diff options
Diffstat (limited to 'security')
| -rw-r--r-- | security/gokey/Makefile | 9 | ||||
| -rw-r--r-- | security/gokey/distinfo | 12 | ||||
| -rw-r--r-- | security/gokey/files/patch-go.mod | 10 | ||||
| -rw-r--r-- | security/gokey/files/patch-go.sum | 11 | ||||
| -rw-r--r-- | security/gokey/files/patch-vendor_modules.txt | 14 | ||||
| -rw-r--r-- | security/libp11/Makefile | 6 | ||||
| -rw-r--r-- | security/libp11/distinfo | 6 | ||||
| -rw-r--r-- | security/libp11/files/patch-configure.ac | 4 | ||||
| -rw-r--r-- | security/libp11/files/patch-src_Makefile.am | 13 | ||||
| -rw-r--r-- | security/libp11/pkg-plist | 7 | ||||
| -rw-r--r-- | security/py-netbox-secrets/Makefile | 7 | ||||
| -rw-r--r-- | security/py-netbox-secrets/distinfo | 6 | ||||
| -rw-r--r-- | security/py-pyscard/Makefile | 3 | ||||
| -rw-r--r-- | security/py-pyscard/distinfo | 6 | ||||
| -rw-r--r-- | security/vuls/Makefile | 4 | ||||
| -rw-r--r-- | security/vuls/distinfo | 10 | ||||
| -rw-r--r-- | security/vuxml/vuln/2025.xml | 159 | ||||
| -rw-r--r-- | security/wolfssl/Makefile | 5 |
18 files changed, 214 insertions, 78 deletions
diff --git a/security/gokey/Makefile b/security/gokey/Makefile index d52063e0f7b9..0bf965c28340 100644 --- a/security/gokey/Makefile +++ b/security/gokey/Makefile @@ -1,7 +1,6 @@ PORTNAME= gokey DISTVERSIONPREFIX= v -DISTVERSION= 0.1.2 -PORTREVISION= 18 +DISTVERSION= 0.1.3 CATEGORIES= security MAINTAINER= ports@FreeBSD.org @@ -12,8 +11,6 @@ LICENSE= BSD3CLAUSE LICENSE_FILE= ${WRKSRC}/LICENSE USES= go:modules -USE_GITHUB= nodefault -GH_TUPLE= golang:sys:v0.6.0:sys GO_MODULE= github.com/cloudflare/gokey GO_TARGET= ./cmd/gokey @@ -24,10 +21,6 @@ PORTDOCS= README.md OPTIONS_DEFINE= DOCS -pre-build: - ${RM} -r ${WRKSRC}/vendor/golang.org/x/sys - ${LN} -s ${WRKDIR}/sys-* ${WRKSRC}/vendor/golang.org/x/sys - do-install-DOCS-on: @${MKDIR} ${STAGEDIR}${DOCSDIR} ${INSTALL_DATA} ${WRKSRC}/${PORTDOCS} ${STAGEDIR}${DOCSDIR} diff --git a/security/gokey/distinfo b/security/gokey/distinfo index 2c8ae8c5be3d..c73bec521cf1 100644 --- a/security/gokey/distinfo +++ b/security/gokey/distinfo @@ -1,7 +1,5 @@ -TIMESTAMP = 1679785309 -SHA256 (go/security_gokey/gokey-v0.1.2/v0.1.2.mod) = 950a88925784603d0a9b5af156afc7233601d33ddc237d01d6978f1c2f53e310 -SIZE (go/security_gokey/gokey-v0.1.2/v0.1.2.mod) = 167 -SHA256 (go/security_gokey/gokey-v0.1.2/v0.1.2.zip) = 44c0e33ce53a39d2c1aadb457478faacc46204e2a60c171d48c4c943d38df639 -SIZE (go/security_gokey/gokey-v0.1.2/v0.1.2.zip) = 25411 -SHA256 (go/security_gokey/gokey-v0.1.2/golang-sys-v0.6.0_GH0.tar.gz) = b4f6d17c7a128f76169964b437cb66b3f2dbf9a33361928ec19dfecf7b03fc54 -SIZE (go/security_gokey/gokey-v0.1.2/golang-sys-v0.6.0_GH0.tar.gz) = 1434234 +TIMESTAMP = 1747434941 +SHA256 (go/security_gokey/gokey-v0.1.3/v0.1.3.mod) = ad79ff30a189d8bc2b82304a17d2a9f4aa1f40244a806cf52ef851fbb977d722 +SIZE (go/security_gokey/gokey-v0.1.3/v0.1.3.mod) = 113 +SHA256 (go/security_gokey/gokey-v0.1.3/v0.1.3.zip) = e07dd6921bbea368a26b1445f42709837f1df2d9144739b14bb8c9e6fce944e4 +SIZE (go/security_gokey/gokey-v0.1.3/v0.1.3.zip) = 28472 diff --git a/security/gokey/files/patch-go.mod b/security/gokey/files/patch-go.mod index 5e7868a42b96..99bcac4b32fe 100644 --- a/security/gokey/files/patch-go.mod +++ b/security/gokey/files/patch-go.mod @@ -1,14 +1,14 @@ ---- go.mod.orig 2023-03-25 23:03:40 UTC +--- go.mod.orig 1979-11-29 16:00:00 UTC +++ go.mod -@@ -1,8 +1,10 @@ +@@ -1,8 +1,10 @@ module github.com/cloudflare/gokey module github.com/cloudflare/gokey -go 1.13 +go 1.17 require ( - golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d - golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1 + golang.org/x/crypto v0.17.0 + golang.org/x/term v0.15.0 ) + -+require golang.org/x/sys v0.6.0 // indirect ++require golang.org/x/sys v0.15.0 // indirect diff --git a/security/gokey/files/patch-go.sum b/security/gokey/files/patch-go.sum deleted file mode 100644 index cff06eac8113..000000000000 --- a/security/gokey/files/patch-go.sum +++ /dev/null @@ -1,11 +0,0 @@ ---- go.sum.orig 2023-03-25 23:03:43 UTC -+++ go.sum -@@ -5,6 +5,8 @@ golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go - golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= - golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1 h1:SrN+KX8Art/Sf4HNj6Zcz06G7VEz+7w9tdXTPOZ7+l4= - golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -+golang.org/x/sys v0.6.0 h1:MVltZSvRTcU2ljQOhs94SXPftV6DCNnZViHeQps87pQ= -+golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= - golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1 h1:v+OssWQX+hTHEmOBgwxdZxK4zHq3yOs8F9J7mk0PY8E= - golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= - golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= diff --git a/security/gokey/files/patch-vendor_modules.txt b/security/gokey/files/patch-vendor_modules.txt index e871e87d957c..e169e8c39333 100644 --- a/security/gokey/files/patch-vendor_modules.txt +++ b/security/gokey/files/patch-vendor_modules.txt @@ -1,18 +1,16 @@ ---- vendor/modules.txt.orig 2023-03-25 23:04:26 UTC +--- vendor/modules.txt.orig 2025-05-16 22:37:27 UTC +++ vendor/modules.txt -@@ -1,11 +1,14 @@ - # golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d +@@ -1,10 +1,13 @@ + # golang.org/x/crypto v0.17.0 +## explicit; go 1.17 golang.org/x/crypto/ed25519 golang.org/x/crypto/hkdf golang.org/x/crypto/pbkdf2 --# golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1 -+# golang.org/x/sys v0.6.0 + # golang.org/x/sys v0.15.0 +## explicit; go 1.17 - golang.org/x/sys/internal/unsafeheader golang.org/x/sys/plan9 golang.org/x/sys/unix golang.org/x/sys/windows - # golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1 -+## explicit; go 1.11 + # golang.org/x/term v0.15.0 ++## explicit; go 1.17 golang.org/x/term diff --git a/security/libp11/Makefile b/security/libp11/Makefile index 1ac2909bf055..7575e9c2ed49 100644 --- a/security/libp11/Makefile +++ b/security/libp11/Makefile @@ -1,5 +1,5 @@ PORTNAME= libp11 -PORTVERSION= 0.4.13 +PORTVERSION= 0.4.14 DISTVERSIONPREFIX= ${PORTNAME}- CATEGORIES= security devel @@ -35,7 +35,9 @@ CONFIGURE_ENV= LTLIB_CFLAGS="-I${LOCALBASE}/include" \ OPENSSL_CFLAGS="-I${OPENSSLINC}" \ OPENSSL_LIBS="-L${OPENSSLLIB} -lssl -lcrypto" -CONFIGURE_ARGS= --with-enginesdir=${PREFIX}/lib/engines +CONFIGURE_ARGS= --with-enginesdir=${PREFIX}/lib/engines \ + --with-modulesdir=${PREFIX}/lib/ossl-modules \ + --enable-static-engine INSTALL_TARGET= install-strip diff --git a/security/libp11/distinfo b/security/libp11/distinfo index def41ebc82a5..15ac552b5724 100644 --- a/security/libp11/distinfo +++ b/security/libp11/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1734366816 -SHA256 (OpenSC-libp11-libp11-0.4.13_GH0.tar.gz) = 5e8e258c6a8e33155c3a2bd2bd7d12a758f82b7bda1f92e8b77075d16edc9889 -SIZE (OpenSC-libp11-libp11-0.4.13_GH0.tar.gz) = 148443 +TIMESTAMP = 1747212917 +SHA256 (OpenSC-libp11-libp11-0.4.14_GH0.tar.gz) = 99405d1b46bf48a990892676b7bc5597692adc53fc50f7bb19e83d03bd394b94 +SIZE (OpenSC-libp11-libp11-0.4.14_GH0.tar.gz) = 172631 diff --git a/security/libp11/files/patch-configure.ac b/security/libp11/files/patch-configure.ac index 42b316830aa1..d427d911cbc4 100644 --- a/security/libp11/files/patch-configure.ac +++ b/security/libp11/files/patch-configure.ac @@ -1,6 +1,6 @@ ---- configure.ac.orig 2024-12-13 18:13:57 UTC +--- configure.ac.orig 2025-05-13 21:17:57 UTC +++ configure.ac -@@ -208,7 +208,7 @@ fi +@@ -246,7 +246,7 @@ fi [Default PKCS#11 module.]) fi diff --git a/security/libp11/files/patch-src_Makefile.am b/security/libp11/files/patch-src_Makefile.am new file mode 100644 index 000000000000..f8e9be42f65a --- /dev/null +++ b/security/libp11/files/patch-src_Makefile.am @@ -0,0 +1,13 @@ +--- src/Makefile.am.orig 2025-05-14 13:58:16 UTC ++++ src/Makefile.am +@@ -4,8 +4,8 @@ EXTRA_DIST = Makefile.mak libp11.rc.in pkcs11.rc.in + CLEANFILES = libp11.pc + EXTRA_DIST = Makefile.mak libp11.rc.in pkcs11.rc.in + +-noinst_HEADERS= libp11-int.h pkcs11.h p11_pthread.h +-include_HEADERS= libp11.h p11_err.h util.h ++noinst_HEADERS= libp11-int.h pkcs11.h p11_pthread.h util.h ++include_HEADERS= libp11.h p11_err.h + if ENABLE_STATIC_ENGINE + lib_LTLIBRARIES = libp11.la libpkcs11.la + else diff --git a/security/libp11/pkg-plist b/security/libp11/pkg-plist index 73bea38f97d3..79526fa0f30a 100644 --- a/security/libp11/pkg-plist +++ b/security/libp11/pkg-plist @@ -2,10 +2,12 @@ include/libp11.h include/p11_err.h lib/engines/libpkcs11.so lib/engines/pkcs11.so +lib/ossl-modules/libpkcs11.so +lib/ossl-modules/pkcs11prov.so lib/libp11.a lib/libp11.so lib/libp11.so.3 -lib/libp11.so.3.6.0 +lib/libp11.so.3.7.0 lib/libpkcs11.a lib/libpkcs11.so lib/libpkcs11.so.0 @@ -15,6 +17,9 @@ libdata/pkgconfig/libp11.pc %%PORTEXAMPLES%%%%EXAMPLESDIR%%/README %%PORTEXAMPLES%%%%EXAMPLESDIR%%/auth.c %%PORTEXAMPLES%%%%EXAMPLESDIR%%/decrypt.c +%%PORTEXAMPLES%%%%EXAMPLESDIR%%/eckeygen.c %%PORTEXAMPLES%%%%EXAMPLESDIR%%/getrandom.c %%PORTEXAMPLES%%%%EXAMPLESDIR%%/listkeys.c %%PORTEXAMPLES%%%%EXAMPLESDIR%%/listkeys_ext.c +%%PORTEXAMPLES%%%%EXAMPLESDIR%%/rsakeygen.c +%%PORTEXAMPLES%%%%EXAMPLESDIR%%/storecert.c diff --git a/security/py-netbox-secrets/Makefile b/security/py-netbox-secrets/Makefile index 72e83b741b37..79466b639c92 100644 --- a/security/py-netbox-secrets/Makefile +++ b/security/py-netbox-secrets/Makefile @@ -1,6 +1,5 @@ PORTNAME= netbox-secrets -DISTVERSION= 2.2.0 -PORTREVISION= 1 +DISTVERSION= 2.2.1 CATEGORIES= security python MASTER_SITES= PYPI PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} @@ -13,10 +12,12 @@ WWW= https://github.com/Onemind-Services-LLC/netbox-secrets LICENSE= APACHE20 LICENSE_FILE= ${WRKSRC}/LICENSE.md +BUILD_DEPENDS= ${PY_SETUPTOOLS} \ + ${PYTHON_PKGNAMEPREFIX}wheel>0:devel/py-wheel@${PY_FLAVOR} RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}pycryptodome>0:security/py-pycryptodome@${PY_FLAVOR} USES= python -USE_PYTHON= autoplist distutils +USE_PYTHON= autoplist pep517 NO_ARCH= yes diff --git a/security/py-netbox-secrets/distinfo b/security/py-netbox-secrets/distinfo index 2a6f2505f573..25c5b104549d 100644 --- a/security/py-netbox-secrets/distinfo +++ b/security/py-netbox-secrets/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1738929151 -SHA256 (netbox_secrets-2.2.0.tar.gz) = 6140dd46981c65a96bc174ac07905ae7355bdbdc3d144fc281a0cde0f6e096c8 -SIZE (netbox_secrets-2.2.0.tar.gz) = 57503 +TIMESTAMP = 1747310577 +SHA256 (netbox_secrets-2.2.1.tar.gz) = 26f817f9a9c03dcd34aaaa89d4744b2d15408d0e38f584aa6f2cb73bdd48958f +SIZE (netbox_secrets-2.2.1.tar.gz) = 57852 diff --git a/security/py-pyscard/Makefile b/security/py-pyscard/Makefile index 567e54d49654..5b28b62cce6a 100644 --- a/security/py-pyscard/Makefile +++ b/security/py-pyscard/Makefile @@ -1,6 +1,5 @@ PORTNAME= pyscard -PORTVERSION= 2.2.0 -PORTREVISION= 1 +PORTVERSION= 2.2.2 CATEGORIES= security python MASTER_SITES= PYPI PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} diff --git a/security/py-pyscard/distinfo b/security/py-pyscard/distinfo index f91b3fcf8330..dda449dfffbe 100644 --- a/security/py-pyscard/distinfo +++ b/security/py-pyscard/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1736166332 -SHA256 (pyscard-2.2.0.tar.gz) = 6aa194d4bb295e78a97056dd1d32273cc69ddbe3c852aad60a8578f04017a1bf -SIZE (pyscard-2.2.0.tar.gz) = 154847 +TIMESTAMP = 1747500433 +SHA256 (pyscard-2.2.2.tar.gz) = c77481fb86f4a17bc441d7b36551c1d36a9d3a48c4bb30ab8118886e6f275081 +SIZE (pyscard-2.2.2.tar.gz) = 156637 diff --git a/security/vuls/Makefile b/security/vuls/Makefile index a202c3f5fe81..1ade7a45b4e5 100644 --- a/security/vuls/Makefile +++ b/security/vuls/Makefile @@ -1,6 +1,6 @@ PORTNAME= vuls DISTVERSIONPREFIX=v -DISTVERSION= 0.31.1 +DISTVERSION= 0.32.0 CATEGORIES= security MAINTAINER= girgen@FreeBSD.org @@ -10,7 +10,7 @@ WWW= https://vuls.io LICENSE= GPLv3+ LICENSE_FILE= ${WRKSRC}/LICENSE -USES= go:1.23,modules +USES= go:1.24,modules GO_MODULE= github.com/future-architect/vuls GO_TARGET= ./cmd/${PORTNAME} diff --git a/security/vuls/distinfo b/security/vuls/distinfo index a567c9ed0f6c..171f6cc2ca7b 100644 --- a/security/vuls/distinfo +++ b/security/vuls/distinfo @@ -1,5 +1,5 @@ -TIMESTAMP = 1746696143 -SHA256 (go/security_vuls/vuls-v0.31.1/v0.31.1.mod) = 5b19a8a2789f1f93369c7bf24d38df8b345a7a871b2b229aec6349b9db98027e -SIZE (go/security_vuls/vuls-v0.31.1/v0.31.1.mod) = 20796 -SHA256 (go/security_vuls/vuls-v0.31.1/v0.31.1.zip) = 40312da1c3021023a0bee1822b8622713e48137b3ca29f14f4347c79a88ec425 -SIZE (go/security_vuls/vuls-v0.31.1/v0.31.1.zip) = 1376467 +TIMESTAMP = 1747479508 +SHA256 (go/security_vuls/vuls-v0.32.0/v0.32.0.mod) = e3091e79324dcdd3e3c2959a3b9fa4ab03fc4d53a0ce41a76fc793a68b57302e +SIZE (go/security_vuls/vuls-v0.32.0/v0.32.0.mod) = 20795 +SHA256 (go/security_vuls/vuls-v0.32.0/v0.32.0.zip) = 1eed06de6c88de618a25184d843010c76b30b77a8e554f028a2700a5e267266b +SIZE (go/security_vuls/vuls-v0.32.0/v0.32.0.zip) = 1389053 diff --git a/security/vuxml/vuln/2025.xml b/security/vuxml/vuln/2025.xml index 81b5b6be2522..10fce3138813 100644 --- a/security/vuxml/vuln/2025.xml +++ b/security/vuxml/vuln/2025.xml @@ -1,3 +1,134 @@ + <vuln vid="46594aa3-32f7-11f0-a116-8447094a420f"> + <topic>WeeChat -- Multiple vulnerabilities</topic> + <affects> + <package> + <name>weechat</name> + <range><lt>4.6.3</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>The Weechat project reports:</p> + <blockquote cite="https://weechat.org/doc/weechat/security/"> + <p>Multiple integer and buffer overflows in WeeChat core.</p> + </blockquote> + </body> + </description> + <references> + <url>https://weechat.org/doc/weechat/security/</url> + </references> + <dates> + <discovery>2025-05-11</discovery> + <entry>2025-05-17</entry> + </dates> + </vuln> + + <vuln vid="79400d31-3166-11f0-8cb5-a8a1599412c6"> + <topic>chromium -- multiple security fixes</topic> + <affects> + <package> + <name>chromium</name> + <range><lt>136.0.7103.113</lt></range> + </package> + <package> + <name>ungoogled-chromium</name> + <range><lt>136.0.7103.113</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Chrome Releases reports:</p> + <blockquote cite="https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_14.html"> + <p>This update includes 4 security fixes:</p> + <ul> + <li>[415810136] High CVE-2025-4664: Insufficient policy enforcement in Loader. Source: X post from @slonser_ on 2025-05-05</li> + <li>[412578726] High CVE-2025-4609: Incorrect handle provided in unspecified circumstances in Mojo. Reported by Micky on 2025-04-22</li> + </ul> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-4664</cvename> + <cvename>CVE-2025-4609</cvename> + <url>https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_14.html</url> + </references> + <dates> + <discovery>2025-05-14</discovery> + <entry>2025-05-15</entry> + </dates> + </vuln> + + <vuln vid="52efdd56-30bd-11f0-81be-b42e991fc52e"> + <topic>Mozilla -- memory safety bugs</topic> + <affects> + <package> + <name>firefox</name> + <range><lt>138.0,2</lt></range> + </package> + <package> + <name>firefox-esr</name> + <range><lt>128.10</lt></range> + </package> + <package> + <name>thunderbird</name> + <range><lt>138.0</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>security@mozilla.org reports:</p> + <blockquote cite="https://bugzilla.mozilla.org/buglist.cgi?bug_id=1951161%2C1952105"> + <p>Memory safety bugs present in Firefox 137, Thunderbird 137, + Firefox ESR 128.9, and Thunderbird 128.9. Some of these bugs + showed evidence of memory corruption and we presume that + with enough effort some of these could have been exploited + to run arbitrary code.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-4091</cvename> + <url>https://nvd.nist.gov/vuln/detail/CVE-2025-4091</url> + </references> + <dates> + <discovery>2025-04-29</discovery> + <entry>2025-05-14</entry> + </dates> + </vuln> + + <vuln vid="4f17db64-30bd-11f0-81be-b42e991fc52e"> + <topic>Mozilla -- memory corruption</topic> + <affects> + <package> + <name>firefox-esr</name> + <range><lt>128.10</lt></range> + </package> + <package> + <name>thunderbird</name> + <range><lt>128.10</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>security@mozilla.org reports:</p> + <blockquote cite="https://bugzilla.mozilla.org/show_bug.cgi?id=1894100"> + <p>Memory safety bug present in Firefox ESR 128.9, and + Thunderbird 128.9. This bug showed evidence of memory + corruption and we presume that with enough effort this could + have been exploited to run arbitrary code.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-4093</cvename> + <url>https://nvd.nist.gov/vuln/detail/CVE-2025-4093</url> + </references> + <dates> + <discovery>2025-04-29</discovery> + <entry>2025-05-14</entry> + </dates> + </vuln> + <vuln vid="6f10b49d-07b1-4be4-8abf-edf880b16ad2"> <topic>vscode -- security feature bypass vulnerability</topic> <affects> @@ -29,21 +160,25 @@ <topic>libxslt -- multiple vulnerabilities</topic> <affects> <package> - <name>libxslt</name> - <range><lt>1.1.43</lt></range> + <name>libxslt</name> + <range><lt>1.1.43</lt></range> </package> </affects> <description> - <body xmlns="http://www.w3.org/1999/xhtml"> - <h1>[CVE-2024-55549] Fix UAF related to excluded namespaces</h1> - <blockquote cite="https://gitlab.gnome.org/GNOME/libxslt/-/issues/127"> - <p>xsltGetInheritedNsList in libxslt before 1.1.43 has a use-after-free issue related to exclusion of result prefixes.</p> - </blockquote> - <h1>[CVE-2025-24855] Fix use-after-free of XPath context node</h1> - <blockquote cite="https://gitlab.gnome.org/GNOME/libxslt/-/issues/128"> - <p>numbers.c in libxslt before 1.1.43 has a use-after-free because, in nested XPath evaluations, an XPath context node can be modified but never restored. This is related to xsltNumberFormatGetValue, xsltEvalXPathPredicate, xsltEvalXPathStringNs, and xsltComputeSortResultInternal.</p> - </blockquote> - </body> + <body xmlns="http://www.w3.org/1999/xhtml"> + <h1>[CVE-2024-55549] Fix UAF related to excluded namespaces</h1> + <blockquote cite="https://gitlab.gnome.org/GNOME/libxslt/-/issues/127"> + <p>xsltGetInheritedNsList in libxslt before 1.1.43 has a use-after-free issue related to exclusion of result prefixes.</p> + </blockquote> + <h1>[CVE-2025-24855] Fix use-after-free of XPath context node</h1> + <blockquote cite="https://gitlab.gnome.org/GNOME/libxslt/-/issues/128"> + <p>numbers.c in libxslt before 1.1.43 has a use-after-free because + , in nested XPath evaluations, an XPath context node can be + modified but never restored. This is related to + xsltNumberFormatGetValue, xsltEvalXPathPredicate, + xsltEvalXPathStringNs, and xsltComputeSortResultInternal.</p> + </blockquote> + </body> </description> <references> <cvename>CVE-2024-55549</cvename> diff --git a/security/wolfssl/Makefile b/security/wolfssl/Makefile index 837bebd08315..87fa1c88c8d7 100644 --- a/security/wolfssl/Makefile +++ b/security/wolfssl/Makefile @@ -1,5 +1,6 @@ PORTNAME= wolfssl PORTVERSION= 5.8.0 +PORTREVISION= 1 CATEGORIES= security devel MASTER_SITES= https://www.wolfssl.com/ \ LOCAL/fox @@ -35,9 +36,11 @@ CONFIGURE_ARGS= --disable-dependency-tracking \ --enable-static \ --enable-tls13 \ --enable-tls13-draft18 \ + --enable-haproxy \ + --enable-quic \ --enable-context-extra-user-data TEST_TARGET= check -CFLAGS+= -DWOLFSSL_ALT_NAMES +CFLAGS+= -DWOLFSSL_ALT_NAMES -DWOLFSSL_GETRANDOM=1 OPTIONS_DEFINE= DEBUG DOCS |