notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)
Want a good monitor light? See my photosAll times are UTC
Ukraine
Port details
xmltooling Low level XML support for SAML
3.3.0 devel on this many watch lists=2 search for ports that depend on this port An older version of this port was marked as vulnerable. Find issues related to this port Report an issue related to this port View this port on Repology. pkg-fallout 3.2.4Version of this port present on the latest quarterly branch.
Maintainer: girgen@FreeBSD.org search for ports maintained by this maintainer
Port Added: 2008-11-22 15:15:45
Last Update: 2024-10-19 18:12:20
Commit Hash: c614747
People watching this port, also watch:: jdictionary, py311-Automat, py311-python-gdsii, py39-PyOpenGL, p5-Sane
Also Listed In: security
License: APACHE20
WWW:
https://wiki.shibboleth.net/confluence/display/OpenSAML/XMLTooling-C
Description:
Shibboleth 2.x relies on OpenSAML 2, which in turn requires this lower-level library that provides a higher level interface to XML processing, particularly in light of signing and encryption.
Homepage    cgit ¦ Codeberg ¦ GitHub ¦ GitLab ¦ SVNWeb

Manual pages:
FreshPorts has no man page information for this port.
pkg-plist: as obtained via: make generate-plist
Expand this list (110 items)
Collapse this list.
  1. @ldconfig
  2. /usr/local/share/licenses/xmltooling-3.3.0/catalog.mk
  3. /usr/local/share/licenses/xmltooling-3.3.0/LICENSE
  4. /usr/local/share/licenses/xmltooling-3.3.0/APACHE20
  5. include/xmltooling/AbstractAttributeExtensibleXMLObject.h
  6. include/xmltooling/AbstractComplexElement.h
  7. include/xmltooling/AbstractDOMCachingXMLObject.h
  8. include/xmltooling/AbstractSimpleElement.h
  9. include/xmltooling/AbstractXMLObject.h
  10. include/xmltooling/AttributeExtensibleXMLObject.h
  11. include/xmltooling/ConcreteXMLObjectBuilder.h
  12. include/xmltooling/ElementExtensibleXMLObject.h
  13. include/xmltooling/ElementProxy.h
  14. include/xmltooling/Lockable.h
  15. include/xmltooling/Namespace.h
  16. include/xmltooling/PluginManager.h
  17. include/xmltooling/QName.h
  18. include/xmltooling/XMLObject.h
  19. include/xmltooling/XMLObjectBuilder.h
  20. include/xmltooling/XMLToolingConfig.h
  21. include/xmltooling/base.h
  22. include/xmltooling/char_traits.h
  23. include/xmltooling/config_pub.h
  24. include/xmltooling/encryption/Decrypter.h
  25. include/xmltooling/encryption/EncryptedKeyResolver.h
  26. include/xmltooling/encryption/Encrypter.h
  27. include/xmltooling/encryption/Encryption.h
  28. include/xmltooling/exceptions.h
  29. include/xmltooling/impl/AnyElement.h
  30. include/xmltooling/impl/ManagedResource.h
  31. include/xmltooling/impl/OpenSSLSecurityHelper.h
  32. include/xmltooling/impl/OpenSSLSupport.h
  33. include/xmltooling/impl/UnknownElement.h
  34. include/xmltooling/io/AbstractXMLObjectMarshaller.h
  35. include/xmltooling/io/AbstractXMLObjectUnmarshaller.h
  36. include/xmltooling/io/GenericRequest.h
  37. include/xmltooling/io/GenericResponse.h
  38. include/xmltooling/io/HTTPRequest.h
  39. include/xmltooling/io/HTTPResponse.h
  40. include/xmltooling/logging.h
  41. include/xmltooling/security/AbstractPKIXTrustEngine.h
  42. include/xmltooling/security/BasicX509Credential.h
  43. include/xmltooling/security/ChainingTrustEngine.h
  44. include/xmltooling/security/Credential.h
  45. include/xmltooling/security/CredentialContext.h
  46. include/xmltooling/security/CredentialCriteria.h
  47. include/xmltooling/security/CredentialResolver.h
  48. include/xmltooling/security/DataSealer.h
  49. include/xmltooling/security/KeyInfoCredentialContext.h
  50. include/xmltooling/security/KeyInfoResolver.h
  51. include/xmltooling/security/OpenSSLCredential.h
  52. include/xmltooling/security/OpenSSLCryptoX509CRL.h
  53. include/xmltooling/security/OpenSSLPathValidator.h
  54. include/xmltooling/security/OpenSSLTrustEngine.h
  55. include/xmltooling/security/PKIXPathValidatorParams.h
  56. include/xmltooling/security/PathValidator.h
  57. include/xmltooling/security/SecurityHelper.h
  58. include/xmltooling/security/SignatureTrustEngine.h
  59. include/xmltooling/security/TrustEngine.h
  60. include/xmltooling/security/X509Credential.h
  61. include/xmltooling/security/X509TrustEngine.h
  62. include/xmltooling/security/XSECCryptoX509CRL.h
  63. include/xmltooling/signature/ContentReference.h
  64. include/xmltooling/signature/KeyInfo.h
  65. include/xmltooling/signature/Signature.h
  66. include/xmltooling/signature/SignatureValidator.h
  67. include/xmltooling/soap/HTTPSOAPTransport.h
  68. include/xmltooling/soap/OpenSSLSOAPTransport.h
  69. include/xmltooling/soap/SOAP.h
  70. include/xmltooling/soap/SOAPClient.h
  71. include/xmltooling/soap/SOAPTransport.h
  72. include/xmltooling/unicode.h
  73. include/xmltooling/util/CloneInputStream.h
  74. include/xmltooling/util/CurlURLInputStream.h
  75. include/xmltooling/util/DirectoryWalker.h
  76. include/xmltooling/util/NDC.h
  77. include/xmltooling/util/ParserPool.h
  78. include/xmltooling/util/PathResolver.h
  79. include/xmltooling/util/Predicates.h
  80. include/xmltooling/util/ReloadableXMLFile.h
  81. include/xmltooling/util/ReplayCache.h
  82. include/xmltooling/util/StorageService.h
  83. include/xmltooling/util/TemplateEngine.h
  84. include/xmltooling/util/Threads.h
  85. include/xmltooling/util/URLEncoder.h
  86. include/xmltooling/util/XMLConstants.h
  87. include/xmltooling/util/XMLHelper.h
  88. include/xmltooling/util/XMLObjectChildrenList.h
  89. include/xmltooling/validation/Validator.h
  90. include/xmltooling/validation/ValidatorSuite.h
  91. include/xmltooling/version.h
  92. lib/libxmltooling-lite.so
  93. lib/libxmltooling-lite.so.11
  94. lib/libxmltooling-lite.so.11.0.0
  95. lib/libxmltooling.so
  96. lib/libxmltooling.so.11
  97. lib/libxmltooling.so.11.0.0
  98. libdata/pkgconfig/xmltooling-lite.pc
  99. libdata/pkgconfig/xmltooling.pc
  100. share/xml/xmltooling/catalog.xml
  101. share/xml/xmltooling/soap-envelope.xsd
  102. share/xml/xmltooling/xenc-schema.xsd
  103. share/xml/xmltooling/xenc11-schema.xsd
  104. share/xml/xmltooling/xml.xsd
  105. share/xml/xmltooling/xmldsig-core-schema.xsd
  106. share/xml/xmltooling/xmldsig11-schema.xsd
  107. share/xml/xmltooling/xmltooling.xsd
  108. @owner
  109. @group
  110. @mode
Collapse this list.
Dependency lines:
  • xmltooling>0:devel/xmltooling
To install the port:
cd /usr/ports/devel/xmltooling/ && make install clean
To add the package, run one of these commands:
  • pkg install devel/xmltooling
  • pkg install xmltooling
NOTE: If this package has multiple flavors (see below), then use one of them instead of the name specified above.
PKGNAME: xmltooling
Flavors: there is no flavor information for this port.
distinfo:
TIMESTAMP = 1729173044 SHA256 (xmltooling-3.3.0.tar.bz2) = 0a2c421be976f3a44b876d6b06ba1f6a2ffbc404f4622f8a65a66c3ba77cb047 SIZE (xmltooling-3.3.0.tar.bz2) = 622170

Packages (timestamps in pop-ups are UTC):
xmltooling
ABIaarch64amd64armv6armv7i386powerpcpowerpc64powerpc64le
FreeBSD:13:latest3.3.03.3.03.2.03.3.03.3.0-3.2.0-
FreeBSD:13:quarterly3.2.43.2.43.2.43.2.43.2.43.2.43.2.43.2.4
FreeBSD:14:latest3.3.03.3.03.2.33.3.03.3.03.2.4-3.2.4
FreeBSD:14:quarterly3.2.43.2.4-3.2.43.2.43.2.43.2.43.2.4
FreeBSD:15:latest3.3.03.3.0n/a3.3.0n/a3.2.43.2.43.2.4
Dependencies
NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.
Build dependencies:
  1. boost-libs>=0 : devel/boost-libs
  2. gmake>=4.4.1 : devel/gmake
  3. pkgconf>=1.3.0_1 : devel/pkgconf
  4. autoconf>=2.72 : devel/autoconf
  5. automake>=1.17 : devel/automake
  6. libtoolize : devel/libtool
Library dependencies:
  1. libcurl.so : ftp/curl
  2. liblog4shib.so : devel/log4shib
  3. libxml-security-c.so : security/apache-xml-security-c
This port is required by:
for Libraries
  1. security/opensaml
  2. security/shibboleth-sp
  3. www/wt

Deleted ports which required this port:

Expand this list of 2 deleted ports
  1. security/opensaml2*
  2. security/shibboleth2-sp*
  3. Collapse this list of deleted ports.
* - deleted ports are only shown under the This port is required by section. It was harder to do for the Required section. Perhaps later...

Configuration Options:
===> The following configuration options are available for xmltooling-3.3.0: DOCS=on: Build and/or install documentation ===> Use 'make config' to modify these settings
Options name:
devel_xmltooling
USES:
cpe gmake libtool pkgconfig tar:bzip2 ssl autoreconf
FreshPorts was unable to extract/find any pkg message
Master Sites:
Expand this list (1 items)
Collapse this list.
  1. http://shibboleth.net/downloads/c++-opensaml/latest/
Collapse this list.

Number of commits found: 63

Commit History - (may be incomplete: for full details, see links to repositories near top of page)
CommitCreditsLog message
3.3.0
19 Oct 2024 18:12:20
commit hash: c61474732f85ce1d09f07e5e62c697874f135f41commit hash: c61474732f85ce1d09f07e5e62c697874f135f41commit hash: c61474732f85ce1d09f07e5e62c697874f135f41commit hash: c61474732f85ce1d09f07e5e62c697874f135f41 files touched by this commit
Palle Girgensohn (girgen) search for other commits by this committer
devel/xmltooling: update to 3.3.0

This is a library used by Shibboleth-SP and they are upgraded in sync.

Release notes:	https://shibboleth.atlassian.net/wiki/x/jYUaew
3.2.4
18 Jul 2023 22:23:25
commit hash: 0cc7833e22fa358e7307af3a644d6d37d2c5267bcommit hash: 0cc7833e22fa358e7307af3a644d6d37d2c5267bcommit hash: 0cc7833e22fa358e7307af3a644d6d37d2c5267bcommit hash: 0cc7833e22fa358e7307af3a644d6d37d2c5267b files touched by this commit
Muhammad Moinur Rahman (bofh) search for other commits by this committer
devel/xmltooling: Fix build with llvm16

Approved by:	portmgr (blanket)
Sponsored by:	The FreeBSD Foundation
3.2.4
12 Jun 2023 15:09:11
commit hash: 37548fca60c3733e77d6020dcacabd1540f39e64commit hash: 37548fca60c3733e77d6020dcacabd1540f39e64commit hash: 37548fca60c3733e77d6020dcacabd1540f39e64commit hash: 37548fca60c3733e77d6020dcacabd1540f39e64 files touched by this commit
Palle Girgensohn (girgen) search for other commits by this committer
devel/xmltooling: update to 3.2.4

An updated version of the XMLTooling library that is part of the
OpenSAML and Shibboleth Service Provider software is now available
which corrects a server-side request forgery (SSRF) vulnerability.

Security:	f7e9a1cc-0931-11ee-94b4-6cc21735f730
3.2.3
11 Jan 2023 14:46:40
commit hash: a9e71595d93377de9af87a999cd128f3f43069e5commit hash: a9e71595d93377de9af87a999cd128f3f43069e5commit hash: a9e71595d93377de9af87a999cd128f3f43069e5commit hash: a9e71595d93377de9af87a999cd128f3f43069e5 files touched by this commit This port version is marked as vulnerable.
Palle Girgensohn (girgen) search for other commits by this committer
shibboleth-sp: Update to 3.4.1

A patch release of the Service Provider, V3.4.1, is now available. This
release fixes a couple of small bugs and adds a warning requested by one
of our member organizations in the absence of the redirectLimit setting,
which leads to SPs being abused as open redirectors.

Notably, this release includes an update to the xmltooling library that
hardens the code base against the sorts of attacks reported against the
IdP in the recent advisory. The SP is, as far as can be determined, not
impacted directly by that vulnerability, but this is a precautionary
change.

Release
notes:	https://shibboleth.atlassian.net/wiki/spaces/SP3/pages/2065335693/ReleaseNotes
3.2.2
07 Nov 2022 17:03:06
commit hash: b4e7dc9bf4a25f8fb4858b55d811f2b001a49602commit hash: b4e7dc9bf4a25f8fb4858b55d811f2b001a49602commit hash: b4e7dc9bf4a25f8fb4858b55d811f2b001a49602commit hash: b4e7dc9bf4a25f8fb4858b55d811f2b001a49602 files touched by this commit This port version is marked as vulnerable.
Palle Girgensohn (girgen) search for other commits by this committer
security/shibboleth-sp: update to 3.4.0

This is a minor update containing a new setting suggested by a
contributor (thus the unplanned minor version change) controlling
retries when TCP connections to shibd are used. The other changes are
minimal in nature.

Update the toolchain as well:

devel/xmltooling
textproc/xerces-c3

and bump PORTREVISION for security/opensaml due to dependencies'
updates.

Release notes:	https://wiki.shibboleth.net/confluence/display/SP3/ReleaseNotes
07 Sep 2022 21:58:51
commit hash: fb16dfecae4a6efac9f3a78e0b759fb7a3c53de4commit hash: fb16dfecae4a6efac9f3a78e0b759fb7a3c53de4commit hash: fb16dfecae4a6efac9f3a78e0b759fb7a3c53de4commit hash: fb16dfecae4a6efac9f3a78e0b759fb7a3c53de4 files touched by this commit
Stefan Eßer (se) search for other commits by this committer
Remove WWW entries moved into port Makefiles

Commit b7f05445c00f has added WWW entries to port Makefiles based on
WWW: lines in pkg-descr files.

This commit removes the WWW: lines of moved-over URLs from these
pkg-descr files.

Approved by:		portmgr (tcberner)
3.2.1_1
07 Sep 2022 21:10:59
commit hash: b7f05445c00f2625aa19b4154ebcbce5ed2daa52commit hash: b7f05445c00f2625aa19b4154ebcbce5ed2daa52commit hash: b7f05445c00f2625aa19b4154ebcbce5ed2daa52commit hash: b7f05445c00f2625aa19b4154ebcbce5ed2daa52 files touched by this commit This port version is marked as vulnerable.
Stefan Eßer (se) search for other commits by this committer
Add WWW entries to port Makefiles

It has been common practice to have one or more URLs at the end of the
ports' pkg-descr files, one per line and prefixed with "WWW:". These
URLs should point at a project website or other relevant resources.

Access to these URLs required processing of the pkg-descr files, and
they have often become stale over time. If more than one such URL was
present in a pkg-descr file, only the first one was tarnsfered into
the port INDEX, but for many ports only the last line did contain the
port specific URL to further information.

There have been several proposals to make a project URL available as
a macro in the ports' Makefiles, over time.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
3.2.1_1
12 Aug 2022 14:46:53
commit hash: 4cf39decb348615b9c8a28370d987a85d1b8a5edcommit hash: 4cf39decb348615b9c8a28370d987a85d1b8a5edcommit hash: 4cf39decb348615b9c8a28370d987a85d1b8a5edcommit hash: 4cf39decb348615b9c8a28370d987a85d1b8a5ed files touched by this commit This port version is marked as vulnerable.
Dima Panov (fluffy) search for other commits by this committer
*/*: bump all consumers after recent boost upgrade
3.2.1
20 Jul 2022 14:21:35
commit hash: aa6eefd5e663357e8223399bc38c7987f5e35746commit hash: aa6eefd5e663357e8223399bc38c7987f5e35746commit hash: aa6eefd5e663357e8223399bc38c7987f5e35746commit hash: aa6eefd5e663357e8223399bc38c7987f5e35746 files touched by this commit This port version is marked as vulnerable.
Tobias C. Berner (tcberner) search for other commits by this committer
devel: remove 'Created by' lines

A big Thank You to the original contributors of these ports:

  *  "Waitman Gobble" <uzimac@da3m0n8t3r.com>
  *  <jkoshy@FreeBSD.org>
  *  Aaron Dalton <aaron@FreeBSD.org>
  *  Aaron Dalton <aaron@daltons.ca>
  *  Aaron H. K. Diep <ahkdiep@gmail.com>
  *  Aaron Hurt <ahurt@anbcs.com>
  *  Abel Chow <abel_chow@yahoo.com>
  *  Adam McLaurin
  *  Adam Saponara <as@php.net>
  *  Adam Weinberger <adamw@FreeBSD.org>
  *  Ade Lovett <ade@FreeBSD.org>
(Only the first 15 lines of the commit message are shown above View all of this commit message)
3.2.1
30 Nov 2021 14:42:08
commit hash: 8de027017663e95f66026d5e42c4e9472443538acommit hash: 8de027017663e95f66026d5e42c4e9472443538acommit hash: 8de027017663e95f66026d5e42c4e9472443538acommit hash: 8de027017663e95f66026d5e42c4e9472443538a files touched by this commit This port version is marked as vulnerable.
Palle Girgensohn (girgen) search for other commits by this committer
devel/xmltooling: update to 3.2.1
3.2.0
18 Oct 2021 19:25:54
commit hash: 0075061f388413409d72380d3316032e8bc9e615commit hash: 0075061f388413409d72380d3316032e8bc9e615commit hash: 0075061f388413409d72380d3316032e8bc9e615commit hash: 0075061f388413409d72380d3316032e8bc9e615 files touched by this commit This port version is marked as vulnerable.
Stefan Eßer (se) search for other commits by this committer
devel/xmltooling: Add CPE information

Approved by:	portmgr (blanket)
3.2.0
06 Apr 2021 14:31:07
commit hash: 305f148f482daf30dcf728039d03d019f88344ebcommit hash: 305f148f482daf30dcf728039d03d019f88344ebcommit hash: 305f148f482daf30dcf728039d03d019f88344ebcommit hash: 305f148f482daf30dcf728039d03d019f88344eb files touched by this commit This port version is marked as vulnerable.
Mathieu Arnold (mat) search for other commits by this committer
Remove # $FreeBSD$ from Makefiles.
3.2.0
18 Dec 2020 08:51:57
Revision:558359Original commit files touched by this commit This port version is marked as vulnerable.
girgen search for other commits by this committer
Update xmltooling to 3.2.0

Bump dependant ports. xmltooling is only used as a dependency for
security/shibboleth-sp.

Release notes:	https://wiki.shibboleth.net/confluence/display/SP3/ReleaseNotes
3.1.0
13 Apr 2020 22:15:37
Revision:531638Original commit files touched by this commit This port version is marked as vulnerable.
girgen search for other commits by this committer
The Shibboleth Project has released V3.1.0 of the Service Provider software.

Release notes:	https://wiki.shibboleth.net/confluence/display/SP3/ReleaseNotes
3.0.4_3
11 Dec 2019 17:53:49
Revision:519824Original commit files touched by this commit This port version is marked as vulnerable.
jbeich search for other commits by this committer
devel/boost-*: update to 1.72.0

Changes:	http://www.boost.org/users/history/version_1_72_0.html
PR:		241449
Exp-run by:	antoine
Differential Revision:	https://reviews.freebsd.org/D22136
3.0.4_2
19 Aug 2019 15:35:28
Revision:509290Original commit files touched by this commit This port version is marked as vulnerable.
jbeich search for other commits by this committer
devel/boost-*: update to 1.71.0

Changes:	http://www.boost.org/users/history/version_1_71_0.html
PR:		238827
Exp-run by:	antoine
Differential Revision:	https://reviews.freebsd.org/D20774
3.0.4_1
12 Apr 2019 06:36:31
Revision:498698Original commit files touched by this commit This port version is marked as vulnerable.
jbeich search for other commits by this committer
devel/boost-*: update to 1.70.0

Changes:	http://www.boost.org/users/history/version_1_70_0.html
PR:		235956
Exp-run by:	antoine
Differential Revision:	https://reviews.freebsd.org/D19303
3.0.4
11 Mar 2019 17:02:37
Revision:495367Original commit files touched by this commit This port version is marked as vulnerable.
girgen search for other commits by this committer
Update Shibboleth and its tool chain to 3.0.4

The security problem was patched alreadyin 3.0.3p1, but all users are
recommended to update to the latest version at next service window.

Security:	CVE-2019-9628
		https://shibboleth.net/community/advisories/secadv_20190311.txt
Release notes:	https://wiki.shibboleth.net/confluence/display/SP3/ReleaseNotes
3.0.3_1
10 Mar 2019 17:50:40
Revision:495308Original commit files touched by this commit This port version is marked as vulnerable.
girgen search for other commits by this committer
Pull upstreams fix from upcoming release

This fixes a DoS scenario. The commit message from the original commit is

	CPPXT - Crash due to uncaught DOMException
3.0.3
23 Dec 2018 10:54:35
Revision:488188Original commit files touched by this commit This port version is marked as vulnerable.
girgen search for other commits by this committer
Update to version 3.0.3

The update corrects a denial of service vulnerability.

Security:	4f8665d0-0465-11e9-b77a-6cc21735f730
3.0.2_2
12 Dec 2018 00:15:50
Revision:487266Original commit files touched by this commit This port version is marked as vulnerable.
jbeich search for other commits by this committer
devel/boost-*: update to 1.69.0

Changes:	http://www.boost.org/users/history/version_1_69_0.html
PR:		232525
Exp-run by:	antoine
Differential Revision:	https://reviews.freebsd.org/D17645
3.0.2_1
12 Oct 2018 08:37:14
Revision:481884Original commit files touched by this commit This port version is marked as vulnerable.
girgen search for other commits by this committer
Fix build problem with OpenSSL-1.1.1
3.0.2_1
09 Aug 2018 06:58:31
Revision:476723Original commit files touched by this commit This port version is marked as vulnerable.
jbeich search for other commits by this committer
devel/boost-*: update to 1.68.0

- Switch to C++14 for libboost_system to support C++14 consumers

Changes:	http://www.boost.org/users/history/version_1_68_0.html
PR:		229569
Exp-run by:	antoine
Differential Revision:	https://reviews.freebsd.org/D16165
3.0.2
07 Aug 2018 13:24:37
Revision:476595Original commit files touched by this commit This port version is marked as vulnerable.
girgen search for other commits by this committer
Update Shibboleth to 3.0.2

Also update the toolchain to latest versions. This includes a security fix for
apache-xml-security-c.

Releaseinfo:    https://wiki.shibboleth.net/confluence/display/SP3/ReleaseNotes
Security:       5786185a-9a43-11e8-b34b-6cc21735f730
Security:       https://shibboleth.net/community/advisories/secadv_20180803.txt
1.6.4_1
18 Apr 2018 13:57:43
Revision:467711Original commit files touched by this commit This port version is marked as vulnerable.
jbeich search for other commits by this committer
devel/boost-*: update to 1.67.0

Changes:	http://www.boost.org/users/history/version_1_67_0.html
PR:		227427
Exp-run by:	antoine
Differential Revision:	https://reviews.freebsd.org/D15030
1.6.4
27 Feb 2018 15:37:29
Revision:463146Original commit files touched by this commit This port version is marked as vulnerable.
girgen search for other commits by this committer
Shibboleth SP software vulnerable to additional data forgery flaws

The XML processing performed by the Service Provider software has been
found to be vulnerable to new flaws similar in nature to the one
addressed in an advisory last month.

Security:	22438240-1bd0-11e8-a2ec-6cc21735f730
URL:		https://shibboleth.net/community/advisories/secadv_20180227.txt
1.6.3_1
18 Jan 2018 04:11:03
Revision:459315Original commit files touched by this commit This port version is marked as vulnerable.
jbeich search for other commits by this committer
devel/boost-*: update to 1.66.0

Changes:	http://www.boost.org/users/history/version_1_66_0.html
PR:		223922
Exp-run by:	antoine
Differential Revision:	https://reviews.freebsd.org/D13279
1.6.3
12 Jan 2018 17:39:28
Revision:458860Original commit files touched by this commit This port version is marked as vulnerable.
girgen search for other commits by this committer
Update to version 1.6.3

Shibboleth SP software vulnerable to forged user attribute data
====================================================================
The Service Provider software relies on a generic XML parser to process
SAML responses and there are limitations in older versions of the parser
that make it impossible to fully disable Document Type Definition (DTD)
processing.

Through addition/manipulation of a DTD, it's possible to make changes
to an XML document that do not break a digital signature but are
mishandled by the SP and its libraries. These manipulations can alter
the user data passed through to applications behind the SP and result
in impersonation attacks and exposure of protected information.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
1.6.2
17 Nov 2017 10:37:25
Revision:454371Original commit files touched by this commit This port version is marked as vulnerable.
girgen search for other commits by this committer
Update to latest version

This is a fix for a regression in the latest security fix for
security/shibboleth2-sp.

Security:	b4b7ec7d-ca27-11e7-a12d-6cc21735f730
1.6.0_5
25 Sep 2017 00:08:17
Revision:450560Original commit files touched by this commit This port version is marked as vulnerable.
jbeich search for other commits by this committer
devel/boost-*: update to 1.65.1

Changes:	http://www.boost.org/users/history/version_1_65_1.html
PR:		218835
Approved by:	maintainer timeout (1.65.1: 2 weeks; 1.65.0: 1 month)
Tested by:	jhibbits (on powerpc64, earlier version)
Exp-run by:	antoine
Differential Revision:	https://reviews.freebsd.org/D11582
1.6.0_4
25 Sep 2017 00:05:06
Revision:450557Original commit files touched by this commit This port version is marked as vulnerable.
jbeich search for other commits by this committer
devel/boost-*: enable C++11 features

PR:		218835
Obtained from:	https://github.com/DragonFlyBSD/DeltaPorts/pull/690
Approved by:	maintainer timeout (2 months)
Exp-run by:	antoine
Differential Revision:	https://reviews.freebsd.org/D11582
1.6.0_3
02 May 2017 06:48:11
Revision:439934Original commit files touched by this commit This port version is marked as vulnerable.
jbeich search for other commits by this committer
devel/boost-*: update to 1.64.0

Changes:	http://www.boost.org/users/history/version_1_64_0.html
PR:		218835
Approved by:	office (bapt)
Exp-run by:	antoine
Differential Revision:	https://reviews.freebsd.org/D10472
1.6.0_2
15 Mar 2017 14:45:31
Revision:436247Original commit files touched by this commit This port version is marked as vulnerable.
mat search for other commits by this committer
Remove all USE_OPENSSL occurrences.

Sponsored by:	Absolight
1.6.0_2
06 Jan 2017 08:45:04
Revision:430692Original commit files touched by this commit This port version is marked as vulnerable.
jbeich search for other commits by this committer
devel/boost-*: update to 1.63.0

Changes:	http://www.boost.org/users/history/version_1_63_0.html
PR:		215598
Exp-run by:	antoine
Approved by:	office (bapt)
MFH:		2017Q1
1.6.0_1
23 Nov 2016 12:45:47
Revision:426908Original commit files touched by this commit This port version is marked as vulnerable.
jbeich search for other commits by this committer
devel/boost-*: update to 1.62.0

- Enable `long double` C99 math usage
- Switch 9.x back to building with GCC

Changes:	http://www.boost.org/users/history/
PR:		199601
Submitted by:	Chen Xu, bapt, amdmi3, truckman (based on)
Reviewed by:	rakuco (kde) (earlier version)
Exp-run by:	antoine (3 tries), truckman (consumers only, earlier versions)
Approved by:	bapt (office)
1.6.0
11 Sep 2016 21:52:18
Revision:421878Original commit files touched by this commit This port version is marked as vulnerable.
girgen search for other commits by this committer
Upgrade shibboleth-sp 2.6 and its tool chain
1.5.5
01 Apr 2016 14:00:57
Revision:412346Original commit files touched by this commit This port version is marked as vulnerable.
mat search for other commits by this committer
Remove ${PORTSDIR}/ from dependencies, categories d, e, f, and g.

With hat:	portmgr
Sponsored by:	Absolight
1.5.5
01 Sep 2015 16:20:48
Revision:395777Original commit files touched by this commit This port version is marked as vulnerable.
amdmi3 search for other commits by this committer
- Switch to options helpers
- While here, add some NO_ARCHes

Approved by:	portmgr blanket
1.5.5
23 Jul 2015 13:21:06
Revision:392720Original commit files touched by this commit This port version is marked as vulnerable.
girgen search for other commits by this committer
Shibboleth SP software crashes on well-formed but invalid XML.

The Service Provider software contains a code path with an uncaught
exception that can be triggered by an unauthenticated attacker by
supplying well-formed but schema-invalid XML in the form of SAML
metadata or SAML protocol messages. The result is a crash and so
causes a denial of service.

You must rebuild opensaml and shibboleth with xmltooling-1.5.5 or later.
The easiest way to do so is to update the whole chain including
shibboleth-2.5.5 an opensaml2.5.5.

URL:    	http://shibboleth.net/community/advisories/secadv_20150721.txt
Security:	CVE-2015-2684
1.5.3_3
16 Jan 2015 16:17:48
Revision:377187Original commit files touched by this commit This port version is marked as vulnerable.
tijl search for other commits by this committer
Add USES=libtool
1.5.3_2
27 Oct 2014 11:09:47
Revision:371553Original commit files touched by this commit This port version is marked as vulnerable.
bapt search for other commits by this committer
Cleanup plist
1.5.3_2
03 Jul 2014 23:57:08
Revision:360487Original commit files touched by this commit This port version is marked as vulnerable.
adamw search for other commits by this committer
Remove NOPORTDOCS and NOPORTEXAMPLES.

Approved by:	portmgr (blanket)
1.5.3_2
23 Jun 2014 13:38:04
Revision:358942Original commit files touched by this commit This port version is marked as vulnerable.
amdmi3 search for other commits by this committer
- Use new LIB_DEPENDS syntax
- Remove redundant docs plist entries (handled by PORTDOCS=*)

Approved by:	portmgr blanket
1.5.3_1
06 Mar 2014 14:19:24
Revision:347229Original commit files touched by this commit This port version is marked as vulnerable.
miwi search for other commits by this committer
- Stage support
1.5.3_1
20 Sep 2013 17:17:45
Revision:327726Original commit files touched by this commit This port version is marked as vulnerable.
bapt search for other commits by this committer
Add NO_STAGE all over the place in preparation for the staging support (cat:
devel part 4)
1.5.3_1
13 Sep 2013 14:09:10
Revision:327150Original commit files touched by this commit This port version is marked as vulnerable.
bapt search for other commits by this committer
Remove USE_GCC=any the port fail at building with gcc 4.6 while is builds
properly with clang
1.5.3_1
02 Sep 2013 06:20:10
Revision:325939Original commit files touched by this commit This port version is marked as vulnerable.
bapt search for other commits by this committer
Add an expicit dependency on pkgconf
1.5.3_1
11 Jul 2013 16:26:27
Revision:322783Original commit files touched by this commit This port version is marked as vulnerable.
sunpoet search for other commits by this committer
- Update to 7.31.0
- Bump PORTREVISION for ftp/curl shlib change
- Add TEST_DEPENDS
- Convert to new options framework
- Adjust options:
  - Add COOKIES
  - Add CYASSL, NSS, POLARSSL, THREADED_RESOLVER, TLS_SRP [1]
  - Add GSSAPI and SPNEGO [2]
  - Remove KERBEROS4
  - Rename LIBIDN to IDN
  - Remove TRACKMEMORY [1]
- Sort option handler
- Add SLAVEDIRS: ftp/curl-hiphop
- Cosmetic change
- Cleanup Makefile header
- While I'm here, fix typo (PORTREVSION) in x11-wm/ede/Makefile

Changes:	http://curl.haxx.se/changes.html
PR:		ports/172325 (-exp run), ports/177369 (based on) [1]
Submitted by:	Hirohisa Yamaguchi <umq@ueo.co.jp> [1], hrs (via email) [2]
Exp run by:	miwi
1.5.3
18 Jun 2013 15:15:48
Revision:321194Original commit files touched by this commit This port version is marked as vulnerable.
girgen search for other commits by this committer
Security update for apache-xml-security-c.
Dependant ports, especially shibboleth2-sp, opensaml2, xmltooling
and log4shib should all be updated.

Security: CVE-2013-2156
1.5.2
04 Jun 2013 17:29:21
Revision:319885Original commit files touched by this commit This port version is marked as vulnerable.
girgen search for other commits by this committer
Update Shibboleth-sp and its tool chain to 2.5.1.

Note that from 2.5, shibd is run as the user shibd.  The port tries to fix the
key file ownership but if you have changed the file name of the key from the
default sp-key.pem, make sure you chown your key file(s) to user shibd.

Also, take maintainership of the entire tool chain (approved by all previous
maintainers).

Incorporates the ideas suggested by Craig Leres [177668], making sure that the
ssl key is not added to the package.

PR:	177668, 178694
1.4.2_1
09 Jan 2013 19:50:06
Revision:310162Original commit files touched by this commit This port version is marked as vulnerable.
tabthorpe search for other commits by this committer
- Change MAINTAINER address
- Trim headers while I am here
- Clean up some trailing whitespace
1.4.2_1
09 Oct 2012 22:12:14
Revision:305610Original commit files touched by this commit This port version is marked as vulnerable.
linimon search for other commits by this committer
Force numerous ports that fail to build with clang over to instead always
rely on gcc.  The patch uses the new USE_GCC=any code in Mk/bsd.gcc.mk to
accomplish this.

The ports chosen were ports that blocked 2 or more ports from building with
clang.  (There are several hundred other ports that still fail to build with
clang, even with this patch.  This is merely one step along the way.)

Those interested in fixing these ports with clang, and have clang as their
default compiler, can simply set FORCE_BASE_CC_FOR_TESTING=yes.

For those who have gcc as their default compiler, this change is believed
to cause no change.

Hat:		portmgr
Tested with:	multiple runs on amd64-8-exp-bcm and 9-exp-clang, with various
		combinations of patch/no-patch and flag settings.
1.4.2_1
13 Aug 2011 15:31:12
Original commit files touched by this commit This port version is marked as vulnerable.
swills search for other commits by this committer
- Use xerces-c 3 [1]
- Pass maintainership back to Janos Mohacsi <janos.mohacsi@bsd.hu> [2]

PR:             ports/159714 [1]
Submitted by:   Janos Mohacsi <janos.mohacsi@bsd.hu> [1]
Approved by:    maintainer (me) [2]
1.4.2
28 Jul 2011 11:53:21
Original commit files touched by this commit This port version is marked as vulnerable.
swills search for other commits by this committer
- Update to 1.4.2
- Update home page while here
- Take maintainership

PR:             ports/159195
Approved by:    linimon
1.4.1
27 Jun 2011 20:14:37
Original commit files touched by this commit This port version is marked as vulnerable.
swills search for other commits by this committer
- Oops, forgot to cvs add this patch

Reported by:    pavmail
1.4.1
27 Jun 2011 02:57:29
Original commit files touched by this commit This port version is marked as vulnerable.
swills search for other commits by this committer
- Update to latest versions

PR:             ports/157822
Submited by:    Palle Girgensohn <girgen@FreeBSD.org>
Approved by:    maintainer timeout
1.3.3_1
11 Dec 2010 22:08:10
Original commit files touched by this commit This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- Fix pkg-plist in NOPORTDOCS case

Reported by:    QAT
1.3.3_1
03 Apr 2010 10:44:36
Original commit files touched by this commit This port version is marked as vulnerable.
roam search for other commits by this committer
Chase the ftp/curl shlib version bump.
1.3.3
11 Jan 2010 05:08:31
Original commit files touched by this commit This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- s/ /\t/g
- 'Fix' make index
1.3.3
08 Jan 2010 01:24:56
Original commit files touched by this commit This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- Update to 2.3

PR:             ports/142324
Submitted by:   Steve Wills <steve@mouf.net>
Approved by:    Mohacsi Janos <janos.mohacsi@bsd.hu> (maintainer)
1.2
10 Jul 2009 01:15:21
Original commit files touched by this commit This port version is marked as vulnerable.
wxs search for other commits by this committer
- Update to 1.2

PR:             ports/136033
Submitted by:   Steve Wills <steve@mouf.net>
Approved by:    maintainer
1.1_1
23 Jan 2009 15:43:14
Original commit files touched by this commit This port version is marked as vulnerable.
roam search for other commits by this committer
Bump the version of the curl shared library after the ftp/curl update
to 7.19.2.
Bump PORTREVISION, even on the ports that do not have a versioned
dependency, since the binaries will most probably still stop working.
1.1
22 Nov 2008 15:15:27
Original commit files touched by this commit This port version is marked as vulnerable.
miwi search for other commits by this committer
Shibboleth 2.x relies on OpenSAML 2, which in turn requires this
lower-level library that provides a higher level interface to XML
processing, particularly in light of signing and encryption.

WWW: https://spaces.internet2.edu/display/OpenSAML/XMLTooling-C

PR:             ports/127326
Submitted by:   Janos Mohacsi

Number of commits found: 63