diff options
Diffstat (limited to 'security')
69 files changed, 542 insertions, 230 deletions
diff --git a/security/Makefile b/security/Makefile index 5651bbf0f77d..0343c9fd1932 100644 --- a/security/Makefile +++ b/security/Makefile @@ -877,6 +877,7 @@ SUBDIR += putty-nogtk SUBDIR += pvk SUBDIR += pwauth + SUBDIR += pwdsafety SUBDIR += pwman SUBDIR += pwned-check SUBDIR += py-SecretStorage @@ -937,6 +938,7 @@ SUBDIR += py-dfdatetime SUBDIR += py-dfwinreg SUBDIR += py-dirhash + SUBDIR += py-distro2sbom SUBDIR += py-django-auth-kerberos SUBDIR += py-docker-pycreds SUBDIR += py-ecdsa @@ -979,6 +981,7 @@ SUBDIR += py-keyring SUBDIR += py-keyrings.alt SUBDIR += py-krb5 + SUBDIR += py-lib4sbom SUBDIR += py-libnacl SUBDIR += py-liboqs-python SUBDIR += py-m2crypto diff --git a/security/amavisd-new/Makefile b/security/amavisd-new/Makefile index 698c96f64b45..7a01601fa668 100644 --- a/security/amavisd-new/Makefile +++ b/security/amavisd-new/Makefile @@ -1,5 +1,5 @@ PORTNAME= amavisd-new -DISTVERSION= 2.13.1 +DISTVERSION= 2.14.0 PORTEPOCH= 1 CATEGORIES= security @@ -23,7 +23,7 @@ USE_PERL5= run USE_GITLAB= yes GL_ACCOUNT= amavis GL_PROJECT= amavis -GL_TAGNAME= cdd11b069e20a4cb99960614ca9c3eb385d4e200 +GL_TAGNAME= fc0e86edb3fd4fb779e4e906fb1cc61fdf7e6e7f SHEBANG_FILES= bin/amavisd bin/amavisd-agent bin/amavisd-nanny \ bin/amavisd-release bin/amavisd-snmp-subagent \ diff --git a/security/amavisd-new/distinfo b/security/amavisd-new/distinfo index 109ac9ef9616..3cde9f37a62e 100644 --- a/security/amavisd-new/distinfo +++ b/security/amavisd-new/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1747417723 -SHA256 (amavis-amavis-cdd11b069e20a4cb99960614ca9c3eb385d4e200_GL0.tar.gz) = beebeaa0bbdd6d59301d5e140f0d71f716588e6e3fcfe73a26594ff1f2c7704c -SIZE (amavis-amavis-cdd11b069e20a4cb99960614ca9c3eb385d4e200_GL0.tar.gz) = 1132629 +TIMESTAMP = 1752691896 +SHA256 (amavis-amavis-fc0e86edb3fd4fb779e4e906fb1cc61fdf7e6e7f_GL0.tar.gz) = bd722b9096b52d383efcf6b3f91a75399c08973a396e6e27da6efa9733555ef3 +SIZE (amavis-amavis-fc0e86edb3fd4fb779e4e906fb1cc61fdf7e6e7f_GL0.tar.gz) = 1136776 diff --git a/security/aws-iam-authenticator/Makefile b/security/aws-iam-authenticator/Makefile index bf91091174f6..9aecaae8b218 100644 --- a/security/aws-iam-authenticator/Makefile +++ b/security/aws-iam-authenticator/Makefile @@ -1,7 +1,6 @@ PORTNAME= aws-iam-authenticator -PORTVERSION= 0.7.3 +PORTVERSION= 0.7.4 DISTVERSIONPREFIX= v -PORTREVISION= 1 CATEGORIES= security MAINTAINER= danilo@FreeBSD.org @@ -10,7 +9,7 @@ WWW= https://github.com/kubernetes-sigs/aws-iam-authenticator LICENSE= APACHE20 -USES= go:1.24,modules +USES= go:modules GO_MODULE= github.com/kubernetes-sigs/${PORTNAME} GO_TARGET= ./cmd/${PORTNAME} diff --git a/security/aws-iam-authenticator/distinfo b/security/aws-iam-authenticator/distinfo index fef0487d0219..75490661d335 100644 --- a/security/aws-iam-authenticator/distinfo +++ b/security/aws-iam-authenticator/distinfo @@ -1,5 +1,5 @@ -TIMESTAMP = 1750521592 -SHA256 (go/security_aws-iam-authenticator/aws-iam-authenticator-v0.7.3/v0.7.3.mod) = 8ecdfec2a08ef66fd57567c82bc179409b8cf25a6a783345c9b07f258524ad01 -SIZE (go/security_aws-iam-authenticator/aws-iam-authenticator-v0.7.3/v0.7.3.mod) = 4278 -SHA256 (go/security_aws-iam-authenticator/aws-iam-authenticator-v0.7.3/v0.7.3.zip) = aa54c7e555826a93cd55c4f651af71ddad0408367085e6f9044bedf386824008 -SIZE (go/security_aws-iam-authenticator/aws-iam-authenticator-v0.7.3/v0.7.3.zip) = 227851 +TIMESTAMP = 1752398596 +SHA256 (go/security_aws-iam-authenticator/aws-iam-authenticator-v0.7.4/v0.7.4.mod) = db4a607f223aa9e65f5350dd36239f83586c7cb8fe5a769eb7eb650b1d1eef7b +SIZE (go/security_aws-iam-authenticator/aws-iam-authenticator-v0.7.4/v0.7.4.mod) = 4316 +SHA256 (go/security_aws-iam-authenticator/aws-iam-authenticator-v0.7.4/v0.7.4.zip) = 45a66f0e05a6c7bb9455d8d94ce46374ebd3faeeb4bd9f554b6ff55a665d9eb1 +SIZE (go/security_aws-iam-authenticator/aws-iam-authenticator-v0.7.4/v0.7.4.zip) = 228112 diff --git a/security/caldera/Makefile b/security/caldera/Makefile index ac4548a93b75..8fd14526775c 100644 --- a/security/caldera/Makefile +++ b/security/caldera/Makefile @@ -1,6 +1,6 @@ PORTNAME= caldera DISTVERSION= 5.3.0 -PORTREVISION= 2 +PORTREVISION= 3 CATEGORIES= security python MAINTAINER= acm@FreeBSD.org @@ -33,7 +33,7 @@ RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}aiohttp>0:www/py-aiohttp@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}donut-shellcode>0:devel/py-donut-shellcode@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}marshmallow-enum>0:devel/py-marshmallow-enum@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}ldap3>0:net/py-ldap3@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}lxml>0:devel/py-lxml@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}lxml5>0:devel/py-lxml5@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}reportlab>0:print/py-reportlab@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}svglib>0:converters/py-svglib@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}markdown>0:textproc/py-markdown@${PY_FLAVOR} \ diff --git a/security/cosign/Makefile b/security/cosign/Makefile index 6ea8e79ac6f6..ae77371b9728 100644 --- a/security/cosign/Makefile +++ b/security/cosign/Makefile @@ -1,7 +1,6 @@ PORTNAME= cosign DISTVERSIONPREFIX= v -DISTVERSION= 2.5.2 -PORTREVISION= 1 +DISTVERSION= 2.5.3 CATEGORIES= security MAINTAINER= bofh@FreeBSD.org @@ -24,7 +23,7 @@ GO_BUILDFLAGS= -ldflags="-buildid= \ PLIST_FILES= bin/${PORTNAME} -GIT_HASH= af5a988bb15a03919ccaac7a2ddcad7a9d006f38 +GIT_HASH= 488ef8ceed5ab5d77379e9077a124a0d0df41d06 .include <bsd.port.pre.mk> diff --git a/security/cosign/distinfo b/security/cosign/distinfo index 621a1398dec8..162267863be7 100644 --- a/security/cosign/distinfo +++ b/security/cosign/distinfo @@ -1,5 +1,5 @@ -TIMESTAMP = 1751444102 -SHA256 (go/security_cosign/cosign-v2.5.2/v2.5.2.mod) = 5bc5ad2f641929f53eeb4fcec33fba55b78a51cf707f53f74feae8a0e7ad0bae -SIZE (go/security_cosign/cosign-v2.5.2/v2.5.2.mod) = 15326 -SHA256 (go/security_cosign/cosign-v2.5.2/v2.5.2.zip) = 91f0aebf97ae40581273a4e44fad958ce7ff02dd232663f9fffd074596efa82e -SIZE (go/security_cosign/cosign-v2.5.2/v2.5.2.zip) = 1274354 +TIMESTAMP = 1752874321 +SHA256 (go/security_cosign/cosign-v2.5.3/v2.5.3.mod) = 3d3e90c2ad6b9f1dc45c9f83c5408d4296d80ae3728998504d9d3e077dd19afe +SIZE (go/security_cosign/cosign-v2.5.3/v2.5.3.mod) = 16693 +SHA256 (go/security_cosign/cosign-v2.5.3/v2.5.3.zip) = e0158a5721ba7c8e2b775af499c07d89957ae42177a1794c8382e1e91901b531 +SIZE (go/security_cosign/cosign-v2.5.3/v2.5.3.zip) = 1335557 diff --git a/security/crowdsec/Makefile b/security/crowdsec/Makefile index e2ad67f55638..9e78e2e9f9a4 100644 --- a/security/crowdsec/Makefile +++ b/security/crowdsec/Makefile @@ -1,7 +1,6 @@ PORTNAME= crowdsec DISTVERSIONPREFIX= v -DISTVERSION= 1.6.9 -PORTREVISION= 1 +DISTVERSION= 1.6.10 CATEGORIES= security MAINTAINER= marco@crowdsec.net @@ -15,7 +14,7 @@ LIB_DEPENDS= libabsl_base.so:devel/abseil \ libre2.so:devel/re2 USES= go:modules pkgconfig -_COMMIT= 40b8cfe6 +_COMMIT= 79870769 _BUILD_DATE= $$(date -u "+%F_%T") USE_RC_SUBR= crowdsec diff --git a/security/crowdsec/distinfo b/security/crowdsec/distinfo index aae70fd870b6..27803f8b958a 100644 --- a/security/crowdsec/distinfo +++ b/security/crowdsec/distinfo @@ -1,5 +1,5 @@ -TIMESTAMP = 1750243893 -SHA256 (go/security_crowdsec/crowdsec-v1.6.9/v1.6.9.mod) = 75ab181433766799f3b54e5e9bb6634c8075e310ec3192a8ae31492ad54f1376 -SIZE (go/security_crowdsec/crowdsec-v1.6.9/v1.6.9.mod) = 10924 -SHA256 (go/security_crowdsec/crowdsec-v1.6.9/v1.6.9.zip) = 3f65b6dc339357172eb2b130ad8c4a1842557d317e05730227abf4f703da5d01 -SIZE (go/security_crowdsec/crowdsec-v1.6.9/v1.6.9.zip) = 1767818 +TIMESTAMP = 1752763731 +SHA256 (go/security_crowdsec/crowdsec-v1.6.10/v1.6.10.mod) = e02f57949b178e642aebe6d7d751494c9b9d8d3b3c6cdad66cf1db17ae1d584a +SIZE (go/security_crowdsec/crowdsec-v1.6.10/v1.6.10.mod) = 10836 +SHA256 (go/security_crowdsec/crowdsec-v1.6.10/v1.6.10.zip) = 67b2de6ea0adacfdd9f673464f9e5dd6b71aa6d71c11c06073130507badc4c27 +SIZE (go/security_crowdsec/crowdsec-v1.6.10/v1.6.10.zip) = 1779682 diff --git a/security/gnutls/Makefile b/security/gnutls/Makefile index 7f9712b57b9d..1a372e5bb819 100644 --- a/security/gnutls/Makefile +++ b/security/gnutls/Makefile @@ -1,7 +1,10 @@ PORTNAME= gnutls -DISTVERSION= 3.8.9 +DISTVERSION= 3.8.10 CATEGORIES= security net -MASTER_SITES= GNUPG/${PORTNAME}/v${DISTVERSION:C/(\.[^.]*).*/\1/} +MASTER_SITES= GNUPG/${PORTNAME}/v${DISTVERSION:C/(\.[^.]*).*/\1/} \ + https://gitlab.com/gnutls/gnutls/-/raw/${DISTVERSION}/tests/:test +DISTFILES= ${DISTNAME}${EXTRACT_SUFX} ktls_utils.h:test +EXTRACT_ONLY= ${DISTNAME}${EXTRACT_SUFX} MAINTAINER= tijl@FreeBSD.org COMMENT= GNU Transport Layer Security library @@ -12,10 +15,12 @@ LICENSE_COMB= multi LICENSE_FILE_GPLv3+ = ${WRKSRC}/COPYING LICENSE_FILE_LGPL21+ = ${WRKSRC}/COPYING.LESSERv2 -LIB_DEPENDS= libgmp.so:math/gmp \ +LIB_DEPENDS= libbrotlienc.so:archivers/brotli \ + libgmp.so:math/gmp \ libnettle.so:security/nettle \ libtasn1.so:security/libtasn1 \ - libunistring.so:devel/libunistring + libunistring.so:devel/libunistring \ + libzstd.so:archivers/zstd USES= compiler:c11 cpe gmake iconv libtool localbase makeinfo \ pkgconfig tar:xz @@ -28,11 +33,11 @@ CONFIGURE_ARGS= --disable-rpath \ --enable-openssl-compatibility \ --with-default-trust-store-dir=/etc/ssl/certs \ --with-system-priority-file=${PREFIX}/etc/gnutls/config \ - --without-brotli \ + --with-brotli \ --without-included-libtasn1 \ --without-tpm \ --without-tpm2 \ - --without-zstd + --with-zstd MAKE_ENV= MAKEINFOFLAGS=--no-split INSTALL_TARGET= install-strip @@ -73,6 +78,7 @@ P11KIT_CONFIGURE_WITH= p11-kit SRP_CONFIGURE_ENABLE= srp-authentication post-patch: + @${CP} -p ${DISTDIR}/ktls_utils.h ${WRKSRC}/tests/ @${RM} ${WRKSRC}/doc/*.info* @${REINPLACE_CMD} 's,/usr/share,${PREFIX}/share,' \ ${WRKSRC}/doc/manpages/*.[13] diff --git a/security/gnutls/distinfo b/security/gnutls/distinfo index fe6e2e9317b8..a67d8f2ab573 100644 --- a/security/gnutls/distinfo +++ b/security/gnutls/distinfo @@ -1,3 +1,5 @@ -TIMESTAMP = 1739176636 -SHA256 (gnutls-3.8.9.tar.xz) = 69e113d802d1670c4d5ac1b99040b1f2d5c7c05daec5003813c049b5184820ed -SIZE (gnutls-3.8.9.tar.xz) = 6847364 +TIMESTAMP = 1752249814 +SHA256 (gnutls-3.8.10.tar.xz) = db7fab7cce791e7727ebbef2334301c821d79a550ec55c9ef096b610b03eb6b7 +SIZE (gnutls-3.8.10.tar.xz) = 6909856 +SHA256 (ktls_utils.h) = e41d33289c63573c59d2d02b4110a2f63651add28001031e6dc20327d096b734 +SIZE (ktls_utils.h) = 1983 diff --git a/security/gnutls/files/patch-lib_system_ktls.c b/security/gnutls/files/patch-lib_system_ktls.c new file mode 100644 index 000000000000..3c0dbc6a8734 --- /dev/null +++ b/security/gnutls/files/patch-lib_system_ktls.c @@ -0,0 +1,18 @@ +--- lib/system/ktls.c.orig 2025-04-11 11:51:08 UTC ++++ lib/system/ktls.c +@@ -1076,6 +1076,7 @@ int _gnutls_ktls_recv_control_msg(gnutls_session_t ses + default: + return GNUTLS_E_PULL_ERROR; + } ++#ifdef EKEYEXPIRED + } else if (unlikely(ret == -EKEYEXPIRED)) { + /* This will be received until a keyupdate is performed on the + scoket. */ +@@ -1083,6 +1084,7 @@ int _gnutls_ktls_recv_control_msg(gnutls_session_t ses + "updated keys\n"); + gnutls_assert(); + return GNUTLS_E_AGAIN; ++#endif + } + + /* connection closed */ diff --git a/security/gnutls/pkg-plist b/security/gnutls/pkg-plist index 14edcf814711..45fd3c64ee3a 100644 --- a/security/gnutls/pkg-plist +++ b/security/gnutls/pkg-plist @@ -35,7 +35,7 @@ lib/libgnutls-openssl.so.27 lib/libgnutls-openssl.so.27.0.2 lib/libgnutls.so lib/libgnutls.so.30 -lib/libgnutls.so.30.40.3 +lib/libgnutls.so.30.40.4 lib/libgnutlsxx.so lib/libgnutlsxx.so.30 lib/libgnutlsxx.so.30.0.0 diff --git a/security/kf6-kdesu/distinfo b/security/kf6-kdesu/distinfo index bea35261fd90..52e78e907b29 100644 --- a/security/kf6-kdesu/distinfo +++ b/security/kf6-kdesu/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1749476629 -SHA256 (KDE/frameworks/6.15/kdesu-6.15.0.tar.xz) = 9eb4c11a1742af2cb17cf1e7e18bb0fbdb45ee16f083739c418cbe9d45af1806 -SIZE (KDE/frameworks/6.15/kdesu-6.15.0.tar.xz) = 57012 +TIMESTAMP = 1752529520 +SHA256 (KDE/frameworks/6.16/kdesu-6.16.0.tar.xz) = f9cbfae88596cfd00b269744c89a042dfbc048273e35f1c7e158429db55c8d68 +SIZE (KDE/frameworks/6.16/kdesu-6.16.0.tar.xz) = 57016 diff --git a/security/lego/Makefile b/security/lego/Makefile index f10952e5b645..e2b6deead144 100644 --- a/security/lego/Makefile +++ b/security/lego/Makefile @@ -1,6 +1,6 @@ PORTNAME= lego DISTVERSIONPREFIX= v -DISTVERSION= 4.23.1 +DISTVERSION= 4.24.0 CATEGORIES= security MAINTAINER= matt@matthoran.com diff --git a/security/lego/distinfo b/security/lego/distinfo index a001c40416e0..ee445fe960dc 100644 --- a/security/lego/distinfo +++ b/security/lego/distinfo @@ -1,5 +1,5 @@ -TIMESTAMP = 1744909990 -SHA256 (go/security_lego/lego-v4.23.1/v4.23.1.mod) = fbe813f20f296ae07f773c7173d0e32b698990fb403d0c83dca3dc9ca34eacd7 -SIZE (go/security_lego/lego-v4.23.1/v4.23.1.mod) = 10512 -SHA256 (go/security_lego/lego-v4.23.1/v4.23.1.zip) = 7e6b351fe919e632aa1d5acc8a544d1549e8641391eaed58774998d2cbb4f845 -SIZE (go/security_lego/lego-v4.23.1/v4.23.1.zip) = 1461472 +TIMESTAMP = 1752932681 +SHA256 (go/security_lego/lego-v4.24.0/v4.24.0.mod) = 4ee2e188492702303c89e3703b26d3cbb10cbdde9ff002e4e8f842f15b81763f +SIZE (go/security_lego/lego-v4.24.0/v4.24.0.mod) = 11037 +SHA256 (go/security_lego/lego-v4.24.0/v4.24.0.zip) = f6a58c88e80aa6d4ffb8eba3b4fd313bba2b3ed3a3b1bbfd23b33fad1bbe7642 +SIZE (go/security_lego/lego-v4.24.0/v4.24.0.zip) = 1502515 diff --git a/security/nss/Makefile b/security/nss/Makefile index b99ebcb77547..f8c7e5630703 100644 --- a/security/nss/Makefile +++ b/security/nss/Makefile @@ -1,5 +1,5 @@ PORTNAME= nss -PORTVERSION= 3.113.1 +PORTVERSION= 3.114 CATEGORIES= security MASTER_SITES= MOZILLA/security/${PORTNAME}/releases/${DISTNAME:tu:C/[-.]/_/g}_RTM/src diff --git a/security/nss/distinfo b/security/nss/distinfo index fe38e674c30a..df00638ab54d 100644 --- a/security/nss/distinfo +++ b/security/nss/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1751391207 -SHA256 (nss-3.113.1.tar.gz) = b8c586cc0ac60b76477f62483f664f119c26000a8189dd9ef417df7dbd33a2cc -SIZE (nss-3.113.1.tar.gz) = 76626220 +TIMESTAMP = 1752847969 +SHA256 (nss-3.114.tar.gz) = cac3c0d67028804fb316e9695f81749fa4dc118e731d674b4c4c347bd849c2f1 +SIZE (nss-3.114.tar.gz) = 76653541 diff --git a/security/nss/files/patch-bug1973105 b/security/nss/files/patch-bug1973105 deleted file mode 100644 index ef2eea831b0d..000000000000 --- a/security/nss/files/patch-bug1973105 +++ /dev/null @@ -1,23 +0,0 @@ -commit 98cb80c5fba9550451f6df711a2ae460608acd5e -Author: Christoph Moench-Tegeder <cmt@burggraben.net> - - Bug 1973105 - remove out-of-function semicolon, r=rrelyea - - given the right flags, consumers of nss may fail with - : /usr/local/include/nss/pkcs11n.h:633:92: error: extra ';' outside of a function [-Werror,-Wextra-semi] - - Differential Revision: https://phabricator.services.mozilla.com/D254438 - -diff --git lib/util/pkcs11n.h lib/util/pkcs11n.h -index cba3f63ae..9365d697a 100644 ---- lib/util/pkcs11n.h -+++ lib/util/pkcs11n.h -@@ -630,7 +630,7 @@ _NSS_DEPRECATE_DEFINE_TYPE(CK_TRUST, CKT_NSS_VALID, - #define CKT_NSS_VALID \ - _NSS_DEPRECATE_DEFINE_VALUE(CKT_NSS_VALID, CKT_NSS_NOT_TRUSTED) - _NSS_DEPRECATE_DEFINE_TYPE(CK_TRUST, CKT_NSS_MUST_VERIFY, -- "CKT_NSS_MUST_VERIFY really functions as CKT_NSS_TRUST_UNKNOWN"); -+ "CKT_NSS_MUST_VERIFY really functions as CKT_NSS_TRUST_UNKNOWN") - #define CKT_NSS_MUST_VERIFY \ - _NSS_DEPRECATE_DEFINE_VALUE(CKT_NSS_MUST_VERIFY, CKT_NSS_TRUST_UNKNOWN) - diff --git a/security/openvpn-auth-oauth2/Makefile b/security/openvpn-auth-oauth2/Makefile index 7856f7faa59a..a9d82abdcb09 100644 --- a/security/openvpn-auth-oauth2/Makefile +++ b/security/openvpn-auth-oauth2/Makefile @@ -1,7 +1,6 @@ PORTNAME= openvpn-auth-oauth2 DISTVERSIONPREFIX= v -DISTVERSION= 1.24.0 -PORTREVISION= 1 +DISTVERSION= 1.24.1 CATEGORIES= security net net-vpn MAINTAINER= otis@FreeBSD.org diff --git a/security/openvpn-auth-oauth2/distinfo b/security/openvpn-auth-oauth2/distinfo index 65bdf59a48f1..bf0f18a8f81b 100644 --- a/security/openvpn-auth-oauth2/distinfo +++ b/security/openvpn-auth-oauth2/distinfo @@ -1,5 +1,5 @@ -TIMESTAMP = 1750538779 -SHA256 (go/security_openvpn-auth-oauth2/openvpn-auth-oauth2-v1.24.0/v1.24.0.mod) = cf3d2994878a3a111e074a20790a0601c70c68202c2a54702aa09fb62dd5d9dd -SIZE (go/security_openvpn-auth-oauth2/openvpn-auth-oauth2-v1.24.0/v1.24.0.mod) = 1329 -SHA256 (go/security_openvpn-auth-oauth2/openvpn-auth-oauth2-v1.24.0/v1.24.0.zip) = bb420b79a1ca9fc94ecc859c0663eb00b6672ee9aacfad0367c319954f1b047e -SIZE (go/security_openvpn-auth-oauth2/openvpn-auth-oauth2-v1.24.0/v1.24.0.zip) = 1869608 +TIMESTAMP = 1752923767 +SHA256 (go/security_openvpn-auth-oauth2/openvpn-auth-oauth2-v1.24.1/v1.24.1.mod) = 7d3079b58c7a71ba2ef004c3f19ab7a5a0c48a131e6ae65f353ad2670bb5b090 +SIZE (go/security_openvpn-auth-oauth2/openvpn-auth-oauth2-v1.24.1/v1.24.1.mod) = 1370 +SHA256 (go/security_openvpn-auth-oauth2/openvpn-auth-oauth2-v1.24.1/v1.24.1.zip) = 642cd0ec8b057bfad179541b1920f848c16458cebb1821f334b27e89617695ff +SIZE (go/security_openvpn-auth-oauth2/openvpn-auth-oauth2-v1.24.1/v1.24.1.zip) = 1873530 diff --git a/security/osv-scanner/Makefile b/security/osv-scanner/Makefile index 0ce2d86f5e6c..5848bced8ba3 100644 --- a/security/osv-scanner/Makefile +++ b/security/osv-scanner/Makefile @@ -1,23 +1,23 @@ PORTNAME= osv-scanner DISTVERSIONPREFIX= v -DISTVERSION= 1.9.2 -PORTREVISION= 3 +DISTVERSION= 2.1.0 +PORTREVISION= 1 CATEGORIES= security -MAINTAINER= lcook@FreeBSD.org +MAINTAINER= dutra@FreeBSD.org COMMENT= Vulnerability scanner written in Go which uses the OSV database WWW= https://github.com/google/osv-scanner LICENSE= APACHE20 LICENSE_FILE= ${WRKSRC}/LICENSE -USES= go:1.23,modules +USES= go:1.24,modules,run _BUILD_VERSION= ${DISTVERSION} -_BUILD_COMMIT= 1e295ee +_BUILD_COMMIT= 9267fda _BUILD_DATE= $$(date +%Y-%m-%d) -GO_MODULE= github.com/google/${PORTNAME} +GO_MODULE= github.com/google/${PORTNAME}/v2 GO_TARGET= ./cmd/${PORTNAME} GO_BUILDFLAGS= -ldflags "\ -s -w \ diff --git a/security/osv-scanner/distinfo b/security/osv-scanner/distinfo index a27f12229bee..0bb9d35b4b24 100644 --- a/security/osv-scanner/distinfo +++ b/security/osv-scanner/distinfo @@ -1,5 +1,5 @@ -TIMESTAMP = 1738079186 -SHA256 (go/security_osv-scanner/osv-scanner-v1.9.2/v1.9.2.mod) = 705bf3761bf62eb440e7b3900383d7d3ceee6e20eb412e69831fa5cdbf74b096 -SIZE (go/security_osv-scanner/osv-scanner-v1.9.2/v1.9.2.mod) = 5010 -SHA256 (go/security_osv-scanner/osv-scanner-v1.9.2/v1.9.2.zip) = 395023fb51425d49745e49d970bd05e39d12473916018d50d4ddd2175514c8b6 -SIZE (go/security_osv-scanner/osv-scanner-v1.9.2/v1.9.2.zip) = 7506952 +TIMESTAMP = 1752902973 +SHA256 (go/security_osv-scanner/osv-scanner-v2.1.0/v2.1.0.mod) = 47c1c8a3532bdbc1d13ec28192a526fcd369cc0d1ef66183da43912d0e5187a0 +SIZE (go/security_osv-scanner/osv-scanner-v2.1.0/v2.1.0.mod) = 9478 +SHA256 (go/security_osv-scanner/osv-scanner-v2.1.0/v2.1.0.zip) = 26944055bd68077d904d55d8d9b59cde9d4c4273beb2687a2a283ba1ed67e759 +SIZE (go/security_osv-scanner/osv-scanner-v2.1.0/v2.1.0.zip) = 5197089 diff --git a/security/osv-scanner/files/patch-internal_sourceanalysis_go.go b/security/osv-scanner/files/patch-internal_sourceanalysis_go.go index c1bbfd93f555..04a027230126 100644 --- a/security/osv-scanner/files/patch-internal_sourceanalysis_go.go +++ b/security/osv-scanner/files/patch-internal_sourceanalysis_go.go @@ -1,11 +1,11 @@ ---- internal/sourceanalysis/go.go.orig 1979-11-29 23:00:00 UTC +--- internal/sourceanalysis/go.go.orig 1979-11-30 03:00:00 UTC +++ internal/sourceanalysis/go.go -@@ -18,7 +18,7 @@ func goAnalysis(r reporter.Reporter, pkgs []models.Pac +@@ -19,7 +19,7 @@ func goAnalysis(pkgs []models.PackageVulns, source mod ) - func goAnalysis(r reporter.Reporter, pkgs []models.PackageVulns, source models.SourceInfo) { + func goAnalysis(pkgs []models.PackageVulns, source models.SourceInfo) { - cmd := exec.Command("go", "version") + cmd := exec.Command("go%%GO_SUFFIX%%", "version") _, err := cmd.Output() if err != nil { - r.Infof("Skipping call analysis on Go code since Go is not installed.\n") + slog.Info("Skipping call analysis on Go code since Go is not installed.") diff --git a/security/p5-IO-Socket-SSL/Makefile b/security/p5-IO-Socket-SSL/Makefile index 2c321a4026a6..29146bfd6d3f 100644 --- a/security/p5-IO-Socket-SSL/Makefile +++ b/security/p5-IO-Socket-SSL/Makefile @@ -1,5 +1,5 @@ PORTNAME= IO-Socket-SSL -DISTVERSION= 2.094 +DISTVERSION= 2.095 CATEGORIES= security perl5 MASTER_SITES= CPAN PKGNAMEPREFIX= p5- diff --git a/security/p5-IO-Socket-SSL/distinfo b/security/p5-IO-Socket-SSL/distinfo index efb7a05e9054..b22b9809c135 100644 --- a/security/p5-IO-Socket-SSL/distinfo +++ b/security/p5-IO-Socket-SSL/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1750304746 -SHA256 (IO-Socket-SSL-2.094.tar.gz) = b2446889cb5e20545d782c4676da1b235673a81c181689aaae2492589d84bf02 -SIZE (IO-Socket-SSL-2.094.tar.gz) = 276094 +TIMESTAMP = 1752293624 +SHA256 (IO-Socket-SSL-2.095.tar.gz) = 7e764392b1b8bd44e654183c082b75be47800e98d7cd325f0e1b76c7d9a6b768 +SIZE (IO-Socket-SSL-2.095.tar.gz) = 276128 diff --git a/security/plasma6-kscreenlocker/distinfo b/security/plasma6-kscreenlocker/distinfo index b29b38d6d151..cd888278e07e 100644 --- a/security/plasma6-kscreenlocker/distinfo +++ b/security/plasma6-kscreenlocker/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1751380541 -SHA256 (KDE/plasma/6.4.2/kscreenlocker-6.4.2.tar.xz) = ef2bc8c2f1f0df75c67778c4208a5ee02c0546356ef8352dd1ffdee867283cc4 -SIZE (KDE/plasma/6.4.2/kscreenlocker-6.4.2.tar.xz) = 183732 +TIMESTAMP = 1752584471 +SHA256 (KDE/plasma/6.4.3/kscreenlocker-6.4.3.tar.xz) = 3441174426fd18524ca59fa2246f9ee99c31dec0fd89eaa79705e6a32d1dcac3 +SIZE (KDE/plasma/6.4.3/kscreenlocker-6.4.3.tar.xz) = 183744 diff --git a/security/plasma6-ksshaskpass/distinfo b/security/plasma6-ksshaskpass/distinfo index 87b4a2ee1759..85e6bb88f3e3 100644 --- a/security/plasma6-ksshaskpass/distinfo +++ b/security/plasma6-ksshaskpass/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1751380542 -SHA256 (KDE/plasma/6.4.2/ksshaskpass-6.4.2.tar.xz) = 6ef3811239c2ec505859f6c483927d6d69a59fbd8d6da41b385a977c231efffc -SIZE (KDE/plasma/6.4.2/ksshaskpass-6.4.2.tar.xz) = 30792 +TIMESTAMP = 1752584472 +SHA256 (KDE/plasma/6.4.3/ksshaskpass-6.4.3.tar.xz) = 965f89a01aa91c07ed5b8aed2be3521f88e98b22e1277846f12440c9760baf10 +SIZE (KDE/plasma/6.4.3/ksshaskpass-6.4.3.tar.xz) = 30796 diff --git a/security/plasma6-kwallet-pam/distinfo b/security/plasma6-kwallet-pam/distinfo index 3eb96bb2863b..2311ddd3d4b4 100644 --- a/security/plasma6-kwallet-pam/distinfo +++ b/security/plasma6-kwallet-pam/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1751380542 -SHA256 (KDE/plasma/6.4.2/kwallet-pam-6.4.2.tar.xz) = fc5578ae860d74ce7695cf0b561a72bcf4730636694d8debfc10c85e97296ae9 -SIZE (KDE/plasma/6.4.2/kwallet-pam-6.4.2.tar.xz) = 22396 +TIMESTAMP = 1752584472 +SHA256 (KDE/plasma/6.4.3/kwallet-pam-6.4.3.tar.xz) = 08151ca03e7b8a8e7696927e3aadc3095cf48081748c983798dac35ab5fd0cde +SIZE (KDE/plasma/6.4.3/kwallet-pam-6.4.3.tar.xz) = 22396 diff --git a/security/pwdsafety/Makefile b/security/pwdsafety/Makefile new file mode 100644 index 000000000000..118a8440662b --- /dev/null +++ b/security/pwdsafety/Makefile @@ -0,0 +1,20 @@ +PORTNAME= pwdsafety +DISTVERSIONPREFIX= v +DISTVERSION= 0.4.0 +CATEGORIES= security + +MAINTAINER= olgeni@FreeBSD.org +COMMENT= Command line tool that checks how much a password is safe +WWW= https://github.com/edoardottt/pwdsafety + +LICENSE= GPLv3 +LICENSE_FILE= ${WRKSRC}/LICENSE + +USES= go:modules + +GO_MODULE= github.com/edoardottt/pwdsafety +GO_TARGET= ./cmd/pwdsafety + +PLIST_FILES= bin/pwdsafety + +.include <bsd.port.mk> diff --git a/security/pwdsafety/distinfo b/security/pwdsafety/distinfo new file mode 100644 index 000000000000..1bae896cbab4 --- /dev/null +++ b/security/pwdsafety/distinfo @@ -0,0 +1,5 @@ +TIMESTAMP = 1752333153 +SHA256 (go/security_pwdsafety/pwdsafety-v0.4.0/v0.4.0.mod) = e24364d55d617dd7b5b727b94d836e02a2c1994d731f8e7f839e9a4b6e4728fc +SIZE (go/security_pwdsafety/pwdsafety-v0.4.0/v0.4.0.mod) = 272 +SHA256 (go/security_pwdsafety/pwdsafety-v0.4.0/v0.4.0.zip) = 81ee80f0da8ed074ea82b4e468a901ce4858c4e1a9635428e5355114c9c43601 +SIZE (go/security_pwdsafety/pwdsafety-v0.4.0/v0.4.0.zip) = 41421 diff --git a/security/pwdsafety/pkg-descr b/security/pwdsafety/pkg-descr new file mode 100644 index 000000000000..2d88f6f3a928 --- /dev/null +++ b/security/pwdsafety/pkg-descr @@ -0,0 +1,11 @@ +pwdsafety is a command-line tool that checks how safe a password is by +calculating its entropy and providing a safety score. It helps users +understand password strength without storing any password information. + +Features: + +- Password strength analysis through entropy calculation +- Safety scoring system +- Generates strong random passwords for weak inputs +- Command-line interface for easy integration +- Zero storage of password data diff --git a/security/py-bitbox02/Makefile b/security/py-bitbox02/Makefile index eaaf1176ddc9..4f3cdf714655 100644 --- a/security/py-bitbox02/Makefile +++ b/security/py-bitbox02/Makefile @@ -1,6 +1,5 @@ PORTNAME= bitbox02 -PORTVERSION= 6.3.0 -PORTREVISION= 1 +PORTVERSION= 7.0.0 CATEGORIES= security python MASTER_SITES= PYPI PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} diff --git a/security/py-bitbox02/distinfo b/security/py-bitbox02/distinfo index d01b3b8fa461..b938507110b9 100644 --- a/security/py-bitbox02/distinfo +++ b/security/py-bitbox02/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1714984118 -SHA256 (bitbox02-6.3.0.tar.gz) = d03fb2228be5630f1d7c351e5bebdcb9a95bbe62ecf88c92913a661f093699e3 -SIZE (bitbox02-6.3.0.tar.gz) = 51670 +TIMESTAMP = 1752818570 +SHA256 (bitbox02-7.0.0.tar.gz) = 27d5105eb15a553719fa9d3e68921c864b00c861b3a644044d9ac68426f18447 +SIZE (bitbox02-7.0.0.tar.gz) = 66525 diff --git a/security/py-certifi/Makefile b/security/py-certifi/Makefile index b4ae106315be..de1cfbdc119e 100644 --- a/security/py-certifi/Makefile +++ b/security/py-certifi/Makefile @@ -1,5 +1,5 @@ PORTNAME= certifi -PORTVERSION= 2025.6.15 +PORTVERSION= 2025.7.9 CATEGORIES= security python MASTER_SITES= PYPI PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} diff --git a/security/py-certifi/distinfo b/security/py-certifi/distinfo index fe596debd52b..a5b8a9689443 100644 --- a/security/py-certifi/distinfo +++ b/security/py-certifi/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1750188134 -SHA256 (certifi-2025.6.15.tar.gz) = d747aa5a8b9bbbb1bb8c22bb13e22bd1f18e9796defa16bab421f7f7a317323b -SIZE (certifi-2025.6.15.tar.gz) = 158753 +TIMESTAMP = 1752266162 +SHA256 (certifi-2025.7.9.tar.gz) = c1d2ec05395148ee10cf672ffc28cd37ea0ab0d99f9cc74c43e588cbd111b079 +SIZE (certifi-2025.7.9.tar.gz) = 160386 diff --git a/security/py-distro2sbom/Makefile b/security/py-distro2sbom/Makefile new file mode 100644 index 000000000000..01cfe2f6630a --- /dev/null +++ b/security/py-distro2sbom/Makefile @@ -0,0 +1,26 @@ +PORTNAME= distro2sbom +DISTVERSIONPREFIX= v +DISTVERSION= 0.6.0 +CATEGORIES= security python +PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} + +MAINTAINER= tuukka.pasanen@ilmi.fi +COMMENT= Generates SBOM files from system packaging information +WWW= https://github.com/anthonyharrison/distro2sbom + +LICENSE= APACHE20 +LICENSE_FILE= ${WRKSRC}/LICENSE + +BUILD_DEPENDS= ${PY_SETUPTOOLS} \ + ${PYTHON_PKGNAMEPREFIX}wheel>=0:devel/py-wheel@${PY_FLAVOR} +RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}lib4sbom>=0.8.4:security/py-lib4sbom@${PY_FLAVOR} + +USES= python +USE_GITHUB= yes +GH_ACCOUNT= anthonyharrison +GH_PROJECT= distro2SBOM +USE_PYTHON= autoplist concurrent pep517 + +NO_ARCH= yes + +.include <bsd.port.mk> diff --git a/security/py-distro2sbom/distinfo b/security/py-distro2sbom/distinfo new file mode 100644 index 000000000000..77fc17d09d58 --- /dev/null +++ b/security/py-distro2sbom/distinfo @@ -0,0 +1,3 @@ +TIMESTAMP = 1746491634 +SHA256 (anthonyharrison-distro2SBOM-v0.6.0_GH0.tar.gz) = e810bf8bf29bd85f52e8df9221ababc4605affc5b7ea1177c15c580486c13057 +SIZE (anthonyharrison-distro2SBOM-v0.6.0_GH0.tar.gz) = 24911 diff --git a/security/py-distro2sbom/pkg-descr b/security/py-distro2sbom/pkg-descr new file mode 100644 index 000000000000..4f3c5b3f7bc9 --- /dev/null +++ b/security/py-distro2sbom/pkg-descr @@ -0,0 +1,10 @@ +The DISTRO2SBOM generates a SBOM (Software Bill of Materials) for either an +installed application or a complete system installation in a number of +formats including SPDX and CycloneDX. + +An SBOM for an installed package will identify all of its dependent components. + +It is intended to be used as part of a continuous integration system to enable +accurate records of SBOMs to be maintained and also to support subsequent +audit needs to determine if a particular component (and version) +has been used. diff --git a/security/py-josepy/Makefile b/security/py-josepy/Makefile index c8b91ecf0550..e07e5dd9c575 100644 --- a/security/py-josepy/Makefile +++ b/security/py-josepy/Makefile @@ -1,5 +1,5 @@ PORTNAME= josepy -PORTVERSION= 2.0.0 +PORTVERSION= 2.1.0 CATEGORIES= security python MASTER_SITES= PYPI PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} diff --git a/security/py-josepy/distinfo b/security/py-josepy/distinfo index 7b968e5afc63..777203aa8d8a 100644 --- a/security/py-josepy/distinfo +++ b/security/py-josepy/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1745140066 -SHA256 (josepy-2.0.0.tar.gz) = e7d7acd2fe77435cda76092abe4950bb47b597243a8fb733088615fa6de9ec40 -SIZE (josepy-2.0.0.tar.gz) = 55767 +TIMESTAMP = 1752266260 +SHA256 (josepy-2.1.0.tar.gz) = 9beafbaa107ec7128e6c21d86b2bc2aea2f590158e50aca972dca3753046091f +SIZE (josepy-2.1.0.tar.gz) = 56189 diff --git a/security/py-joserfc/Makefile b/security/py-joserfc/Makefile index 289de9d6f06d..469d3303adfc 100644 --- a/security/py-joserfc/Makefile +++ b/security/py-joserfc/Makefile @@ -1,5 +1,5 @@ PORTNAME= joserfc -PORTVERSION= 1.1.0 +PORTVERSION= 1.2.1 CATEGORIES= security python MASTER_SITES= PYPI PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} diff --git a/security/py-joserfc/distinfo b/security/py-joserfc/distinfo index 96f01f13fae3..d51ddb558786 100644 --- a/security/py-joserfc/distinfo +++ b/security/py-joserfc/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1748495851 -SHA256 (joserfc-1.1.0.tar.gz) = a8f3442b04c233f742f7acde0d0dcd926414e9542a6337096b2b4e5f435f36c1 -SIZE (joserfc-1.1.0.tar.gz) = 182360 +TIMESTAMP = 1752266164 +SHA256 (joserfc-1.2.1.tar.gz) = 466a75dc0af9c6711d2a93f38e91c5d4920ec77059063325c251913da3e83569 +SIZE (joserfc-1.2.1.tar.gz) = 192229 diff --git a/security/py-lib4sbom/Makefile b/security/py-lib4sbom/Makefile new file mode 100644 index 000000000000..b4a0f5a61a6d --- /dev/null +++ b/security/py-lib4sbom/Makefile @@ -0,0 +1,86 @@ +PORTNAME= lib4sbom +DISTVERSIONPREFIX= v +DISTVERSION= 0.8.7 +CATEGORIES= security python +PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} + +MAINTAINER= tuukka.pasanen@ilmi.fi +COMMENT= Software bill of material (SBOM) generator and consumer library +WWW= https://github.com/anthonyharrison/lib4sbom + +LICENSE= APACHE20 +LICENSE_FILE= ${WRKSRC}/LICENSE + +BUILD_DEPENDS= ${PY_SETUPTOOLS} \ + ${PYTHON_PKGNAMEPREFIX}wheel>=0:devel/py-wheel@${PY_FLAVOR} +RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}defusedxml>0:devel/py-defusedxml@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}pyyaml>0:devel/py-pyyaml@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}requests>=2.32:www/py-requests@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}semantic-version>=2.8<3:devel/py-semantic-version@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}xmlschema>0:textproc/py-xmlschema@${PY_FLAVOR} + +USES= python +USE_GITHUB= yes +GH_ACCOUNT= anthonyharrison +USE_PYTHON= autoplist concurrent pep517 pytest +PYTEST_BROKEN_TESTS= test_set_checksum test_set_type test_set_supplier \ + test_set_originator test_set_downloadlocation \ + test_set_homepage test_set_checksum \ + test_set_checksum_multiple test_set_externalreference \ + test_set_checksum test_set_type test_set_supplier \ + test_set_originator test_set_downloadlocation \ + test_set_homepage test_set_checksum \ + test_set_checksum_multiple test_set_externalreference +# There is blank tests are are not implemented yet +PYTEST_IGNORED_TESTS= test_store test_getBOM test_generateTime \ + test_generateDocumentHeader \ + test_generateJSONDocumentHeader \ + test_generateXMLDocumentHeader \ + test_generateRelationship test_generateComponent \ + test_generateJSONComponent test_generateXMLComponent \ + test_parse test_parse_cyclonedx_json test_get_format \ + test_get_type test_generate test_get_sbom \ + test_generate_spdx test_get_spdx test_get_relationships \ + test_get_cyclonedx test_generate_cyclonedx test_close \ + test_file_out test_console_out test_show \ + test_format_json_data test_format_yaml_data \ + test_format_tag_data test_send_output \ + test_generate_output test_parse_file test_get_type \ + test_get_files test_get_packages test_get_relationships \ + test_show test_getBOM test_getRelationships \ + test_generateTag test_generateComment test_generateTime \ + test_generateTagDocumentHeader \ + test_generateJSONDocumentHeader \ + test_generateDocumentHeader test_package_ident \ + test_file_ident test_license_ident \ + test_generateTagPackageDetails \ + test_generateJSONPackageDetails \ + test_generateTagFileDetails \ + test_generateJSONFileDetails \ + test_generatePackageDetails test_generateFileDetails \ + test_generateRelationship test_showRelationship \ + test_parse test_parse_spdx_tag test_parse_spdx_json \ + test_parse_spdx_rdf test_parse_spdx_yaml \ + test_parse_spdx_xml + +NO_ARCH= YES + +PORTEXAMPLES= * + +OPTIONS_DEFINE= EXAMPLES + +post-patch: + ${MV} ${WRKSRC}/test ${WRKSRC}/${PORTNAME} + ${MV} ${WRKSRC}/tools ${WRKSRC}/${PORTNAME} + +post-patch-EXAMPLES-off: + @${RM} -r ${WRKSRC}/examples + +post-stage-EXAMPLES-on: + ${RM} -r ${STAGEDIR}${PYTHONPREFIX_SITELIBDIR}/examples + @${MKDIR} ${STAGEDIR}${EXAMPLESDIR} + ${INSTALL_DATA} ${WRKSRC}/examples/* ${STAGEDIR}${EXAMPLESDIR} + @${REINPLACE_CMD} -e '/\/examples\//d' \ + ${WRKDIR}/.PLIST.pymodtmp + +.include <bsd.port.mk> diff --git a/security/py-lib4sbom/distinfo b/security/py-lib4sbom/distinfo new file mode 100644 index 000000000000..5fe6d1866858 --- /dev/null +++ b/security/py-lib4sbom/distinfo @@ -0,0 +1,3 @@ +TIMESTAMP = 1752670734 +SHA256 (anthonyharrison-lib4sbom-v0.8.7_GH0.tar.gz) = 20b4dec06a8d1bd917cf9ebcf9858d53981073e161a0a0d77f9c1704ecde784e +SIZE (anthonyharrison-lib4sbom-v0.8.7_GH0.tar.gz) = 1848916 diff --git a/security/py-lib4sbom/pkg-descr b/security/py-lib4sbom/pkg-descr new file mode 100644 index 000000000000..1fcb07927c3b --- /dev/null +++ b/security/py-lib4sbom/pkg-descr @@ -0,0 +1,17 @@ +Lib4SBOM is a library to parse and generate Software Bill of Materials (SBOMs). +It supports SBOMs created in both SPDX and CycloneDX formats. + +It has been developed on the assumption that having a generic abstraction of +SBOM regardless of the underlying format will be useful to developers. + +The following facilities are provided: + * Generate SPDX SBOM in TagValue, JSON and YAML formats + * Generate CycloneDX SBOM in JSON format + * Parse SPDX SBOM in TagValue, JSON, YAML, XML and RDF formats + * Parse CycloneDX SBOM in JSON and XMLformat + * Create and manipulate a SBOM file object + * Create and manipulate a SBOM package object + * Create and manipulate a SBOM dependency relationship object + * Create and manipulate a Vulnerability object + * Create and manipulate a Software Service object + * Generated SBOM can be output to a file or to the console diff --git a/security/py-netmiko/Makefile b/security/py-netmiko/Makefile index 2a8511d310bc..a8bf74c9a8a1 100644 --- a/security/py-netmiko/Makefile +++ b/security/py-netmiko/Makefile @@ -1,6 +1,6 @@ PORTNAME= netmiko DISTVERSIONPREFIX= v -DISTVERSION= 4.5.0 +DISTVERSION= 4.6.0 CATEGORIES= security net-mgmt python PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} @@ -11,7 +11,7 @@ WWW= https://github.com/ktbyers/netmiko LICENSE= MIT LICENSE_FILE= ${WRKSRC}/LICENSE -BUILD_DEPENDS= ${PYTHON_PKGNAMEPREFIX}poetry-core>=1.6.1:devel/py-poetry-core@${PY_FLAVOR} +BUILD_DEPENDS= ${PYTHON_PKGNAMEPREFIX}poetry-core>=1.0.0:devel/py-poetry-core@${PY_FLAVOR} RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}ntc-templates>=3.1.0:textproc/py-ntc-templates@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}paramiko>=2.9.5:security/py-paramiko@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}pyserial>=3.3:comms/py-pyserial@${PY_FLAVOR} \ @@ -21,7 +21,7 @@ RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}ntc-templates>=3.1.0:textproc/py-ntc-templat ${PYTHON_PKGNAMEPREFIX}textfsm>=1.1.3:textproc/py-textfsm@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}pyyaml>=6.0.1:devel/py-pyyaml@${PY_FLAVOR} -USES= python:3.9+ shebangfix +USES= python shebangfix USE_PYTHON= autoplist concurrent pep517 pytest USE_GITHUB= yes GH_ACCOUNT= ktbyers diff --git a/security/py-netmiko/distinfo b/security/py-netmiko/distinfo index 04d25f41b5ac..1eb4318fefc3 100644 --- a/security/py-netmiko/distinfo +++ b/security/py-netmiko/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1733817518 -SHA256 (ktbyers-netmiko-v4.5.0_GH0.tar.gz) = a1dd444169647904d9b4bb56894fc36cad6a2c73dfcae3444a04cdbae95fc4d1 -SIZE (ktbyers-netmiko-v4.5.0_GH0.tar.gz) = 1803872 +TIMESTAMP = 1751266261 +SHA256 (ktbyers-netmiko-v4.6.0_GH0.tar.gz) = 6234d11f394377533ce3e40b0506b248c98cfd894ac95a639d1dea3133e1dedd +SIZE (ktbyers-netmiko-v4.6.0_GH0.tar.gz) = 1954361 diff --git a/security/py-netmiko/files/patch-pyproject.toml b/security/py-netmiko/files/patch-pyproject.toml index c238a371d1e7..175963f10281 100644 --- a/security/py-netmiko/files/patch-pyproject.toml +++ b/security/py-netmiko/files/patch-pyproject.toml @@ -1,16 +1,7 @@ -Use the more lightweight py-poetry-core instead py-poetry and relax version requirements. +Relax some version requirements. ---- pyproject.toml.orig 2024-12-09 21:51:07 UTC +--- pyproject.toml.orig 2025-06-26 19:00:25 UTC +++ pyproject.toml -@@ -1,6 +1,6 @@ - [build-system] --requires = ["poetry>=1.6.1"] --build-backend = "poetry.masonry.api" -+requires = ["poetry-core>=1.6.1"] -+build-backend = "poetry.core.masonry.api" - - [tool.poetry] - name = "netmiko" @@ -23,7 +23,7 @@ scp = ">=0.13.6" python = ">=3.9,<4.0" paramiko = ">=2.9.5" diff --git a/security/rubygem-acme-client-gitlab/Makefile b/security/rubygem-acme-client-gitlab/Makefile index 321ed2a0b252..d7bb794558d2 100644 --- a/security/rubygem-acme-client-gitlab/Makefile +++ b/security/rubygem-acme-client-gitlab/Makefile @@ -1,6 +1,5 @@ PORTNAME= acme-client -PORTVERSION= 2.0.21 -PORTREVISION= 1 +PORTVERSION= 2.0.22 CATEGORIES= security rubygems MASTER_SITES= RG PKGNAMESUFFIX= -gitlab diff --git a/security/rubygem-acme-client-gitlab/distinfo b/security/rubygem-acme-client-gitlab/distinfo index 5bb6fc7d5332..71f01bae6c87 100644 --- a/security/rubygem-acme-client-gitlab/distinfo +++ b/security/rubygem-acme-client-gitlab/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1744780787 -SHA256 (rubygem/acme-client-2.0.21.gem) = e0a044f993cd26f0ba7f8b13a3b2b007ef864cfaa333075a2d8865b087297641 -SIZE (rubygem/acme-client-2.0.21.gem) = 21504 +TIMESTAMP = 1752678379 +SHA256 (rubygem/acme-client-2.0.22.gem) = 817534b743e2c93b3e498dad6b0f1a96a8e6df273bb04e37525d586a519176f7 +SIZE (rubygem/acme-client-2.0.22.gem) = 21504 diff --git a/security/rubygem-gitlab-cloud-connector/Makefile b/security/rubygem-gitlab-cloud-connector/Makefile index 17348ef607c0..2f1e70997dda 100644 --- a/security/rubygem-gitlab-cloud-connector/Makefile +++ b/security/rubygem-gitlab-cloud-connector/Makefile @@ -1,5 +1,5 @@ PORTNAME= gitlab-cloud-connector -PORTVERSION= 1.19.0 +PORTVERSION= 1.21.0 CATEGORIES= security rubygems MASTER_SITES= RG diff --git a/security/rubygem-gitlab-cloud-connector/distinfo b/security/rubygem-gitlab-cloud-connector/distinfo index b702ac666f5a..3d7702e96bc0 100644 --- a/security/rubygem-gitlab-cloud-connector/distinfo +++ b/security/rubygem-gitlab-cloud-connector/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1750912646 -SHA256 (rubygem/gitlab-cloud-connector-1.19.0.gem) = cfa644b4d827062f5c625d391ca3e6904e7667f0f6efe96adab81e051d8d07ad -SIZE (rubygem/gitlab-cloud-connector-1.19.0.gem) = 18432 +TIMESTAMP = 1752678296 +SHA256 (rubygem/gitlab-cloud-connector-1.21.0.gem) = 16eb2a42f223c6c70efc20a8fd9e2bbe4fa91603894daa8a72f354f425a07709 +SIZE (rubygem/gitlab-cloud-connector-1.21.0.gem) = 19456 diff --git a/security/seahorse/Makefile b/security/seahorse/Makefile index 76b93450b3f5..d7ff8f7417ed 100644 --- a/security/seahorse/Makefile +++ b/security/seahorse/Makefile @@ -1,6 +1,5 @@ PORTNAME= seahorse -PORTVERSION= 41.0 -PORTREVISION= 4 +PORTVERSION= 47.0.1 CATEGORIES= security gnome MASTER_SITES= GNOME DIST_SUBDIR= gnome @@ -10,7 +9,8 @@ PATCHFILES+= aa68522cc696fa491ccfdff735b77bcf113168d0.patch:-p1 # Fix build with MAINTAINER= gnome@FreeBSD.org COMMENT= GNOME application for managing encryption keys (PGP, SSH) -WWW= https://wiki.gnome.org/Apps/Seahorse +WWW= https://wiki.gnome.org/Apps/Seahorse \ + https://gitlab.gnome.org/GNOME/seahorse LICENSE= GPLv2 LICENSE_FILE= ${WRKSRC}/COPYING @@ -22,11 +22,12 @@ LIB_DEPENDS= libgcr-base-3.so:security/gcr3 \ libhandy-1.so:x11-toolkits/libhandy \ libpwquality.so:security/libpwquality \ libsecret-1.so:security/libsecret \ - libsoup-2.4.so:devel/libsoup + libsoup-3.0.so:devel/libsoup3 RUN_DEPENDS= gnupg>=2.1.4:security/gnupg USES= cpe gettext gnome localbase:ldflags meson pkgconfig \ python:build tar:xz vala:build xorg +CPE_VENDOR= gnome USE_CSTD= c99 USE_GNOME= gtk30 GLIB_SCHEMAS= org.gnome.seahorse.gschema.xml \ @@ -34,7 +35,6 @@ GLIB_SCHEMAS= org.gnome.seahorse.gschema.xml \ org.gnome.seahorse.window.gschema.xml USE_LDCONFIG= yes USE_XORG= sm -CPE_VENDOR= gnome MESON_ARGS= -Dcheck-compatible-gpg=false \ -Dhkp-support=true \ diff --git a/security/seahorse/distinfo b/security/seahorse/distinfo index 614fbb838ea0..a57013811960 100644 --- a/security/seahorse/distinfo +++ b/security/seahorse/distinfo @@ -1,5 +1,5 @@ -TIMESTAMP = 1750438455 -SHA256 (gnome/seahorse-41.0.tar.xz) = e6eec09e810448295f547f18c1d5772b65c3edc1d9e5a2595f10b5dde68929f5 -SIZE (gnome/seahorse-41.0.tar.xz) = 1371984 +TIMESTAMP = 1752525378 +SHA256 (gnome/seahorse-47.0.1.tar.xz) = 9c1917e4a61f7febb787849ce36ce717fce706c346880b991d056d54dadbcacc +SIZE (gnome/seahorse-47.0.1.tar.xz) = 1401872 SHA256 (gnome/aa68522cc696fa491ccfdff735b77bcf113168d0.patch) = 026b9ab0bce4b670cc3dd0910cdd5551e5965a32f07e19374c944fd7624bea78 SIZE (gnome/aa68522cc696fa491ccfdff735b77bcf113168d0.patch) = 715 diff --git a/security/seahorse/pkg-plist b/security/seahorse/pkg-plist index 77ce53b2b950..5c0c84e16a23 100644 --- a/security/seahorse/pkg-plist +++ b/security/seahorse/pkg-plist @@ -92,6 +92,50 @@ share/help/ca/seahorse/ssh-import.page share/help/ca/seahorse/subkeys-add.page share/help/ca/seahorse/subkeys-examine.page share/help/ca/seahorse/subkeys-revoke.page +share/help/da/seahorse/about-diff-private-public.page +share/help/da/seahorse/about-pgp.page +share/help/da/seahorse/about-ssh.page +share/help/da/seahorse/concepts.page +share/help/da/seahorse/glossary.page +share/help/da/seahorse/index.page +share/help/da/seahorse/introduction.page +share/help/da/seahorse/key-servers-add.page +share/help/da/seahorse/keyring-change-default.page +share/help/da/seahorse/keyring-create.page +share/help/da/seahorse/keyring-lock.page +share/help/da/seahorse/keyring-unlock.page +share/help/da/seahorse/keyring-update-password.page +share/help/da/seahorse/keyring.page +share/help/da/seahorse/legal.xml +share/help/da/seahorse/media/dialog-password-symbolic.svg +share/help/da/seahorse/media/org.gnome.seahorse.Application.svg +share/help/da/seahorse/misc-key-backup.page +share/help/da/seahorse/misc-key-fingerprint.page +share/help/da/seahorse/passwords-stored-create.page +share/help/da/seahorse/passwords-view.page +share/help/da/seahorse/pgp-create.page +share/help/da/seahorse/pgp-delete.page +share/help/da/seahorse/pgp-expiration-change.page +share/help/da/seahorse/pgp-expired.page +share/help/da/seahorse/pgp-export.page +share/help/da/seahorse/pgp-import.page +share/help/da/seahorse/pgp-photoid.page +share/help/da/seahorse/pgp-publish.page +share/help/da/seahorse/pgp-retrieve-remote.page +share/help/da/seahorse/pgp-sign.page +share/help/da/seahorse/pgp-subkeys.page +share/help/da/seahorse/pgp-sync.page +share/help/da/seahorse/pgp-userid-add.page +share/help/da/seahorse/pgp-userid-primary.page +share/help/da/seahorse/pgp-userid-remove.page +share/help/da/seahorse/pgp-userid.page +share/help/da/seahorse/ssh-connect-remote.page +share/help/da/seahorse/ssh-create.page +share/help/da/seahorse/ssh-export.page +share/help/da/seahorse/ssh-import.page +share/help/da/seahorse/subkeys-add.page +share/help/da/seahorse/subkeys-examine.page +share/help/da/seahorse/subkeys-revoke.page share/help/cs/seahorse/about-diff-private-public.page share/help/cs/seahorse/about-pgp.page share/help/cs/seahorse/about-ssh.page @@ -709,7 +753,8 @@ share/help/uk/seahorse/subkeys-add.page share/help/uk/seahorse/subkeys-examine.page share/help/uk/seahorse/subkeys-revoke.page share/icons/hicolor/scalable/apps/org.gnome.seahorse.Application.svg -share/icons/hicolor/symbolic/apps/org.gnome.seahorse.Application-symbolic.svg +share/icons/hicolor/symbolic/apps/org.gnome.seahorse.Application.svg +share/locale/ab/LC_MESSAGES/seahorse.mo share/locale/ar/LC_MESSAGES/seahorse.mo share/locale/as/LC_MESSAGES/seahorse.mo share/locale/ast/LC_MESSAGES/seahorse.mo @@ -749,9 +794,11 @@ share/locale/hi/LC_MESSAGES/seahorse.mo share/locale/hr/LC_MESSAGES/seahorse.mo share/locale/hu/LC_MESSAGES/seahorse.mo share/locale/id/LC_MESSAGES/seahorse.mo +share/locale/ie/LC_MESSAGES/seahorse.mo share/locale/is/LC_MESSAGES/seahorse.mo share/locale/it/LC_MESSAGES/seahorse.mo share/locale/ja/LC_MESSAGES/seahorse.mo +share/locale/ka/LC_MESSAGES/seahorse.mo share/locale/kk/LC_MESSAGES/seahorse.mo share/locale/kn/LC_MESSAGES/seahorse.mo share/locale/ko/LC_MESSAGES/seahorse.mo diff --git a/security/step-certificates/Makefile b/security/step-certificates/Makefile index df61d5e12df2..7b865e0753a4 100644 --- a/security/step-certificates/Makefile +++ b/security/step-certificates/Makefile @@ -1,7 +1,6 @@ PORTNAME= step-certificates DISTVERSIONPREFIX= v -DISTVERSION= 0.28.1 -PORTREVISION= 4 +DISTVERSION= 0.28.4 CATEGORIES= security MAINTAINER= mw@wipp.bayern diff --git a/security/step-certificates/distinfo b/security/step-certificates/distinfo index 7306fa012d25..a3aecfe30f79 100644 --- a/security/step-certificates/distinfo +++ b/security/step-certificates/distinfo @@ -1,5 +1,5 @@ -TIMESTAMP = 1736184396 -SHA256 (go/security_step-certificates/step-certificates-v0.28.1/v0.28.1.mod) = 41cf738a27e1f0894ddd48801408f60c78fd8b69dee14e8db55c9eb445959d46 -SIZE (go/security_step-certificates/step-certificates-v0.28.1/v0.28.1.mod) = 8354 -SHA256 (go/security_step-certificates/step-certificates-v0.28.1/v0.28.1.zip) = b1e3a63ae518e9475979006b3665816757e06f62bef180060749fb4eb276dd42 -SIZE (go/security_step-certificates/step-certificates-v0.28.1/v0.28.1.zip) = 1168039 +TIMESTAMP = 1752641981 +SHA256 (go/security_step-certificates/step-certificates-v0.28.4/v0.28.4.mod) = 50e32d08e1b3ade624273e1fe6da9cf6d454010b0a4f67c1255610ac35491bf6 +SIZE (go/security_step-certificates/step-certificates-v0.28.4/v0.28.4.mod) = 8467 +SHA256 (go/security_step-certificates/step-certificates-v0.28.4/v0.28.4.zip) = b32df184ea44ece9713ffb25f17ff81525ce3ced5f1d66c118b889ba53cbdc6d +SIZE (go/security_step-certificates/step-certificates-v0.28.4/v0.28.4.zip) = 1176880 diff --git a/security/step-cli/Makefile b/security/step-cli/Makefile index d96b499efa56..d58b502aa605 100644 --- a/security/step-cli/Makefile +++ b/security/step-cli/Makefile @@ -1,7 +1,6 @@ PORTNAME= step-cli DISTVERSIONPREFIX= v -DISTVERSION= 0.28.2 -PORTREVISION= 3 +DISTVERSION= 0.28.7 CATEGORIES= security MAINTAINER= mw@wipp.bayern diff --git a/security/step-cli/distinfo b/security/step-cli/distinfo index f31164291cef..440e89ff6f72 100644 --- a/security/step-cli/distinfo +++ b/security/step-cli/distinfo @@ -1,5 +1,5 @@ -TIMESTAMP = 1736183663 -SHA256 (go/security_step-cli/step-cli-v0.28.2/v0.28.2.mod) = 0884cd63ae7621bacf0aad63bd6997736007e81eafdc8f33f7b4f10ae96807c0 -SIZE (go/security_step-cli/step-cli-v0.28.2/v0.28.2.mod) = 7172 -SHA256 (go/security_step-cli/step-cli-v0.28.2/v0.28.2.zip) = 5c4047233c8ef0aeb37cc78bf177cd249fdc0ea72fba1c79b59ed8a4fca21eca -SIZE (go/security_step-cli/step-cli-v0.28.2/v0.28.2.zip) = 1820402 +TIMESTAMP = 1752642398 +SHA256 (go/security_step-cli/step-cli-v0.28.7/v0.28.7.mod) = 629b69c99baac120cb7844c0db0dacd47b2c7601b57fe443a47f85d33e158106 +SIZE (go/security_step-cli/step-cli-v0.28.7/v0.28.7.mod) = 6943 +SHA256 (go/security_step-cli/step-cli-v0.28.7/v0.28.7.zip) = 4e2541f7ec8e1b2c23ab9326930a942091fca45dd0c148bc02c02b21e78d427d +SIZE (go/security_step-cli/step-cli-v0.28.7/v0.28.7.zip) = 1824999 diff --git a/security/sudo-rs/Makefile b/security/sudo-rs/Makefile index 5d6bb16de08b..773a9fe74501 100644 --- a/security/sudo-rs/Makefile +++ b/security/sudo-rs/Makefile @@ -1,7 +1,6 @@ PORTNAME= sudo-rs -PORTVERSION= 0.2.6 +PORTVERSION= 0.2.7 DISTVERSIONPREFIX= v -PORTREVISION= 2 CATEGORIES= security MAINTAINER= marc@trifectatech.org @@ -13,8 +12,6 @@ LICENSE_COMB= dual LICENSE_FILE_APACHE20= ${WRKSRC}/LICENSE-APACHE LICENSE_FILE_MIT= ${WRKSRC}/LICENSE-MIT -BUILD_DEPENDS= pandoc:${PORTSDIR}/textproc/hs-pandoc - FLAVORS= default coexist FLAVOR?= ${FLAVORS:[1]} coexist_PKGNAMESUFFIX= -coexist @@ -24,11 +21,10 @@ USES= cargo USE_GITHUB= yes GH_ACCOUNT= trifectatechfoundation -GH_TAGNAME= main CARGO_CRATES= diff-0.1.13 \ glob-0.3.2 \ - libc-0.2.172 \ + libc-0.2.174 \ log-0.4.27 \ pretty_assertions-1.4.1 \ yansi-1.0.1 @@ -52,17 +48,11 @@ PORTDOCS= CHANGELOG.md CONTRIBUTING.md COPYRIGHT LICENSE-* README.md \ OPTIONS_DEFINE= DOCS -post-build: -.for man in sudo.8 visudo.8 sudoers.5 - @${MKDIR} ${WRKDIR}/docs/man - pandoc -s -t man ${WRKSRC}/docs/man/${man}.md -o ${WRKDIR}/docs/man/${man} -.endfor - post-install: ${MV} ${STAGEDIR}${PREFIX}/bin/visudo ${STAGEDIR}${PREFIX}/sbin/visudo${RS_SUFFIX} - ${INSTALL_MAN} ${WRKDIR}/docs/man/sudo.8 ${STAGEDIR}${PREFIX}/share/man/man8/sudo${RS_SUFFIX}.8 - ${INSTALL_MAN} ${WRKDIR}/docs/man/visudo.8 ${STAGEDIR}${PREFIX}/share/man/man8/visudo${RS_SUFFIX}.8 - ${INSTALL_MAN} ${WRKDIR}/docs/man/sudoers.5 ${STAGEDIR}${PREFIX}/share/man/man5/sudoers${RS_SUFFIX}.5 + ${INSTALL_MAN} ${WRKSRC}/docs/man/sudo.8.man ${STAGEDIR}${PREFIX}/share/man/man8/sudo${RS_SUFFIX}.8 + ${INSTALL_MAN} ${WRKSRC}/docs/man/visudo.8.man ${STAGEDIR}${PREFIX}/share/man/man8/visudo${RS_SUFFIX}.8 + ${INSTALL_MAN} ${WRKSRC}/docs/man/sudoers.5.man ${STAGEDIR}${PREFIX}/share/man/man5/sudoers${RS_SUFFIX}.5 ${MKDIR} ${STAGEDIR}${PREFIX}/etc/sudoers.d ${MKDIR} ${STAGEDIR}${PREFIX}/etc/pam.d ${MKDIR} ${STAGEDIR}/var/run/sudo diff --git a/security/sudo-rs/distinfo b/security/sudo-rs/distinfo index 7162c3e88c85..8861ccd86ae0 100644 --- a/security/sudo-rs/distinfo +++ b/security/sudo-rs/distinfo @@ -1,15 +1,15 @@ -TIMESTAMP = 1746636640 +TIMESTAMP = 1752137205 SHA256 (rust/crates/diff-0.1.13.crate) = 56254986775e3233ffa9c4d7d3faaf6d36a2c09d30b20687e9f88bc8bafc16c8 SIZE (rust/crates/diff-0.1.13.crate) = 46216 SHA256 (rust/crates/glob-0.3.2.crate) = a8d1add55171497b4705a648c6b583acafb01d58050a51727785f0b2c8e0a2b2 SIZE (rust/crates/glob-0.3.2.crate) = 22359 -SHA256 (rust/crates/libc-0.2.172.crate) = d750af042f7ef4f724306de029d18836c26c1765a54a6a3f094cbd23a7267ffa -SIZE (rust/crates/libc-0.2.172.crate) = 791646 +SHA256 (rust/crates/libc-0.2.174.crate) = 1171693293099992e19cddea4e8b849964e9846f4acee11b3948bcc337be8776 +SIZE (rust/crates/libc-0.2.174.crate) = 779933 SHA256 (rust/crates/log-0.4.27.crate) = 13dc2df351e3202783a1fe0d44375f7295ffb4049267b0f3018346dc122a1d94 SIZE (rust/crates/log-0.4.27.crate) = 48120 SHA256 (rust/crates/pretty_assertions-1.4.1.crate) = 3ae130e2f271fbc2ac3a40fb1d07180839cdbbe443c7a27e1e3c13c5cac0116d SIZE (rust/crates/pretty_assertions-1.4.1.crate) = 78952 SHA256 (rust/crates/yansi-1.0.1.crate) = cfe53a6657fd280eaa890a3bc59152892ffa3e30101319d168b781ed6529b049 SIZE (rust/crates/yansi-1.0.1.crate) = 75497 -SHA256 (trifectatechfoundation-sudo-rs-v0.2.6-main_GH0.tar.gz) = e50131984916f272c5bdf376b5093e42bca29cce066431f4902ae60edb5a0df5 -SIZE (trifectatechfoundation-sudo-rs-v0.2.6-main_GH0.tar.gz) = 712201 +SHA256 (trifectatechfoundation-sudo-rs-v0.2.7_GH0.tar.gz) = d4e7b49634bf9c8a897a26afe85118ef941ff0914765b8720798821d2fe8c402 +SIZE (trifectatechfoundation-sudo-rs-v0.2.7_GH0.tar.gz) = 736981 diff --git a/security/tscli/Makefile b/security/tscli/Makefile index ee95dd798f73..45cb45cbfb11 100644 --- a/security/tscli/Makefile +++ b/security/tscli/Makefile @@ -1,7 +1,6 @@ PORTNAME= tscli DISTVERSIONPREFIX= v -DISTVERSION= 0.0.12 -PORTREVISION= 1 +DISTVERSION= 0.0.13 CATEGORIES= security MAINTAINER= dtxdf@FreeBSD.org @@ -14,6 +13,8 @@ LICENSE_FILE= ${WRKSRC}/LICENSE USES= go:modules GO_MODULE= github.com/jaxxstorm/tscli GO_TARGET= ./cmd/tscli:tscli +GO_BUILDFLAGS= -ldflags "\ + -X 'github.com/jaxxstorm/tscli/pkg/version.Version=${DISTVERSIONPREFIX}${DISTVERSION}'" PLIST_FILES= bin/tscli diff --git a/security/tscli/distinfo b/security/tscli/distinfo index c862bdf3bdab..6fe138063978 100644 --- a/security/tscli/distinfo +++ b/security/tscli/distinfo @@ -1,5 +1,5 @@ -TIMESTAMP = 1751921200 -SHA256 (go/security_tscli/tscli-v0.0.12/v0.0.12.mod) = 4a82a5521c3fa8eb69ab3e22c18b32be4850ade70791cb0a74fd480c44752d68 -SIZE (go/security_tscli/tscli-v0.0.12/v0.0.12.mod) = 3162 -SHA256 (go/security_tscli/tscli-v0.0.12/v0.0.12.zip) = dc19e7ffdc880bce5b0d527acdaebf8070a01a8af0830a52e4764712407479a4 -SIZE (go/security_tscli/tscli-v0.0.12/v0.0.12.zip) = 112412 +TIMESTAMP = 1752625691 +SHA256 (go/security_tscli/tscli-v0.0.13/v0.0.13.mod) = 4a82a5521c3fa8eb69ab3e22c18b32be4850ade70791cb0a74fd480c44752d68 +SIZE (go/security_tscli/tscli-v0.0.13/v0.0.13.mod) = 3162 +SHA256 (go/security_tscli/tscli-v0.0.13/v0.0.13.zip) = 6468bb6f8ed78c6c08b0125334644b309ce69a61310c9b6240d10bebc67969b5 +SIZE (go/security_tscli/tscli-v0.0.13/v0.0.13.zip) = 115698 diff --git a/security/vuxml/vuln/2025.xml b/security/vuxml/vuln/2025.xml index cbc427ef34b8..62da17cbd37a 100644 --- a/security/vuxml/vuln/2025.xml +++ b/security/vuxml/vuln/2025.xml @@ -1,3 +1,109 @@ + <vuln vid="e27ee4fc-cdc9-45a1-8242-09898cdbdc91"> + <topic>unbound -- Cache poisoning via the ECS-enabled Rebirthday Attack</topic> + <affects> + <package> + <name>unbound</name> + <range><gt>1.6.1</gt><lt>1.23.0</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>sep@nlnetlabs.nl reports:</p> + <blockquote cite="https://nlnetlabs.nl/downloads/unbound/CVE-2025-5994.txt"> + <p>A multi-vendor cache poisoning vulnerability named 'Rebirthday + Attack' has been discovered in caching resolvers that support + EDNS Client Subnet (ECS). Unbound is also vulnerable when compiled + with ECS support, i.e., '--enable-subnet', AND configured + to send ECS information along with queries to upstream name servers, + i.e., at least one of the 'send-client-subnet', + 'client-subnet-zone' or 'client-subnet-always-forward' + options is used. Resolvers supporting ECS need to segregate outgoing + queries to accommodate for different outgoing ECS information. This + re-opens up resolvers to a birthday paradox attack (Rebirthday + Attack) that tries to match the DNS transaction ID in order to cache + non-ECS poisonous replies.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-5994</cvename> + <url>https://nvd.nist.gov/vuln/detail/CVE-2025-5994</url> + </references> + <dates> + <discovery>2025-07-16</discovery> + <entry>2025-07-18</entry> + </dates> + </vuln> + + <vuln vid="aeac223e-60e1-11f0-8baa-8447094a420f"> + <topic>liboqs -- Secret-dependent branching in HQC</topic> + <affects> + <package> + <name>liboqs</name> + <range><lt>0.14.0</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>The OpenQuantumSafe project reports:</p> + <blockquote cite="https://github.com/open-quantum-safe/liboqs/security/advisories/GHSA-qq3m-rq9v-jfgm"> + <p>Secret-dependent branching in HQC reference implementation when compiled with Clang 17-20 for optimizations above -O0</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-52473</cvename> + <url>https://github.com/open-quantum-safe/liboqs/security/advisories/GHSA-qq3m-rq9v-jfgm</url> + </references> + <dates> + <discovery>2025-07-10</discovery> + <entry>2025-07-14</entry> + </dates> + </vuln> + + <vuln vid="c3e1df74-5e73-11f0-95e5-74563cf9e4e9"> + <topic>GnuTLS -- multiple vulnerabilities</topic> + <affects> + <package> + <name>gnutls</name> + <range><lt>3.8.10</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Daiki Ueno reports:</p> + <blockquote cite="https://lists.gnupg.org/pipermail/gnutls-help/2025-July/004883.html"> + <ul> + <li>libgnutls: Fix heap read buffer overrun in parsing X.509 SCTS timestamps + Spotted by oss-fuzz and reported by OpenAI Security Research Team, + and fix developed by Andrew Hamilton. [GNUTLS-SA-2025-07-07-1, + CVSS: medium] [CVE-2025-32989]</li> + <li>libgnutls: Fix double-free upon error when exporting otherName in SAN + Reported by OpenAI Security Research Team. [GNUTLS-SA-2025-07-07-2, + CVSS: low] [CVE-2025-32988]</li> + <li>certtool: Fix 1-byte write buffer overrun when parsing template + Reported by David Aitel. [GNUTLS-SA-2025-07-07-3, + CVSS: low] [CVE-2025-32990]</li> + <li>libgnutls: Fix NULL pointer dereference when 2nd Client Hello omits PSK + Reported by Stefan Bühler. [GNUTLS-SA-2025-07-07-4, CVSS: medium] + [CVE-2025-6395]</li> + </ul> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-32989</cvename> + <cvename>CVE-2025-32988</cvename> + <cvename>CVE-2025-32990</cvename> + <cvename>CVE-2025-6395</cvename> + <url>https://lists.gnupg.org/pipermail/gnutls-help/2025-July/004883.html</url> + </references> + <dates> + <discovery>2025-07-09</discovery> + <entry>2025-07-14</entry> + </dates> + </vuln> + <vuln vid="b0a3466f-5efc-11f0-ae84-99047d0a6bcc"> <topic>libxslt -- unmaintained, with multiple unfixed vulnerabilities</topic> <affects> @@ -63,15 +169,15 @@ <affects> <package> <name>libxml2</name> - <range><lt>3.0</lt></range> <!-- needs update once fixed version appears --> + <range><lt>2.14.5</lt></range> </package> <package> <name>linux-c7-libxml2</name> - <range><lt>3.0</lt></range> <!-- needs update once fixed version appears --> + <range><lt>2.14.5</lt></range> <!-- needs update once fixed version appears --> </package> <package> <name>linux-rl9-libxml2</name> - <range><lt>3.0</lt></range> <!-- needs update once fixed version appears --> + <range><lt>2.14.5</lt></range> <!-- needs update once fixed version appears --> </package> </affects> <description> @@ -118,6 +224,7 @@ <dates> <discovery>2025-05-27</discovery> <entry>2025-07-12</entry> + <modified>2025-07-15</modified> </dates> </vuln> @@ -197,18 +304,15 @@ <affects> <package> <name>tomcat110</name> - <range><gt>11.0.0</gt></range> - <range><lt>11.0.9</lt></range> + <range><ge>11.0.0</ge><lt>11.0.9</lt></range> </package> <package> <name>tomcat101</name> - <range><gt>10.1.0</gt></range> - <range><lt>10.1.43</lt></range> + <range><ge>10.1.0</ge><lt>10.1.43</lt></range> </package> <package> <name>tomcat9</name> - <range><gt>9.0.0</gt></range> - <range><lt>9.0.107</lt></range> + <range><ge>9.0.0</ge><lt>9.0.107</lt></range> </package> </affects> <description> @@ -241,6 +345,7 @@ <dates> <discovery>2025-07-10</discovery> <entry>2025-07-10</entry> + <modified>2025-07-15</modified> </dates> </vuln> diff --git a/security/wazuh-manager/Makefile b/security/wazuh-manager/Makefile index b6af1f502bd0..1734493f67ff 100644 --- a/security/wazuh-manager/Makefile +++ b/security/wazuh-manager/Makefile @@ -1,7 +1,7 @@ PORTNAME= wazuh DISTVERSIONPREFIX= v DISTVERSION= 4.12.0 -PORTREVISION= 2 +PORTREVISION= 3 CATEGORIES= security MASTER_SITES= https://packages.wazuh.com/deps/40/libraries/sources/:wazuh_sources \ LOCAL/acm/${PORTNAME}/:wazuh_cache diff --git a/security/xray-core/Makefile b/security/xray-core/Makefile index 7b3b738acd20..52570c54d9cb 100644 --- a/security/xray-core/Makefile +++ b/security/xray-core/Makefile @@ -1,10 +1,9 @@ PORTNAME= xray-core DISTVERSIONPREFIX= v -DISTVERSION= 25.1.30 -PORTREVISION= 3 +DISTVERSION= 25.3.6 CATEGORIES= security -MASTER_SITES= https://github.com/v2fly/geoip/releases/download/202501190004/:geoip \ - https://github.com/v2fly/domain-list-community/releases/download/20250124154827/:geosite +MASTER_SITES= https://github.com/v2fly/geoip/releases/download/202503050126/:geoip \ + https://github.com/v2fly/domain-list-community/releases/download/20250307074130/:geosite DISTFILES= geoip.dat:geoip \ dlc.dat:geosite EXTRACT_ONLY= XTLS-Xray-core-v${DISTVERSION}_GH0.tar.gz @@ -16,16 +15,16 @@ WWW= https://github.com/XTLS/Xray-core LICENSE= MPL20 LICENSE_FILE= ${WRKSRC}/LICENSE -USES= go:1.23,modules +USES= go:1.24,modules USE_GITHUB= yes GH_ACCOUNT= XTLS GH_PROJECT= Xray-core USE_RC_SUBR= xray +GO_MOD_DIST= github GO_MODULE= github.com/${GH_ACCOUNT}/${PORTNAME} GO_PKGNAME= github.com/${GH_ACCOUNT}/${PORTNAME} GO_TARGET= ./main:xray -GO_MOD_DIST= github SUB_FILES= pkg-message SUB_LIST= GROUP="${GROUPS}" \ diff --git a/security/xray-core/distinfo b/security/xray-core/distinfo index 05e69f842e8f..0652578fce25 100644 --- a/security/xray-core/distinfo +++ b/security/xray-core/distinfo @@ -1,9 +1,9 @@ -TIMESTAMP = 1738391641 -SHA256 (go/security_xray-core/XTLS-Xray-core-v25.1.30_GH0/geoip.dat) = 4f8d16184b6938e635519bc91cb978dcea6884878e39f592f7144135401d6bb6 -SIZE (go/security_xray-core/XTLS-Xray-core-v25.1.30_GH0/geoip.dat) = 19163759 -SHA256 (go/security_xray-core/XTLS-Xray-core-v25.1.30_GH0/dlc.dat) = ac12d81edc6058b3c66ae96a0a26ca8281616d96ea86d0d77b2ceff34a3e1a9d -SIZE (go/security_xray-core/XTLS-Xray-core-v25.1.30_GH0/dlc.dat) = 2187000 -SHA256 (go/security_xray-core/XTLS-Xray-core-v25.1.30_GH0/go.mod) = dbfd86f224ecc64911a82afbf4391711c13fd02ba96fa59346795cdfb4cf025a -SIZE (go/security_xray-core/XTLS-Xray-core-v25.1.30_GH0/go.mod) = 2475 -SHA256 (go/security_xray-core/XTLS-Xray-core-v25.1.30_GH0/XTLS-Xray-core-v25.1.30_GH0.tar.gz) = 983ee395f085ed1b7fbe0152cb56a5b605a6f70a5645d427c7186c476f14894e -SIZE (go/security_xray-core/XTLS-Xray-core-v25.1.30_GH0/XTLS-Xray-core-v25.1.30_GH0.tar.gz) = 629296 +TIMESTAMP = 1741492331 +SHA256 (go/security_xray-core/XTLS-Xray-core-v25.3.6_GH0/geoip.dat) = 83337c712b04d8c16351cf5a5394eae5cb9cfa257fb4773485945dce65dcea76 +SIZE (go/security_xray-core/XTLS-Xray-core-v25.3.6_GH0/geoip.dat) = 20567380 +SHA256 (go/security_xray-core/XTLS-Xray-core-v25.3.6_GH0/dlc.dat) = 17d78a6b0a64e04f2362b2907788d9a192d41a340301e2e63daca415219cf752 +SIZE (go/security_xray-core/XTLS-Xray-core-v25.3.6_GH0/dlc.dat) = 2220794 +SHA256 (go/security_xray-core/XTLS-Xray-core-v25.3.6_GH0/go.mod) = d1c0dd5a9ec03dbd6083a75ca86c6cf5c04e6c48a31591224b845197181d5749 +SIZE (go/security_xray-core/XTLS-Xray-core-v25.3.6_GH0/go.mod) = 2475 +SHA256 (go/security_xray-core/XTLS-Xray-core-v25.3.6_GH0/XTLS-Xray-core-v25.3.6_GH0.tar.gz) = d62305348deff713767fe1b3c23538e3f8bfe0c96d092f1f95f48c17bc2f5943 +SIZE (go/security_xray-core/XTLS-Xray-core-v25.3.6_GH0/XTLS-Xray-core-v25.3.6_GH0.tar.gz) = 633356 |