ports/159194: [PATCH] update security/opensaml2 to latest version (2.4.3) to resolve security issue
Steve Wills
swills at FreeBSD.org
Tue Jul 26 01:20:06 UTC 2011
>Number: 159194
>Category: ports
>Synopsis: [PATCH] update security/opensaml2 to latest version (2.4.3) to resolve security issue
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: update
>Submitter-Id: current-users
>Arrival-Date: Tue Jul 26 01:20:05 UTC 2011
>Closed-Date:
>Last-Modified:
>Originator: Steve Wills
>Release:
>Organization:
>Environment:
>Description:
security/opensaml2 has a security issue, please see:
http://www.freebsd.org/cgi/cvsweb.cgi/ports/security/vuxml/vuln.xml.diff?r1=1.2398;r2=1.2399;f=h
and
https://groups.google.com/a/shibboleth.net/group/announce/browse_thread/thread/cf3e0d76afbb57d9#
https://groups.google.com/a/shibboleth.net/group/announce/browse_thread/thread/ab672f278c27bb9b#
The attached patch updates it to the latest version which resolves the issue.
>How-To-Repeat:
>Fix:
Patch attached with submission follows:
Index: security/opensaml2/Makefile
===================================================================
RCS file: /home/ncvs/ports/security/opensaml2/Makefile,v
retrieving revision 1.12
diff -u -r1.12 Makefile
--- security/opensaml2/Makefile 27 Jun 2011 02:57:28 -0000 1.12
+++ security/opensaml2/Makefile 26 Jul 2011 01:15:23 -0000
@@ -6,9 +6,9 @@
#
PORTNAME= opensaml2
-PORTVERSION= 2.4.1
+PORTVERSION= 2.4.3
CATEGORIES= security
-MASTER_SITES= http://shibboleth.internet2.edu/downloads/opensaml/cpp/${PORTVERSION}/
+MASTER_SITES= http://www.shibboleth.net/downloads/c++-opensaml/${PORTVERSION}/
DISTNAME= opensaml-${PORTVERSION}
MAINTAINER= janos.mohacsi at bsd.hu
Index: security/opensaml2/distinfo
===================================================================
RCS file: /home/ncvs/ports/security/opensaml2/distinfo,v
retrieving revision 1.8
diff -u -r1.8 distinfo
--- security/opensaml2/distinfo 27 Jun 2011 02:57:28 -0000 1.8
+++ security/opensaml2/distinfo 26 Jul 2011 01:15:23 -0000
@@ -1,2 +1,2 @@
-SHA256 (opensaml-2.4.1.tar.gz) = 89289f882da19bab5d1476943d75c2f7fa97776980bfa86c7395b573603a2ecb
-SIZE (opensaml-2.4.1.tar.gz) = 870509
+SHA256 (opensaml-2.4.3.tar.gz) = 850187c7dd664f9216a387bcc9e08f36643f04ddc08d11551e33a46dd15d2539
+SIZE (opensaml-2.4.3.tar.gz) = 871693
Index: security/opensaml2/pkg-descr
===================================================================
RCS file: /home/ncvs/ports/security/opensaml2/pkg-descr,v
retrieving revision 1.4
diff -u -r1.4 pkg-descr
--- security/opensaml2/pkg-descr 22 Nov 2008 15:55:56 -0000 1.4
+++ security/opensaml2/pkg-descr 26 Jul 2011 01:15:23 -0000
@@ -1,4 +1,4 @@
OpenSAML 2, a re-rewrite of OpenSAML 1, supports SAML 1.0, 1.1, 2.0 but is
not backwards compatible with OpenSAML 1.
-WWW: https://spaces.internet2.edu/display/OpenSAML/Home
+WWW: https://wiki.shibboleth.net/confluence/display/OpenSAML/Home
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list