Date: Tue, 26 Jul 2011 01:19:35 GMT From: Steve Wills <swills@FreeBSD.org> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/159194: [PATCH] update security/opensaml2 to latest version (2.4.3) to resolve security issue Message-ID: <201107260119.p6Q1JZtI074006@red.freebsd.org> Resent-Message-ID: <201107260120.p6Q1K5aS036300@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 159194 >Category: ports >Synopsis: [PATCH] update security/opensaml2 to latest version (2.4.3) to resolve security issue >Confidential: no >Severity: critical >Priority: high >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: update >Submitter-Id: current-users >Arrival-Date: Tue Jul 26 01:20:05 UTC 2011 >Closed-Date: >Last-Modified: >Originator: Steve Wills >Release: >Organization: >Environment: >Description: security/opensaml2 has a security issue, please see: http://www.freebsd.org/cgi/cvsweb.cgi/ports/security/vuxml/vuln.xml.diff?r1=1.2398;r2=1.2399;f=h and https://groups.google.com/a/shibboleth.net/group/announce/browse_thread/thread/cf3e0d76afbb57d9# https://groups.google.com/a/shibboleth.net/group/announce/browse_thread/thread/ab672f278c27bb9b# The attached patch updates it to the latest version which resolves the issue. >How-To-Repeat: >Fix: Patch attached with submission follows: Index: security/opensaml2/Makefile =================================================================== RCS file: /home/ncvs/ports/security/opensaml2/Makefile,v retrieving revision 1.12 diff -u -r1.12 Makefile --- security/opensaml2/Makefile 27 Jun 2011 02:57:28 -0000 1.12 +++ security/opensaml2/Makefile 26 Jul 2011 01:15:23 -0000 @@ -6,9 +6,9 @@ # PORTNAME= opensaml2 -PORTVERSION= 2.4.1 +PORTVERSION= 2.4.3 CATEGORIES= security -MASTER_SITES= http://shibboleth.internet2.edu/downloads/opensaml/cpp/${PORTVERSION}/ +MASTER_SITES= http://www.shibboleth.net/downloads/c++-opensaml/${PORTVERSION}/ DISTNAME= opensaml-${PORTVERSION} MAINTAINER= janos.mohacsi@bsd.hu Index: security/opensaml2/distinfo =================================================================== RCS file: /home/ncvs/ports/security/opensaml2/distinfo,v retrieving revision 1.8 diff -u -r1.8 distinfo --- security/opensaml2/distinfo 27 Jun 2011 02:57:28 -0000 1.8 +++ security/opensaml2/distinfo 26 Jul 2011 01:15:23 -0000 @@ -1,2 +1,2 @@ -SHA256 (opensaml-2.4.1.tar.gz) = 89289f882da19bab5d1476943d75c2f7fa97776980bfa86c7395b573603a2ecb -SIZE (opensaml-2.4.1.tar.gz) = 870509 +SHA256 (opensaml-2.4.3.tar.gz) = 850187c7dd664f9216a387bcc9e08f36643f04ddc08d11551e33a46dd15d2539 +SIZE (opensaml-2.4.3.tar.gz) = 871693 Index: security/opensaml2/pkg-descr =================================================================== RCS file: /home/ncvs/ports/security/opensaml2/pkg-descr,v retrieving revision 1.4 diff -u -r1.4 pkg-descr --- security/opensaml2/pkg-descr 22 Nov 2008 15:55:56 -0000 1.4 +++ security/opensaml2/pkg-descr 26 Jul 2011 01:15:23 -0000 @@ -1,4 +1,4 @@ OpenSAML 2, a re-rewrite of OpenSAML 1, supports SAML 1.0, 1.1, 2.0 but is not backwards compatible with OpenSAML 1. -WWW: https://spaces.internet2.edu/display/OpenSAML/Home +WWW: https://wiki.shibboleth.net/confluence/display/OpenSAML/Home >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201107260119.p6Q1JZtI074006>