-saslauthd/Makefile index 6c922264b12d..41c6027c54d7 100644 --- a/security/cyrus-sasl2-saslauthd/Makefile +++ b/security/cyrus-sasl2-saslauthd/Makefile @@ -1,4 +1,4 @@ -PORTREVISION= 2 +PORTREVISION= 3 PKGNAMESUFFIX= -saslauthd COMMENT= SASL authentication server for cyrus-sasl2 @@ -53,7 +53,12 @@ OPTIONS_DEFAULT+= GSSAPI_BASE OPTIONS_RADIO_GSSAPI+= GSSAPI_HEIMDAL GSSAPI_MIT GSSAPI_BASE_USES= gssapi:base GSSAPI_BASE_CONFIGURE_ON= --enable-gssapi="${GSSAPIBASEDIR}" \ - --with-gss_impl=heimdal + +.if exists(/usr/libexec/krb5kdc) +GSSAPI_BASE_CONFIGURE_ON+= --with-gss_impl=mit +.else +GSSAPI_BASE_CONFIGURE_ON+= --with-gss_impl=heimdal +.endif GSSAPI_HEIMDAL_USES= gssapi:heimdal,flags GSSAPI_HEIMDAL_CONFIGURE_ON= --enable-gssapi="${GSSAPIBASEDIR}" \ --with-gss_impl=heimdal diff --git a/security/fizz/Makefile b/security/fizz/Makefile index 34ec1011e8f7..52d84d866404 100644 --- a/security/fizz/Makefile +++ b/security/fizz/Makefile @@ -1,6 +1,6 @@ PORTNAME= fizz DISTVERSIONPREFIX= v -DISTVERSION= 2025.07.07.00 +DISTVERSION= 2025.07.21.00 CATEGORIES= security MAINTAINER= yuri@FreeBSD.org diff --git a/security/fizz/distinfo b/security/fizz/distinfo index 3adc96cbaa66..61fd5fd39bbb 100644 --- a/security/fizz/distinfo +++ b/security/fizz/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1752053888 -SHA256 (facebookincubator-fizz-v2025.07.07.00_GH0.tar.gz) = 86635b14d000c6e8e61a3edfbd9ad51764c9bf84b3702d73ac6dadff97786c99 -SIZE (facebookincubator-fizz-v2025.07.07.00_GH0.tar.gz) = 759365 +TIMESTAMP = 1753158778 +SHA256 (facebookincubator-fizz-v2025.07.21.00_GH0.tar.gz) = 8e2eef377e81913edb70bd2beb53ed0f3b56048411314c557f8d9028c7b983f1 +SIZE (facebookincubator-fizz-v2025.07.21.00_GH0.tar.gz) = 762878 diff --git a/security/gvmd/Makefile b/security/gvmd/Makefile index 0648b0880e09..0e719b8bddbb 100644 --- a/security/gvmd/Makefile +++ b/security/gvmd/Makefile @@ -1,6 +1,6 @@ PORTNAME= gvmd DISTVERSION= 26.0.0 -PORTREVISION= 1 +PORTREVISION= 2 DISTVERSIONPREFIX= v CATEGORIES= security @@ -15,7 +15,7 @@ LIB_DEPENDS= libgvm_base.so:security/gvm-libs \ libgnutls.so:security/gnutls \ libgpgme.so:security/gpgme \ libical.so:devel/libical -RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}lxml>0:devel/py-lxml@${PY_FLAVOR} \ +RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}lxml5>0:devel/py-lxml5@${PY_FLAVOR} \ ${LOCALBASE}/lib/postgresql/libpg-gvm.so:databases/pg-gvm \ doxygen>0:devel/doxygen \ p5-XML-Twig>=0:textproc/p5-XML-Twig \ diff --git a/security/keepassxc/Makefile b/security/keepassxc/Makefile index 4cb9c335c67b..1cd13b8eb820 100644 --- a/security/keepassxc/Makefile +++ b/security/keepassxc/Makefile @@ -1,5 +1,5 @@ PORTNAME= keepassxc -DISTVERSION= 2.7.6 +DISTVERSION= 2.7.10 CATEGORIES= security MASTER_SITES= https://github.com/keepassxreboot/keepassxc/releases/download/${DISTVERSION}/ DISTNAME= ${PORTNAME}-${DISTVERSION}-src @@ -15,13 +15,10 @@ LICENSE_NAME_NOKIA-LGPL-EXCEPTION= Nokia Qt LGPL Exception version 1.1 LICENSE_FILE_NOKIA-LGPL-EXCEPTION= ${WRKSRC}/LICENSE.NOKIA-LGPL-EXCEPTION LICENSE_PERMS_NOKIA-LGPL-EXCEPTION= dist-mirror dist-sell pkg-mirror pkg-sell auto-accept -DEPRECATED= Depends on expired security/botan2 -EXPIRATION_DATE=2025-06-21 - BUILD_DEPENDS= asciidoctor:textproc/rubygem-asciidoctor LIB_DEPENDS= libargon2.so:security/libargon2 \ libqrencode.so:graphics/libqrencode \ - libbotan-2.so:security/botan2 + libbotan-3.so:security/botan3 USES= cmake compiler:c++17-lang desktop-file-utils pkgconfig qt:5 \ readline shared-mime-info tar:xz xorg @@ -32,7 +29,7 @@ USE_XORG= x11 WRKSRC= ${WRKDIR}/${DISTNAME:S/-src//} CMAKE_OFF= WITH_XC_UPDATECHECK -CONFLICTS_INSTALL= keepassx-0.* keepassx2 keepassx +CONFLICTS_INSTALL= keepassx-0.* keepassx2 keepassx keepassxc276 OPTIONS_DEFINE= AUTOTYPE BROWSER FDOSECRETS KEESHARE NETWORKING SSHAGENT YUBIKEY TEST OPTIONS_DEFAULT= AUTOTYPE BROWSER FDOSECRETS KEESHARE NETWORKING SSHAGENT YUBIKEY diff --git a/security/keepassxc/distinfo b/security/keepassxc/distinfo index 25f70dd938b3..6a354c652cb2 100644 --- a/security/keepassxc/distinfo +++ b/security/keepassxc/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1692163985 -SHA256 (keepassxc-2.7.6-src.tar.xz) = a58074509fa8e90f152c6247f73e75e126303081f55eedb4ea0cbb6fa980d670 -SIZE (keepassxc-2.7.6-src.tar.xz) = 8474624 +TIMESTAMP = 1751644926 +SHA256 (keepassxc-2.7.10-src.tar.xz) = 5ce76d6440986c24842585f019d5f3cadc166fa71fc911a4fe97b8bbc4819dfa +SIZE (keepassxc-2.7.10-src.tar.xz) = 9787952 diff --git a/security/keepassxc/files/patch-CMakeLists.txt b/security/keepassxc/files/patch-CMakeLists.txt new file mode 100644 index 000000000000..38c92ebea387 --- /dev/null +++ b/security/keepassxc/files/patch-CMakeLists.txt @@ -0,0 +1,13 @@ +--- CMakeLists.txt.orig 2024-06-19 14:32:55.000000000 -0700 ++++ CMakeLists.txt 2024-06-20 07:26:46.907481000 -0700 +@@ -575,8 +575,8 @@ + include_directories(SYSTEM ${PCSC_INCLUDE_DIRS}) + + if(UNIX AND NOT APPLE) +- find_library(LIBUSB_LIBRARIES NAMES usb-1.0 REQUIRED) +- find_path(LIBUSB_INCLUDE_DIR NAMES libusb.h PATH_SUFFIXES "libusb-1.0" "libusb" REQUIRED) ++ find_library(LIBUSB_LIBRARIES NAMES usb REQUIRED) ++ find_path(LIBUSB_INCLUDE_DIR NAMES libusb.h PATH_SUFFIXES "libusb" "libusb" REQUIRED) + include_directories(SYSTEM ${LIBUSB_INCLUDE_DIR}) + endif() + endif() diff --git a/security/keepassxc276/Makefile b/security/keepassxc276/Makefile new file mode 100644 index 000000000000..e5965d9be9de --- /dev/null +++ b/security/keepassxc276/Makefile @@ -0,0 +1,72 @@ +PORTNAME= keepassxc +DISTVERSION= 2.7.6 +CATEGORIES= security +MASTER_SITES= https://github.com/keepassxreboot/keepassxc/releases/download/${DISTVERSION}/ +PKGNAMESUFFIX= 276 +DISTNAME= ${PORTNAME}-${DISTVERSION}-src + +MAINTAINER= lwhsu@FreeBSD.org +COMMENT= KeePass Cross-platform Community Edition +WWW= https://keepassxc.org + +CONFLICTS= keepassxc-[1-9]* + +LICENSE= APACHE20 BSD3CLAUSE CC0-1.0 GPLv2 GPLv3 LGPL21 LGPL3 MIT \ + NOKIA-LGPL-EXCEPTION +LICENSE_COMB= multi +LICENSE_NAME_NOKIA-LGPL-EXCEPTION= Nokia Qt LGPL Exception version 1.1 +LICENSE_FILE_NOKIA-LGPL-EXCEPTION= ${WRKSRC}/LICENSE.NOKIA-LGPL-EXCEPTION +LICENSE_PERMS_NOKIA-LGPL-EXCEPTION= dist-mirror dist-sell pkg-mirror pkg-sell auto-accept + +DEPRECATED= Depends on expired security/botan2 +EXPIRATION_DATE=2025-06-21 + +BUILD_DEPENDS= asciidoctor:textproc/rubygem-asciidoctor +LIB_DEPENDS= libargon2.so:security/libargon2 \ + libqrencode.so:graphics/libqrencode \ + libbotan-2.so:security/botan2 + +USES= cmake compiler:c++17-lang desktop-file-utils pkgconfig qt:5 \ + readline shared-mime-info tar:xz xorg +USE_QT= concurrent core dbus gui network svg widgets buildtools:build \ + linguisttools:build qmake:build testlib:build x11extras +USE_XORG= x11 + +WRKSRC= ${WRKDIR}/${DISTNAME:S/-src//} +CMAKE_OFF= WITH_XC_UPDATECHECK + +CONFLICTS_INSTALL= keepassx-0.* keepassx2 keepassx + +OPTIONS_DEFINE= AUTOTYPE BROWSER FDOSECRETS KEESHARE NETWORKING SSHAGENT YUBIKEY TEST +OPTIONS_DEFAULT= AUTOTYPE BROWSER FDOSECRETS KEESHARE NETWORKING SSHAGENT YUBIKEY +OPTIONS_SUB= yes + +AUTOTYPE_CMAKE_BOOL= WITH_XC_AUTOTYPE +AUTOTYPE_DESC= Auto-type passwords in input fields +AUTOTYPE_USE= XORG=xi,xtst + +BROWSER_CMAKE_BOOL= WITH_XC_BROWSER +BROWSER_DESC= Browser integration with KeePassXC-Browser + +FDOSECRETS_CMAKE_BOOL= WITH_XC_FDOSECRETS +FDOSECRETS_DESC= freedesktop.org secrets service support + +KEESHARE_CMAKE_BOOL= WITH_XC_KEESHARE +KEESHARE_DESC= Sharing integration with KeeShare +KEESHARE_USES= minizip + +# Legacy/Deprecated. +NETWORKING_CMAKE_BOOL= WITH_XC_NETWORKING +NETWORKING_DESC= Networking support (e.g. for downloading website icons) + +SSHAGENT_CMAKE_BOOL= WITH_XC_SSHAGENT +SSHAGENT_DESC= SSH agent support + +YUBIKEY_CMAKE_BOOL= WITH_XC_YUBIKEY +YUBIKEY_DESC= YubiKey support +YUBIKEY_LIB_DEPENDS= libpcsclite.so:devel/pcsc-lite + +TEST_CMAKE_BOOL= WITH_TESTS WITH_GUI_TESTS +TEST_TEST_TARGET= test + +.include <bsd.port.mk> diff --git a/security/keepassxc276/distinfo b/security/keepassxc276/distinfo new file mode 100644 index 000000000000..25f70dd938b3 --- /dev/null +++ b/security/keepassxc276/distinfo @@ -0,0 +1,3 @@ +TIMESTAMP = 1692163985 +SHA256 (keepassxc-2.7.6-src.tar.xz) = a58074509fa8e90f152c6247f73e75e126303081f55eedb4ea0cbb6fa980d670 +SIZE (keepassxc-2.7.6-src.tar.xz) = 8474624 diff --git a/security/keepassxc276/files/patch-src_thirdparty_ykcore_CMakeLists.txt b/security/keepassxc276/files/patch-src_thirdparty_ykcore_CMakeLists.txt new file mode 100644 index 000000000000..af4cb68d5d09 --- /dev/null +++ b/security/keepassxc276/files/patch-src_thirdparty_ykcore_CMakeLists.txt @@ -0,0 +1,11 @@ +--- src/thirdparty/ykcore/CMakeLists.txt.orig 2022-03-21 22:47:20 UTC ++++ src/thirdparty/ykcore/CMakeLists.txt +@@ -27,7 +27,7 @@ elseif(UNIX AND NOT APPLE)
+ elseif(UNIX AND NOT APPLE)
+ target_sources(ykcore PRIVATE ykcore_libusb-1.0.c)
+
+- find_library(LIBUSB_LIBRARY NAMES usb-1.0)
++ find_library(LIBUSB_LIBRARY NAMES usb-1.0 usb)
+ find_path(LIBUSB_INCLUDE_DIR NAMES libusb.h PATH_SUFFIXES "libusb-1.0" "libusb")
+ if(NOT LIBUSB_LIBRARY OR NOT LIBUSB_INCLUDE_DIR)
+ message(FATAL_ERROR "libusb-1.0 dev package required, but not found")
diff --git a/security/keepassxc276/pkg-descr b/security/keepassxc276/pkg-descr new file mode 100644 index 000000000000..f71cf7e984f7 --- /dev/null +++ b/security/keepassxc276/pkg-descr @@ -0,0 +1,22 @@ +KeePassXC is a community fork of KeePassX, a native cross-platform port of +KeePass Password Safe, with the goal to extend and improve it with new features +and bugfixes to provide a feature-rich, fully cross-platform and modern +open-source password manager. + +Main Features + + * Secure storage with AES, Twofish or ChaCha20 encryption + * File format compatibility with KeePass2, KeePassX, MacPass, KeeWeb and many + others (KDBX 3.1 and 4.0) + * SSH Agent integration + * Passwords synchronization using KeeShare + * Auto-Type for automagically filling in login forms + * Key file and YubiKey challenge-response support for additional security + * TOTP generation (including Steam Guard) + * CSV import from other password managers (e.g., LastPass) + * Command line interface + * Custom icons for database entries and download of website favicons + * Database merge functionality + * Automatic reload when the database was changed externally + * Browser integration with KeePassXC-Browser for Google Chrome, Chromium, + Vivaldi, and Mozilla Firefox. diff --git a/security/keepassxc276/pkg-plist b/security/keepassxc276/pkg-plist new file mode 100644 index 000000000000..28f44ae6c9c8 --- /dev/null +++ b/security/keepassxc276/pkg-plist @@ -0,0 +1,67 @@ +bin/keepassxc +bin/keepassxc-cli +%%BROWSER%%bin/keepassxc-proxy +%%AUTOTYPE%%lib/keepassxc/libkeepassxc-autotype-xcb.so +share/man/man1/keepassxc-cli.1.gz +share/man/man1/keepassxc.1.gz +share/applications/org.keepassxc.KeePassXC.desktop +share/icons/hicolor/256x256/apps/keepassxc.png +share/icons/hicolor/scalable/apps/keepassxc-locked.svg +share/icons/hicolor/scalable/apps/keepassxc-monochrome-dark-locked.svg +share/icons/hicolor/scalable/apps/keepassxc-monochrome-dark.svg +share/icons/hicolor/scalable/apps/keepassxc-monochrome-light-locked.svg +share/icons/hicolor/scalable/apps/keepassxc-monochrome-light.svg +share/icons/hicolor/scalable/apps/keepassxc-unlocked.svg +share/icons/hicolor/scalable/apps/keepassxc.svg +share/icons/hicolor/scalable/mimetypes/application-x-keepassxc.svg +%%DATADIR%%/docs/KeePassXC_GettingStarted.html +%%DATADIR%%/docs/KeePassXC_KeyboardShortcuts.html +%%DATADIR%%/docs/KeePassXC_UserGuide.html +%%DATADIR%%/icons/application/256x256/apps/keepassxc.png +%%DATADIR%%/translations/keepassxc_ar.qm +%%DATADIR%%/translations/keepassxc_bg.qm +%%DATADIR%%/translations/keepassxc_ca.qm +%%DATADIR%%/translations/keepassxc_cs.qm +%%DATADIR%%/translations/keepassxc_da.qm +%%DATADIR%%/translations/keepassxc_de.qm +%%DATADIR%%/translations/keepassxc_el.qm +%%DATADIR%%/translations/keepassxc_en.qm +%%DATADIR%%/translations/keepassxc_en_GB.qm +%%DATADIR%%/translations/keepassxc_en_US.qm +%%DATADIR%%/translations/keepassxc_es.qm +%%DATADIR%%/translations/keepassxc_et.qm +%%DATADIR%%/translations/keepassxc_fi.qm +%%DATADIR%%/translations/keepassxc_fil.qm +%%DATADIR%%/translations/keepassxc_fr.qm +%%DATADIR%%/translations/keepassxc_fr_CA.qm +%%DATADIR%%/translations/keepassxc_he.qm +%%DATADIR%%/translations/keepassxc_hr.qm +%%DATADIR%%/translations/keepassxc_hu.qm +%%DATADIR%%/translations/keepassxc_id.qm +%%DATADIR%%/translations/keepassxc_it.qm +%%DATADIR%%/translations/keepassxc_ja.qm +%%DATADIR%%/translations/keepassxc_km.qm +%%DATADIR%%/translations/keepassxc_ko.qm +%%DATADIR%%/translations/keepassxc_lt.qm +%%DATADIR%%/translations/keepassxc_my.qm +%%DATADIR%%/translations/keepassxc_nb.qm +%%DATADIR%%/translations/keepassxc_nl.qm +%%DATADIR%%/translations/keepassxc_pl.qm +%%DATADIR%%/translations/keepassxc_pt_BR.qm +%%DATADIR%%/translations/keepassxc_pt_PT.qm +%%DATADIR%%/translations/keepassxc_ro.qm +%%DATADIR%%/translations/keepassxc_ru.qm +%%DATADIR%%/translations/keepassxc_si.qm +%%DATADIR%%/translations/keepassxc_sk.qm +%%DATADIR%%/translations/keepassxc_sl.qm +%%DATADIR%%/translations/keepassxc_sq.qm +%%DATADIR%%/translations/keepassxc_sr.qm +%%DATADIR%%/translations/keepassxc_sv.qm +%%DATADIR%%/translations/keepassxc_th.qm +%%DATADIR%%/translations/keepassxc_tr.qm +%%DATADIR%%/translations/keepassxc_uk.qm +%%DATADIR%%/translations/keepassxc_zh_CN.qm +%%DATADIR%%/translations/keepassxc_zh_TW.qm +%%DATADIR%%/wordlists/eff_large.wordlist +share/metainfo/org.keepassxc.KeePassXC.appdata.xml +share/mime/packages/keepassxc.xml diff --git a/security/lego/Makefile b/security/lego/Makefile index e2b6deead144..d6919c372941 100644 --- a/security/lego/Makefile +++ b/security/lego/Makefile @@ -1,6 +1,6 @@ PORTNAME= lego DISTVERSIONPREFIX= v -DISTVERSION= 4.24.0 +DISTVERSION= 4.25.1 CATEGORIES= security MAINTAINER= matt@matthoran.com @@ -12,7 +12,7 @@ LICENSE_FILE= ${WRKSRC}/LICENSE RUN_DEPENDS= ${LOCALBASE}/share/certs/ca-root-nss.crt:security/ca_root_nss -USES= go:1.23,modules +USES= go:modules GO_MODULE= github.com/go-acme/lego/v4 GO_TARGET= ./cmd/lego GO_BUILDFLAGS= -ldflags '-X "main.version=${DISTVERSION}"' diff --git a/security/lego/distinfo b/security/lego/distinfo index ee445fe960dc..38327b4fc1b1 100644 --- a/security/lego/distinfo +++ b/security/lego/distinfo @@ -1,5 +1,5 @@ -TIMESTAMP = 1752932681 -SHA256 (go/security_lego/lego-v4.24.0/v4.24.0.mod) = 4ee2e188492702303c89e3703b26d3cbb10cbdde9ff002e4e8f842f15b81763f -SIZE (go/security_lego/lego-v4.24.0/v4.24.0.mod) = 11037 -SHA256 (go/security_lego/lego-v4.24.0/v4.24.0.zip) = f6a58c88e80aa6d4ffb8eba3b4fd313bba2b3ed3a3b1bbfd23b33fad1bbe7642 -SIZE (go/security_lego/lego-v4.24.0/v4.24.0.zip) = 1502515 +TIMESTAMP = 1753224987 +SHA256 (go/security_lego/lego-v4.25.1/v4.25.1.mod) = d4a62b1d418a18edeb1389150c8d2b6726ce7dd8fb4b4f17958562a5e0136884 +SIZE (go/security_lego/lego-v4.25.1/v4.25.1.mod) = 10758 +SHA256 (go/security_lego/lego-v4.25.1/v4.25.1.zip) = 3227df424f99eabfb24cba0a636fb710a5084212fd9051385a63fea6c9f7321b +SIZE (go/security_lego/lego-v4.25.1/v4.25.1.zip) = 1562186 diff --git a/security/node-sqlcipher/Makefile b/security/node-sqlcipher/Makefile index adeb2171a6e1..3619cf6c698c 100644 --- a/security/node-sqlcipher/Makefile +++ b/security/node-sqlcipher/Makefile @@ -1,5 +1,5 @@ PORTNAME= node-sqlcipher -DISTVERSION= 2.0.3 +DISTVERSION= 2.1.0 CATEGORIES= security MASTER_SITES= https://github.com/signalapp/node-sqlcipher/archive/refs/tags/v${DISTVERSION}/:sqlcipher \ https://registry.npmjs.org/@esbuild/freebsd-arm64/-/:esbuildarm64 \ @@ -26,7 +26,7 @@ USES= nodejs:20,build PLIST_FILES= lib/node_sqlcipher.node -ESBUILD_VERS= 0.25.5 +ESBUILD_VERS= 0.25.6 ESBUILD_ARCH= ${ARCH:S/aarch64/arm64/:S/amd64/x64/} MAKE_ENV+= ESBUILD_BINARY_PATH=${WRKDIR}/esbuild-freebsd-64/package/bin/esbuild diff --git a/security/node-sqlcipher/distinfo b/security/node-sqlcipher/distinfo index 4c0d581254c3..2efbc32fcae3 100644 --- a/security/node-sqlcipher/distinfo +++ b/security/node-sqlcipher/distinfo @@ -1,9 +1,9 @@ -TIMESTAMP = 1748872146 -SHA256 (freebsd-arm64-0.25.5.tgz) = abfbe3edad2cf736ce43a35c2dea079313a4641869912dcb53738a87080f512f -SIZE (freebsd-arm64-0.25.5.tgz) = 4003803 -SHA256 (freebsd-x64-0.25.5.tgz) = 0d8997fd565a9c53d1995b30ed53f2d98b35f831cb6e1f55e0a653aa33cee317 -SIZE (freebsd-x64-0.25.5.tgz) = 4355608 -SHA256 (node-sqlcipher-2.0.3.tar.gz) = 99d3bb23907e8a5a0263d18e0f94857c798d56d2dd0344f2ae873b54e56e9489 -SIZE (node-sqlcipher-2.0.3.tar.gz) = 2711596 -SHA256 (node-sqlcipher-2.0.3-npm-cache.tar.gz) = f7e3800b03717bba269dd8911ede17f64b95d67c037f49b5d7279e78d9d9898c -SIZE (node-sqlcipher-2.0.3-npm-cache.tar.gz) = 67243807 +TIMESTAMP = 1752763972 +SHA256 (freebsd-arm64-0.25.6.tgz) = 64d7ee10a68707188ccf9bf9904771b3ca87ed38b95b38562266625d18263f1b +SIZE (freebsd-arm64-0.25.6.tgz) = 4005168 +SHA256 (freebsd-x64-0.25.6.tgz) = 802165252d595fd843b54010d0f4e96f4ca6a86ac82cfb5701a25c3fedf0e16b +SIZE (freebsd-x64-0.25.6.tgz) = 4357533 +SHA256 (node-sqlcipher-2.1.0.tar.gz) = 81dbfe085be60258d9e0daf4089adc44aaea868b3d009fb5ec47a511f6c99264 +SIZE (node-sqlcipher-2.1.0.tar.gz) = 2712831 +SHA256 (node-sqlcipher-2.1.0-npm-cache.tar.gz) = 8e01706283929ad0a11cd3c16cb97dccebd71a2ac6e982d8bf155da45b8272c4 +SIZE (node-sqlcipher-2.1.0-npm-cache.tar.gz) = 67521401 diff --git a/security/pecl-gnupg/files/patch-php85 b/security/pecl-gnupg/files/patch-php85 new file mode 100644 index 000000000000..de4a30311382 --- /dev/null +++ b/security/pecl-gnupg/files/patch-php85 @@ -0,0 +1,31 @@ +--- gnupg_keylistiterator.c.orig 2025-06-02 18:54:02 UTC ++++ gnupg_keylistiterator.c +@@ -201,7 +201,7 @@ PHP_METHOD(gnupg_keylistiterator, rewind) + + if ((PHPC_THIS->err = gpgme_op_keylist_start( + PHPC_THIS->ctx, PHPC_THIS->pattern ? PHPC_THIS->pattern : "", 0)) != GPG_ERR_NO_ERROR){ +- zend_throw_exception(zend_exception_get_default(TSRMLS_C), (char *)gpg_strerror(PHPC_THIS->err), 1 TSRMLS_CC); ++ zend_throw_exception(zend_ce_exception, (char *)gpg_strerror(PHPC_THIS->err), 1 TSRMLS_CC); + } + if ((PHPC_THIS->err = gpgme_op_keylist_next(PHPC_THIS->ctx, &PHPC_THIS->gpgkey)) != GPG_ERR_NO_ERROR){ + RETURN_FALSE; +--- gnupg.c.orig 2025-06-02 18:54:02 UTC ++++ gnupg.c +@@ -64,7 +64,7 @@ PHPC_OBJ_DEFINE_HANDLER_VAR(gnupg); + break; \ + case 2: \ + zend_throw_exception(\ +- zend_exception_get_default(TSRMLS_C), \ ++ zend_ce_exception, \ + (char*) error, \ + 0 TSRMLS_CC \ + ); \ +@@ -169,7 +169,7 @@ static void php_gnupg_this_make(PHPC_THIS_DECLARE(gnup + if (gpgme_ctx_set_engine_info( + ctx, GPGME_PROTOCOL_OpenPGP, file_name, home_dir) != GPG_ERR_NO_ERROR) { + zend_throw_exception( +- zend_exception_get_default(TSRMLS_C), ++ zend_ce_exception, + (char*) "Setting engine info failed", + 0 TSRMLS_CC + ); diff --git a/security/py-certifi/Makefile b/security/py-certifi/Makefile index de1cfbdc119e..43a6cf3fd110 100644 --- a/security/py-certifi/Makefile +++ b/security/py-certifi/Makefile @@ -1,5 +1,5 @@ PORTNAME= certifi -PORTVERSION= 2025.7.9 +PORTVERSION= 2025.7.14 CATEGORIES= security python MASTER_SITES= PYPI PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} diff --git a/security/py-certifi/distinfo b/security/py-certifi/distinfo index a5b8a9689443..693b25863be4 100644 --- a/security/py-certifi/distinfo +++ b/security/py-certifi/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1752266162 -SHA256 (certifi-2025.7.9.tar.gz) = c1d2ec05395148ee10cf672ffc28cd37ea0ab0d99f9cc74c43e588cbd111b079 -SIZE (certifi-2025.7.9.tar.gz) = 160386 +TIMESTAMP = 1752566722 +SHA256 (certifi-2025.7.14.tar.gz) = 8ea99dbdfaaf2ba2f9bac77b9249ef62ec5218e7c2b2e903378ed5fccf765995 +SIZE (certifi-2025.7.14.tar.gz) = 163981 diff --git a/security/py-cybox/Makefile b/security/py-cybox/Makefile index 5380ef49a79a..d6829f5065fc 100644 --- a/security/py-cybox/Makefile +++ b/security/py-cybox/Makefile @@ -1,7 +1,7 @@ PORTNAME= cybox PORTVERSION= 2.1.0.21 DISTVERSIONPREFIX= v -PORTREVISION= 2 +PORTREVISION= 3 CATEGORIES= security python PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} @@ -13,7 +13,7 @@ LICENSE= BSD3CLAUSE LICENSE_FILE= ${WRKSRC}/LICENSE.txt RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}python-dateutil>=0:devel/py-python-dateutil@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}lxml>=2.2.3:devel/py-lxml@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}lxml5>=2.2.3:devel/py-lxml5@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}mixbox>=1.0.2:security/py-mixbox@${PY_FLAVOR} TEST_DEPENDS= ${PYTHON_PKGNAMEPREFIX}nose>=0:devel/py-nose@${PY_FLAVOR} diff --git a/security/py-joserfc/Makefile b/security/py-joserfc/Makefile index 469d3303adfc..09603c34e6a5 100644 --- a/security/py-joserfc/Makefile +++ b/security/py-joserfc/Makefile @@ -1,5 +1,5 @@ PORTNAME= joserfc -PORTVERSION= 1.2.1 +PORTVERSION= 1.2.2 CATEGORIES= security python MASTER_SITES= PYPI PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} diff --git a/security/py-joserfc/distinfo b/security/py-joserfc/distinfo index d51ddb558786..62b3a48b759b 100644 --- a/security/py-joserfc/distinfo +++ b/security/py-joserfc/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1752266164 -SHA256 (joserfc-1.2.1.tar.gz) = 466a75dc0af9c6711d2a93f38e91c5d4920ec77059063325c251913da3e83569 -SIZE (joserfc-1.2.1.tar.gz) = 192229 +TIMESTAMP = 1752566724 +SHA256 (joserfc-1.2.2.tar.gz) = 0d2a84feecef96168635fd9bf288363fc75b4afef3d99691f77833c8e025d200 +SIZE (joserfc-1.2.2.tar.gz) = 192865 diff --git a/security/py-maec/Makefile b/security/py-maec/Makefile index f03bb0997f05..eb40a7d2fa9b 100644 --- a/security/py-maec/Makefile +++ b/security/py-maec/Makefile @@ -1,6 +1,6 @@ PORTNAME= maec PORTVERSION= 4.1.0.17 -PORTREVISION= 1 +PORTREVISION= 2 DISTVERSIONPREFIX= v CATEGORIES= security python PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} @@ -12,7 +12,7 @@ WWW= https://github.com/MAECProject/python-maec LICENSE= BSD3CLAUSE LICENSE_FILE= ${WRKSRC}/LICENSE.txt -RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}lxml>=2.2.3:devel/py-lxml@${PY_FLAVOR} \ +RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}lxml5>=2.2.3:devel/py-lxml5@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}cybox>=2.1.0.13:security/py-cybox@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}mixbox>=0.0.13:security/py-mixbox@${PY_FLAVOR} TEST_DEPENDS= ${PYTHON_PKGNAMEPREFIX}nose>=0:devel/py-nose@${PY_FLAVOR} diff --git a/security/py-mixbox/Makefile b/security/py-mixbox/Makefile index fb026db3022c..af0835f1254e 100644 --- a/security/py-mixbox/Makefile +++ b/security/py-mixbox/Makefile @@ -1,6 +1,6 @@ PORTNAME= mixbox PORTVERSION= 1.0.5 -PORTREVISION= 2 +PORTREVISION= 3 CATEGORIES= security python MASTER_SITES= PYPI PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} @@ -12,7 +12,7 @@ WWW= https://github.com/CybOXProject/mixbox LICENSE= BSD3CLAUSE RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}python-dateutil>=0:devel/py-python-dateutil@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}lxml>=0:devel/py-lxml@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}lxml5>=0:devel/py-lxml5@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}ordered-set>=0:devel/py-ordered-set@${PY_FLAVOR} NO_ARCH= yes diff --git a/security/py-ospd-openvas/Makefile b/security/py-ospd-openvas/Makefile index f712dc948669..c7029aa90cce 100644 --- a/security/py-ospd-openvas/Makefile +++ b/security/py-ospd-openvas/Makefile @@ -1,6 +1,7 @@ PORTNAME= ospd-openvas DISTVERSION= 22.9.0 DISTVERSIONPREFIX= v +PORTREVISION= 1 CATEGORIES= security python #MASTER_SITES= PYPI PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} @@ -18,7 +19,7 @@ RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}redis>=0:databases/py-redis@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}packaging>=0:devel/py-packaging@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}defusedxml>=0:devel/py-defusedxml@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}deprecated>0:devel/py-deprecated@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}lxml>0:devel/py-lxml@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}lxml5>0:devel/py-lxml5@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}paramiko>0:security/py-paramiko@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}python-gnupg>0:security/py-python-gnupg@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}paho-mqtt>0:net/py-paho-mqtt@${PY_FLAVOR} \ diff --git a/security/py-pykeepass/Makefile b/security/py-pykeepass/Makefile index 6856c073a1a3..84c0e4e45cbe 100644 --- a/security/py-pykeepass/Makefile +++ b/security/py-pykeepass/Makefile @@ -1,6 +1,7 @@ PORTNAME= pykeepass DISTVERSION= 4.1.1 DISTVERSIONSUFFIX= .post1 +PORTREVISION= 1 CATEGORIES= security python MASTER_SITES= PYPI PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} @@ -17,7 +18,7 @@ BUILD_DEPENDS= ${PY_SETUPTOOLS} \ ${PYTHON_PKGNAMEPREFIX}wheel>0:devel/py-wheel@${PY_FLAVOR} RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}argon2-cffi>=0:security/py-argon2-cffi@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}construct>=0:devel/py-construct@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}lxml>=0:devel/py-lxml@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}lxml5>=0:devel/py-lxml5@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}pycryptodomex>=0:security/py-pycryptodomex@${PY_FLAVOR} USES= python diff --git a/security/py-python-cas/Makefile b/security/py-python-cas/Makefile index afdb7b8656e8..2f174cd20904 100644 --- a/security/py-python-cas/Makefile +++ b/security/py-python-cas/Makefile @@ -1,6 +1,6 @@ PORTNAME= python-cas PORTVERSION= 1.6.0 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= security python MASTER_SITES= PYPI PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} @@ -14,7 +14,7 @@ LICENSE_FILE= ${WRKSRC}/LICENSE.txt RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}six>=1.10.0:devel/py-six@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}requests>=2.11.1:www/py-requests@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}lxml>=3.4:devel/py-lxml@${PY_FLAVOR} + ${PYTHON_PKGNAMEPREFIX}lxml5>=3.4:devel/py-lxml5@${PY_FLAVOR} USES= python USE_PYTHON= autoplist distutils diff --git a/security/py-python3-saml/Makefile b/security/py-python3-saml/Makefile index a2d8be7364ed..2079f1a1cdb0 100644 --- a/security/py-python3-saml/Makefile +++ b/security/py-python3-saml/Makefile @@ -1,5 +1,6 @@ PORTNAME= python3-saml PORTVERSION= 1.16.0 +PORTREVISION= 1 CATEGORIES= security python MASTER_SITES= PYPI PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} @@ -16,7 +17,7 @@ BUILD_DEPENDS= ${PYTHON_PKGNAMEPREFIX}poetry-core>=1.1.0:devel/py-poetry-core@${ ${PYTHON_PKGNAMEPREFIX}setuptools>=40.1.0:devel/py-setuptools@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}wheel>=0:devel/py-wheel@${PY_FLAVOR} RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}isodate>=0.6.1:devel/py-isodate@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}lxml>=4.6.5:devel/py-lxml@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}lxml5>=4.6.5:devel/py-lxml5@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}xmlsec>=1.3.9:security/py-xmlsec@${PY_FLAVOR} TEST_DEPENDS= ${PYTHON_PKGNAMEPREFIX}coverage>=4.5.2:devel/py-coverage@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}flake8>=3.6.0:devel/py-flake8@${PY_FLAVOR} \ diff --git a/security/py-stix/Makefile b/security/py-stix/Makefile index bebebd778cb9..d32ce7cc2494 100644 --- a/security/py-stix/Makefile +++ b/security/py-stix/Makefile @@ -1,7 +1,7 @@ PORTNAME= stix PORTVERSION= 1.2.0.11 DISTVERSIONPREFIX= v -PORTREVISION= 2 +PORTREVISION= 3 CATEGORIES= security python PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} @@ -13,7 +13,7 @@ LICENSE= BSD3CLAUSE LICENSE_FILE= ${WRKSRC}/LICENSE.txt RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}python-dateutil>=0:devel/py-python-dateutil@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}lxml>=2.3:devel/py-lxml@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}lxml5>=2.3:devel/py-lxml5@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}cybox>=2.1.0.13:security/py-cybox@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}mixbox>=1.0.2:security/py-mixbox@${PY_FLAVOR} TEST_DEPENDS= ${PYTHON_PKGNAMEPREFIX}nose>=0:devel/py-nose@${PY_FLAVOR} \ diff --git a/security/snort3/Makefile b/security/snort3/Makefile index 6c19698e3065..a8aa50e7c196 100644 --- a/security/snort3/Makefile +++ b/security/snort3/Makefile @@ -1,6 +1,5 @@ PORTNAME= snort -DISTVERSION= 3.9.1.0 -PORTREVISION= 1 +DISTVERSION= 3.9.2.0 PORTEPOCH= 1 CATEGORIES= security PKGNAMESUFFIX= 3 diff --git a/security/snort3/distinfo b/security/snort3/distinfo index 948c3a03b335..b0b61e634faf 100644 --- a/security/snort3/distinfo +++ b/security/snort3/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1751623929 -SHA256 (snort3-snort3-3.9.1.0_GH0.tar.gz) = fc19f20cd34192eb78f28d7f128c79c5d0096733277f2b630a8cf892b10f33ce -SIZE (snort3-snort3-3.9.1.0_GH0.tar.gz) = 3501016 +TIMESTAMP = 1753181972 +SHA256 (snort3-snort3-3.9.2.0_GH0.tar.gz) = edf0aa5e72d673702bca161e235b7b8f8c3e5a49b81e8ddf2ea7e10736ab0cdd +SIZE (snort3-snort3-3.9.2.0_GH0.tar.gz) = 3507676 diff --git a/security/snort3/pkg-plist b/security/snort3/pkg-plist index ac9338536bea..6e0c9db565da 100644 --- a/security/snort3/pkg-plist +++ b/security/snort3/pkg-plist @@ -202,6 +202,8 @@ include/snort/pub_sub/eof_event.h include/snort/pub_sub/eve_process_event.h include/snort/pub_sub/expect_events.h include/snort/pub_sub/external_event_ids.h +include/snort/pub_sub/file_events.h +include/snort/pub_sub/file_events_ids.h include/snort/pub_sub/finalize_packet_event.h include/snort/pub_sub/ftp_events.h include/snort/pub_sub/http_body_event.h diff --git a/security/vuxml/vuln/2025.xml b/security/vuxml/vuln/2025.xml index 22b2f0f2fbf0..6d452a163c2d 100644 --- a/security/vuxml/vuln/2025.xml +++ b/security/vuxml/vuln/2025.xml @@ -1,3 +1,61 @@ + <vuln vid="0f5bcba2-67fb-11f0-9ee5-b42e991fc52e"> + <topic>sqlite -- Integer Truncation on SQLite</topic> + <affects> + <package> + <name>sqlite3</name> + <range><lt>3.50.2</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>cve-coordination@google.com reports:</p> + <blockquote cite="https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8"> + <p>There exists a vulnerability in SQLite versions before + 3.50.2 where the number of aggregate terms could exceed the + number of columns available. This could lead to a memory + corruption issue.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-6965</cvename> + <url>https://nvd.nist.gov/vuln/detail/CVE-2025-6965</url> + </references> + <dates> + <discovery>2025-07-15</discovery> + <entry>2025-07-23</entry> + </dates> + </vuln> + + <vuln vid="80411ba2-6729-11f0-a5cb-8c164580114f"> + <topic>7-Zip -- Multi-byte write heap buffer overflow in NCompress::NRar5::CDecoder</topic> + <affects> + <package> + <name>7-zip</name> + <range><lt>25.00</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>security-advisories@github.com reports:</p> + <blockquote cite="https://securitylab.github.com/advisories/GHSL-2025-058_7-Zip/"> + <p>7-Zip is a file archiver with a high compression ratio. Zeroes + written outside heap buffer in RAR5 handler may lead to memory + corruption and denial of service in versions of 7-Zip prior to + 25.0.0. Version 25.0.0 contains a fix for the issue.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-53816</cvename> + <url>https://nvd.nist.gov/vuln/detail/CVE-2025-53816</url> + </references> + <dates> + <discovery>2025-07-17</discovery> + <entry>2025-07-22</entry> + </dates> + </vuln> + <vuln vid="605a9d1e-6521-11f0-beb2-ac5afc632ba3"> <topic>libwasmtime -- host panic with fd_renumber WASIp1 function</topic> <affects> @@ -1612,7 +1670,7 @@ <affects> <package> <name>openh264</name> - <range><lt>2.5.1</lt></range> + <range><lt>2.5.1,2</lt></range> </package> </affects> <description> diff --git a/security/zeek/Makefile b/security/zeek/Makefile index 6a84daace7de..e9a2bcc78a26 100644 --- a/security/zeek/Makefile +++ b/security/zeek/Makefile @@ -1,6 +1,5 @@ PORTNAME= zeek -DISTVERSION= 7.0.8 -PORTREVISION= 1 +DISTVERSION= 7.0.9 CATEGORIES= security MASTER_SITES= https://download.zeek.org/ diff --git a/security/zeek/distinfo b/security/zeek/distinfo index 556e223ec34a..716e78e681b4 100644 --- a/security/zeek/distinfo +++ b/security/zeek/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1747772619 -SHA256 (zeek-7.0.8.tar.gz) = 29f918851d671fb3d8fe6b97e3d9fcefaa18660c57cb1ed63adc5e25773175cd -SIZE (zeek-7.0.8.tar.gz) = 95963798 +TIMESTAMP = 1753129322 +SHA256 (zeek-7.0.9.tar.gz) = bebec9a71242da250ef8476bfce632c43892995c247d8dfafcef80ce42f6adbc +SIZE (zeek-7.0.9.tar.gz) = 95973519 |