aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPalle Girgensohn <girgen@FreeBSD.org>2021-04-26 08:46:07 +0000
committerPalle Girgensohn <girgen@FreeBSD.org>2021-04-26 08:51:17 +0000
commit19889886e54f734191490f09765d631b9b67f0a7 (patch)
tree1527c73dfefbb7789eef382a8e102d17ce26a231
parent73f85df5fe83a1ccb39229579bdffb4caaa296d1 (diff)
downloadports-19889886e54f734191490f09765d631b9b67f0a7.tar.gz
ports-19889886e54f734191490f09765d631b9b67f0a7.zip
security/shibboleth-sp: Update to 3.2.2
This is a security fix for an issue that has not yet been disclosed. The vuxml entry will be updated once the CVE is available. The patch to mitigate the vulnerability was introduced already on 2021-04-23 in the FreeBSD port as 3.2.1_1. Security: e4403051-a667-11eb-b9c9-6cc21735f730
-rw-r--r--security/shibboleth-sp/Makefile3
-rw-r--r--security/shibboleth-sp/distinfo6
-rw-r--r--security/shibboleth-sp/files/patch-shibsp_impl_StorageServiceSessionCache.cpp31
-rw-r--r--security/shibboleth-sp/pkg-plist4
4 files changed, 6 insertions, 38 deletions
diff --git a/security/shibboleth-sp/Makefile b/security/shibboleth-sp/Makefile
index 1fe26dee2eaa..fe8a495afcff 100644
--- a/security/shibboleth-sp/Makefile
+++ b/security/shibboleth-sp/Makefile
@@ -1,8 +1,7 @@
# Created by: Janos Mohacsi <janos.mohacsi@bsd.hu>
PORTNAME= shibboleth-sp
-PORTVERSION= 3.2.1
-PORTREVISION= 1
+PORTVERSION= 3.2.2
CATEGORIES= security www
MASTER_SITES= http://shibboleth.net/downloads/service-provider/${PORTVERSION}/
diff --git a/security/shibboleth-sp/distinfo b/security/shibboleth-sp/distinfo
index 5732cc0e1343..ef9bd0881c4a 100644
--- a/security/shibboleth-sp/distinfo
+++ b/security/shibboleth-sp/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1615929563
-SHA256 (shibboleth-sp-3.2.1.tar.bz2) = 8acde18566bbf987c4022a6f19d0c2df0d306e9344810aec1b6b8b9100d271ef
-SIZE (shibboleth-sp-3.2.1.tar.bz2) = 811714
+TIMESTAMP = 1619424965
+SHA256 (shibboleth-sp-3.2.2.tar.bz2) = e5db65b39cd3f078ff683c792558aa549d46ffc627a70faf3ef4637b2892e767
+SIZE (shibboleth-sp-3.2.2.tar.bz2) = 816128
diff --git a/security/shibboleth-sp/files/patch-shibsp_impl_StorageServiceSessionCache.cpp b/security/shibboleth-sp/files/patch-shibsp_impl_StorageServiceSessionCache.cpp
deleted file mode 100644
index 7cb55f5f16d5..000000000000
--- a/security/shibboleth-sp/files/patch-shibsp_impl_StorageServiceSessionCache.cpp
+++ /dev/null
@@ -1,31 +0,0 @@
-From 5a47c3b9378f4c49392dd4d15189b70956f9f2ec Mon Sep 17 00:00:00 2001
-From: Scott Cantor <cantor.2@osu.edu>
-Date: Thu, 22 Apr 2021 15:58:43 -0400
-Subject: [PATCH] SSPCPP-927 - Check for missing DataSealer during cookie recovery
-
-https://issues.shibboleth.net/jira/browse/SSPCPP-927
-
---- shibsp/impl/StorageServiceSessionCache.cpp.orig 2020-12-07 20:51:12.000000000 +0000
-+++ shibsp/impl/StorageServiceSessionCache.cpp 2021-04-23 16:17:00.398821000 +0000
-@@ -1148,6 +1148,12 @@
- else {
- // We're out of process, so we can recover the session.
- #ifndef SHIBSP_LITE
-+ const DataSealer* sealer = XMLToolingConfig::getConfig().getDataSealer();
-+ if (!sealer) {
-+ m_log.warn("can't attempt recovery of session (%s), no DataSealer configured", key);
-+ return false;
-+ }
-+
- m_log.debug("checking for revocation of session (%s)", key);
- try {
- if (m_storage_lite->readString("Revoked", key) > 0) {
-@@ -1174,7 +1180,7 @@
- try {
- dup = strdup(data);
- XMLToolingConfig::getConfig().getURLEncoder()->decode(dup);
-- unwrapped = XMLToolingConfig::getConfig().getDataSealer()->unwrap(dup);
-+ unwrapped = sealer->unwrap(dup);
- free(dup);
-
- stringstream str(unwrapped);
diff --git a/security/shibboleth-sp/pkg-plist b/security/shibboleth-sp/pkg-plist
index 80a2af88d06a..d1fd2aeab2ac 100644
--- a/security/shibboleth-sp/pkg-plist
+++ b/security/shibboleth-sp/pkg-plist
@@ -92,7 +92,7 @@ include/shibsp/util/TemplateParameters.h
include/shibsp/version.h
lib/libshibsp.so
lib/libshibsp.so.10
-lib/libshibsp.so.10.0.0
+lib/libshibsp.so.10.0.1
lib/shibboleth/adfs.so
lib/shibboleth/adfs-lite.so
%%MEMCACHED%%lib/shibboleth/memcache-store.so
@@ -104,7 +104,7 @@ lib/shibboleth/plugins.so
%%FASTCGI%%lib/shibboleth/shibresponder
lib/libshibsp-lite.so
lib/libshibsp-lite.so.10
-lib/libshibsp-lite.so.10.0.0
+lib/libshibsp-lite.so.10.0.1
libdata/pkgconfig/shibsp-lite.pc
libdata/pkgconfig/shibsp.pc
sbin/shibd