summaryrefslogtreecommitdiff
path: root/security (follow)
Commit message (Collapse)AuthorAgeFilesLines
* security/vuxml: extend libxml2/libxslt vuln to linux-* portsMatthias Andree11 days1-0/+16
|
* textproc/libxml2, textproc/libxslt: vulnerableMatthias Andree11 days1-0/+107
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Note that libxslt is vulnerable, unfixed, and without maintainer. Two of four vulnerabilities have been fixed. Note that libxml2 in our ports is vulnerable and there is no upstream release fixing these bugs, they need cherry-picks. Deprecate textproc/xmlto and textproc/minixmlto, which both depend on the unmaintained and vulnerable libxslt. I have filed https://pagure.io/xmlto/issue/15 to ask the xmlto upstream to switch to different XML/XSLT libraries. Two issues are undisclosed and do not seem to have a CVE assigned yet. Security: CVE-2025-6021 Security: CVE-2025-6170 Security: CVE-2025-7424 Security: CVE-2025-7425 Security: CVE-2025-49794 Security: CVE-2025-49795 Security: CVE-2025-49795 Security: https://gitlab.gnome.org/GNOME/libxml2/-/issues/913 Security: https://gitlab.gnome.org/GNOME/libxml2/-/issues/926 Security: https://gitlab.gnome.org/GNOME/libxml2/-/issues/931 Security: https://gitlab.gnome.org/GNOME/libxml2/-/issues/932 Security: https://gitlab.gnome.org/GNOME/libxml2/-/issues/933 Security: https://gitlab.gnome.org/GNOME/libxml2/-/issues/935 Security: https://gitlab.gnome.org/GNOME/libxml2/-/issues/941 Security: https://gitlab.gnome.org/GNOME/libxslt/-/issues/139 Security: https://gitlab.gnome.org/GNOME/libxslt/-/issues/140 Security: https://gitlab.gnome.org/GNOME/libxslt/-/issues/144 Security: https://gitlab.gnome.org/GNOME/libxslt/-/issues/148 Security: https://gitlab.gnome.org/Teams/Releng/security/-/wikis/2025#libxml2-and-libxslt Security: https://www.openwall.com/lists/oss-security/2025/06/16/6
* security/vuxml: Document mod_http2 vulnerabilitiesBernard Spil11 days1-0/+31
|
* security/vuxml: Document Apache httpd vulnerabilitiesBernard Spil11 days1-0/+40
|
* security/wazuh-manager: Fix build on 13.xJose Alonso Cardenas Marquez11 days1-2/+2
| | | | Reported by: pkg-fallout
* security/rubygem-tpm-key_attestation: update to 0.14.1Matthias Fechner12 days2-4/+4
| | | | Changes: https://github.com/cedarcode/tpm-key_attestation/blob/master/CHANGELOG.md
* security/rubygem-webauthn: update to 3.4.1Matthias Fechner12 days2-4/+4
| | | | Changes: https://github.com/cedarcode/webauthn-ruby/blob/master/CHANGELOG.md
* security/rubygem-gitlab-secret_detection: udpate to 0.33.0Matthias Fechner12 days2-5/+4
| | | | Changes: https://gitlab.com/gitlab-org/security-products/secret-detection/secret-detection-service/-/blob/main/CHANGELOG.md
* security/py-xmlsec: Update version 1.3.15=>1.3.16Muhammad Moinur Rahman12 days2-6/+5
| | | | Changelog: https://github.com/xmlsec/python-xmlsec/releases/tag/1.3.16
* security/rubygem-acme-client: Update to 2.0.22Po-Chuan Hsieh12 days3-17/+5
| | | | Changes: https://github.com/unixcharles/acme-client/blob/master/CHANGELOG.md
* security/aws-lc: Update to 1.55.0Po-Chuan Hsieh12 days2-4/+4
| | | | Changes: https://github.com/aws/aws-lc/releases
* security/vuxml: document tomcat vulnerabilitiesSergey A. Osokin12 days1-0/+52
|
* security/ssl-checker: Add new portJimmy Olgeni13 days4-0/+37
| | | | | ssl-checker is a fast and beautiful command-line tool designed to check SSL certificates for HTTPS endpoints.
* security/vuxml: document gitlab vulnerabilitiesMatthias Fechner13 days1-0/+35
|
* security/arti: Update to 1.4.5Carlo Strub13 days4-311/+266
|
* security/fizz: update 2025.06.23.00 → 2025.07.07.00Yuri Victorovich13 days2-4/+4
|
* security/libp11: update to 0.4.16 release.Alex Dupre13 days5-35/+7
|
* many: Bump PORTREVISION for go-1.24.5 updateAdam Weinberger13 days63-48/+63
|
* graphics/p5-Cairo: bump dependant portsMathieu Arnold14 days3-3/+3
| | | | | PR: 288054 MFH: 2025Q3
* */*: Bump PORTREVISION for devel/protobuf-c updateDon Lewis14 days1-1/+2
| | | | | | | | | libprotobuf-c.so once again has version info. Force a rebuild of its consumers. PR: 282060 MFH: 2025Q3 Sponsored by: <If the change was sponsored by an organization.>
* lang/luajit: update to v2.1Sergey A. Osokin14 days3-2/+3
| | | | | | | | Disconnect lang/luajit-devel from the build, will be removed soon. Bump PORTREVISIONs for the consumers. Discussed with: adamw PR: 225342
* security/duo: Update to 2.1.0Ryan Steinmetz2025-07-083-4/+19
|
* security/stunnel: Update to 5.75Ryan Steinmetz2025-07-082-4/+4
|
* security/vuxml: Add multiple git vulnerabilitiesRenato Botelho2025-07-081-0/+88
| | | | | | | | | | | * CVE-2025-27613 * CVE-2025-27614 * CVE-2025-46835 * CVE-2025-48384 * CVE-2025-48385 * CVE-2025-48386 Sponsored by: Rubicon Communications, LLC ("Netgate")
* security/vuxml: Fix mongodb entryFernando Apesteguía2025-07-081-29/+0
| | | | | | | Remove mongodb80 entry since it is not affected. Reported by: ronald-lists@klop.ws Fixes: fbefcec73997
* security/vuxml: Add mongodb* vulnerabilitiesFernando Apesteguía2025-07-081-0/+171
| | | | | | | | * CVE-2025-6711 * CVE-2025-6712 * CVE-2025-6713 * CVE-2025-6714 * CVE-2025-7259
* security/s2n-tls: Upstream rerollNuno Teixeira2025-07-083-3/+6
|
* security/vuxml: Add ModSecurity vulnerabilityFernando Apesteguía2025-07-081-0/+33
| | | | * CVE-2025-52891
* security/wazuh-server: Fix logstash configuration nameJose Alonso Cardenas Marquez2025-07-072-1/+2
| | | | - Bump PORTREVISION
* security/wazuh-manager: Fix extract issuesJose Alonso Cardenas Marquez2025-07-073-19/+19
| | | | | | | - Fix extract issues on amd64/aarch64 - Update cpython bundle to 3.11.13 - Update whl cache files - Bump PORTREVISION
* security/s2n-tls: Update to 1.5.22Nuno Teixeira2025-07-073-6/+4
| | | | ChangeLog: https://github.com/aws/s2n-tls/releases/tag/v1.5.22
* security/tscli: Update to 0.0.12Jesús Daniel Colmenares Oviedo2025-07-072-6/+6
| | | | | | | | | | | ChangeLogs: - https://github.com/jaxxstorm/tscli/releases/tag/v0.0.12 - https://github.com/jaxxstorm/tscli/releases/tag/v0.0.11 - https://github.com/jaxxstorm/tscli/releases/tag/v0.0.10 - https://github.com/jaxxstorm/tscli/releases/tag/v0.0.9 Approved by: acm (mentor)
* security/clamav-lts: Update to 1.0.9Yasuhiro Kimura2025-07-083-6/+4
| | | | | | | ReleaseNotes: https://blog.clamav.net/2025/06/clamav-143-and-109-security-patch.html MFH: 2025Q3 Security: 3dcc0812-4da5-11f0-afcc-f02f7432cf97 Security: 6c6c1507-4da5-11f0-afcc-f02f7432cf97
* security/clamav: Update to 1.4.3Yasuhiro Kimura2025-07-083-6/+4
| | | | | | | ReleaseNotes: https://blog.clamav.net/2025/06/clamav-143-and-109-security-patch.html MFH: 2025Q3 Security: 3dcc0812-4da5-11f0-afcc-f02f7432cf97 Security: 6c6c1507-4da5-11f0-afcc-f02f7432cf97
* security/vuxml: Document multiple vlunerabilities in redis and valkyYasuhiro Kimura2025-07-081-0/+133
|
* security/hockeypuck: Update to 2.2.4Siva Mahadevan2025-07-072-5/+4
| | | | | | | Changelog: https://github.com/hockeypuck/hockeypuck/releases/tag/2.2.4 PR: 288079 Approved by: me@svmhdvn.name (maintainer)
* security/beidconnect: Update to 2.11Tijl Coosemans2025-07-073-6/+6
|
* security/trivy: update to 0.64.1Matthias Fechner2025-07-072-6/+6
| | | | Changes: https://github.com/aquasecurity/trivy/releases/tag/v0.64.1
* security/vuxml: add FreeBSD SA issued on 2025-07-02Philip Paeps2025-07-071-0/+31
| | | | FreeBSD-SA-25:06.xz affects FreeBSD 13.5 and FreeBSD 14.2
* security/zeek: Fix PERFTOOLS_RUN_DEPENDSCraig Leres2025-07-061-1/+1
| | | | | | | Build depends should be executables or shared libraries, not include files. Reported by: Gleb Popov
* security/zeek: Unbreak PERFTOOLSCraig Leres2025-07-061-2/+5
| | | | | | | | Apparently the pprof has been provided by the devel/pprof port for quite awhile. Since PERFTOOLS is off by default this wasn't noticed until reported by Andrea Venturoli. Reported by: Andrea Venturoli
* security/openfortivpn: Update 1.21.0 => 1.23.1, take maintainershipAtanu Biswas2025-07-063-11/+15
| | | | | | | | | | | | | | | Changelogs: https://github.com/adrienverge/openfortivpn/blob/v1.23.1/CHANGELOG.md Improve port: - repalace PORTVERSION with DISTVERSION - fix warnings from portclippy - install config.sample: prevent rewrites user's config during every update - remove useless config.template PR: 287912 Co-authored-by: Ben Hutton <ben@benhutton.com.au> MFH: 2025Q3
* security/vuxml: Document multimedia/gstreamer1-plugins-bad < 1.26.3Jason E. Hale2025-07-061-0/+28
|
* security/nuclei: Update to 3.4.6Gabriel M. Dutra2025-07-052-6/+6
| | | | | ChangeLog: https://github.com/projectdiscovery/nuclei/releases/tag/v3.4.6
* security/py-pwntools: Fix declaration of PYDISTUTILS_INSTALLARGSEmanuel Haupt2025-07-051-2/+4
| | | | | | | | | We need to include bsd.port.pre.mk before declaring PYDISTUTILS_INSTALLARGS to preserve any pre-set values. We will then include bsd.port.post.mk afterward. PR: 287992 Reported by: milios@ccsys.com
* security/arti: fix build on powerpc64lePiotr Kubaj2025-07-041-0/+20
|
* security/liboqs: enable BIKE on powerpc64lePiotr Kubaj2025-07-041-1/+2
|
* security/rustls-ffi: fix build on powerpc64lePiotr Kubaj2025-07-041-0/+38
|
* security/py-pwntools: Disable generic CLI shortcutsEmanuel Haupt2025-07-041-2/+5
| | | | | | | | | | | | | | | Use --only-use-pwn-command to prevent installing 'main', 'version', 'errno', etc., reducing $PATH clutter and namespace pollution. Upstream plans to remove most generic scripts in 5.0.0, which should further reduce spurious entitlement claims on the system PATH, unlike the reporter’s ex-wife. Upstream issue: https://github.com/Gallopsled/pwntools/issues/2589 PR: 287992 Reported by: milios@ccsys.com
* security/vuxml: Add Mozilla vulnerabilitiesFernando Apesteguía2025-07-041-0/+143
| | | | | | | | | | | | * CVE-2025-6425 * CVE-2025-6427 * CVE-2025-6429 * CVE-2025-6430 * CVE-2025-6432 * CVE-2025-6433 * CVE-2025-6434 * CVE-2025-6435 * CVE-2025-6436