kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Update Shibboleth and its tool chain to 3.0.4

Browse source 
The security problem was patched alreadyin 3.0.3p1, but all users are
recommended to update to the latest version at next service window.

Security:	CVE-2019-9628
		https://shibboleth.net/community/advisories/secadv_20190311.txt
Release notes:	https://wiki.shibboleth.net/confluence/display/SP3/ReleaseNotes
This commit is contained in:
Palle Girgensohn 2019-03-11 17:02:37 +00:00
parent 4496beb696
commit 7cef8efa97
Notes: svn2git 2021-03-31 03:12:20 +00:00 
svn path=/head/; revision=495367
10 changed files with 18 additions and 63 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
devel/xmltooling/Makefile
View file

@ -2,10 +2,9 @@
# $FreeBSD$
PORTNAME= xmltooling
PORTVERSION= 3.0.3
PORTREVISION= 1
PORTVERSION= 3.0.4
CATEGORIES= devel security
MASTER_SITES= http://shibboleth.net/downloads/c++-opensaml/3.0.0/
MASTER_SITES= http://shibboleth.net/downloads/c++-opensaml/3.0.1/
MAINTAINER= girgen@FreeBSD.org
COMMENT= Low level XML support for SAML

6
devel/xmltooling/distinfo
View file

@ -1,3 +1,3 @@
TIMESTAMP = 1545314057
SHA256 (xmltooling-3.0.3.tar.bz2) = 875b485eedd5d45010a1aab8d0bf937aba9af7198794426fe63b5c807331a6ca
SIZE (xmltooling-3.0.3.tar.bz2) = 608122
TIMESTAMP = 1552308686
SHA256 (xmltooling-3.0.4.tar.bz2) = bb87febe730f97fc58f6f6b6782d7ab89bf240944dd6e5f1c1d9681254bb9a88
SIZE (xmltooling-3.0.4.tar.bz2) = 608437

43
devel/xmltooling/files/patch-xmltooling_util_ParserPool.cpp
View file

@ -1,43 +0,0 @@
commit af27c422f551e16989ff6f1722d83614c8550eb5
Author: Scott Cantor <cantor.2@osu.edu>
Date: Wed Mar 6 21:14:13 2019 -0500
CPPXT - Crash due to uncaught DOMException
https://issues.shibboleth.net/jira/browse/CPPXT-143
diff --git a/xmltooling/util/ParserPool.cpp b/xmltooling/util/ParserPool.cpp
index 5d96b66..da23846 100644
--- xmltooling/util/ParserPool.cpp
+++ xmltooling/util/ParserPool.cpp
@@ -148,14 +148,28 @@ DOMDocument* ParserPool::parse(DOMLSInput& domsrc)
checkinBuilder(janitor.release());
return doc;
}
- catch (XMLException& ex) {
+ catch (const DOMException& ex) {
+ parser->getDomConfig()->setParameter(XMLUni::fgDOMErrorHandler, (void*)nullptr);
+ parser->getDomConfig()->setParameter(XMLUni::fgXercesUserAdoptsDOMDocument, true);
+ checkinBuilder(janitor.release());
+ auto_ptr_char temp(ex.getMessage());
+ throw XMLParserException(string("DOM error during parsing: ") + (temp.get() ? temp.get() : "no message"));
+ }
+ catch (const SAXException& ex) {
+ parser->getDomConfig()->setParameter(XMLUni::fgDOMErrorHandler, (void*)nullptr);
+ parser->getDomConfig()->setParameter(XMLUni::fgXercesUserAdoptsDOMDocument, true);
+ checkinBuilder(janitor.release());
+ auto_ptr_char temp(ex.getMessage());
+ throw XMLParserException(string("SAX error during parsing: ") + (temp.get() ? temp.get() : "no message"));
+ }
+ catch (const XMLException& ex) {
parser->getDomConfig()->setParameter(XMLUni::fgDOMErrorHandler, (void*)nullptr);
parser->getDomConfig()->setParameter(XMLUni::fgXercesUserAdoptsDOMDocument, true);
checkinBuilder(janitor.release());
auto_ptr_char temp(ex.getMessage());
throw XMLParserException(string("Xerces error during parsing: ") + (temp.get() ? temp.get() : "no message"));
}
- catch (XMLToolingException&) {
+ catch (const XMLToolingException&) {
parser->getDomConfig()->setParameter(XMLUni::fgDOMErrorHandler, (void*)nullptr);
parser->getDomConfig()->setParameter(XMLUni::fgXercesUserAdoptsDOMDocument, true);
checkinBuilder(janitor.release());

4
devel/xmltooling/pkg-plist
View file

@ -87,10 +87,10 @@ include/xmltooling/validation/ValidatorSuite.h
include/xmltooling/version.h
lib/libxmltooling-lite.so
lib/libxmltooling-lite.so.8
lib/libxmltooling-lite.so.8.0.3
lib/libxmltooling-lite.so.8.0.4
lib/libxmltooling.so
lib/libxmltooling.so.8
lib/libxmltooling.so.8.0.3
lib/libxmltooling.so.8.0.4
libdata/pkgconfig/xmltooling-lite.pc
libdata/pkgconfig/xmltooling.pc
share/xml/xmltooling/catalog.xml

3
security/opensaml/Makefile
View file

@ -2,8 +2,7 @@
# $FreeBSD$
PORTNAME= opensaml
PORTVERSION= 3.0.0
PORTREVISION= 2
PORTVERSION= 3.0.1
CATEGORIES= security
MASTER_SITES= http://shibboleth.net/downloads/c++-opensaml/${PORTVERSION}/

6
security/opensaml/distinfo
View file

@ -1,3 +1,3 @@
TIMESTAMP = 1533580413
SHA256 (opensaml-3.0.0.tar.bz2) = a9cb72e41cc9d1af08a3d7c7843410eb41d4e97d88d516db7f0e2da1243e296e
SIZE (opensaml-3.0.0.tar.bz2) = 587569
TIMESTAMP = 1552308560
SHA256 (opensaml-3.0.1.tar.bz2) = 80c1672929e3bfc3233e5a995517bc678c479ad925f0cdf9cacffaa7c786cc29
SIZE (opensaml-3.0.1.tar.bz2) = 587810

2
security/opensaml/pkg-plist
View file

@ -44,7 +44,7 @@ include/saml/util/SAMLConstants.h
include/saml/version.h
lib/libsaml.so
lib/libsaml.so.10
lib/libsaml.so.10.0.0
lib/libsaml.so.10.0.1
libdata/pkgconfig/opensaml.pc
%%PORTDOCS%%%%DOCSDIR%%/README.txt
%%PORTDOCS%%%%DOCSDIR%%/LICENSE.txt

2
security/shibboleth-sp/Makefile
View file

@ -2,7 +2,7 @@
# $FreeBSD$
PORTNAME= shibboleth-sp
PORTVERSION= 3.0.3
PORTVERSION= 3.0.4
CATEGORIES= security www
MASTER_SITES= http://shibboleth.net/downloads/service-provider/${PORTVERSION}/

6
security/shibboleth-sp/distinfo
View file

@ -1,3 +1,3 @@
TIMESTAMP = 1545262499
SHA256 (shibboleth-sp-3.0.3.tar.bz2) = 805b6cf386bf4c08062c1ffa89f77a52d4236c6aa8f8dc0dc4a27eb49ebbc17a
SIZE (shibboleth-sp-3.0.3.tar.bz2) = 806450
TIMESTAMP = 1552308631
SHA256 (shibboleth-sp-3.0.4.tar.bz2) = f5dc0fd028b74db4aaae76b59ec98e8a719c38cfe0f1d722feb2d5e0b9880cff
SIZE (shibboleth-sp-3.0.4.tar.bz2) = 806213

4
security/shibboleth-sp/pkg-plist
View file

@ -92,7 +92,7 @@ include/shibsp/util/TemplateParameters.h
include/shibsp/version.h
lib/libshibsp.so
lib/libshibsp.so.8
lib/libshibsp.so.8.0.3
lib/libshibsp.so.8.0.4
lib/shibboleth/adfs.so
lib/shibboleth/adfs-lite.so
%%MEMCACHED%%lib/shibboleth/memcache-store.so
@ -104,7 +104,7 @@ lib/shibboleth/plugins.so
%%FASTCGI%%lib/shibboleth/shibresponder
lib/libshibsp-lite.so
lib/libshibsp-lite.so.8
lib/libshibsp-lite.so.8.0.3
lib/libshibsp-lite.so.8.0.4
libdata/pkgconfig/shibsp-lite.pc
libdata/pkgconfig/shibsp.pc
sbin/shibd