notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)
Want a good monitor light? See my photosAll times are UTC
Ukraine
This referral link gives you 10% off a Fastmail.com account and gives me a discount on my Fastmail account.

Get notified when packages are built

A new feature has been added. FreshPorts already tracks package built by the FreeBSD project. This information is displayed on each port page. You can now get an email when FreshPorts notices a new package is available for something on one of your watch lists. However, you must opt into that. Click on Report Subscriptions on the right, and New Package Notification box, and click on Update.

Finally, under Watch Lists, click on ABI Package Subscriptions to select your ABI (e.g. FreeBSD:14:amd64) & package set (latest/quarterly) combination for a given watch list. This is what FreshPorts will look for.

Port details
shibboleth-sp C++ Shibboleth Service Provider (Internet2) for Apache
3.4.1_1 security on this many watch lists=0 search for ports that depend on this port An older version of this port was marked as vulnerable. Find issues related to this port Report an issue related to this port View this port on Repology. pkg-fallout 3.4.1_1Version of this port present on the latest quarterly branch.
Maintainer: girgen@FreeBSD.org search for ports maintained by this maintainer
Port Added: 2007-08-03 23:21:42
Last Update: 2023-08-16 02:31:00
Commit Hash: 1d9ac15
Also Listed In: www
License: APACHE20
WWW:
http://shibboleth.internet2.edu/
Description:
Shibboleth is standards-based, open source middleware software which provides Web Single SignOn (SSO) across or within organizational boundaries. It allows sites to make informed authorization decisions for individual access of protected online resources in a privacy-preserving manner. This software is a C++ implementation of the Service Provider version 2 component of the Shibboleth can be used in Apache Web servers. The service provider manages secured resources. User access to resources is based on assertions received by the service provider (SP) from an identity provider.
Homepage    cgit ¦ Codeberg ¦ GitHub ¦ GitLab ¦ SVNWeb

Manual pages:
FreshPorts has no man page information for this port.
pkg-plist: as obtained via: make generate-plist
Expand this list (148 items)
Collapse this list.
  1. @ldconfig
  2. /usr/local/share/licenses/shibboleth-sp-3.4.1_1/catalog.mk
  3. /usr/local/share/licenses/shibboleth-sp-3.4.1_1/LICENSE
  4. /usr/local/share/licenses/shibboleth-sp-3.4.1_1/APACHE20
  5. bin/mdquery
  6. bin/resolvertest
  7. etc/shibboleth/metagen.sh
  8. @sample etc/shibboleth/native.logger.dist etc/shibboleth/native.logger
  9. @sample etc/shibboleth/shibd.logger.dist etc/shibboleth/shibd.logger
  10. @sample etc/shibboleth/shibboleth2.xml.dist etc/shibboleth/shibboleth2.xml
  11. @sample etc/shibboleth/attribute-map.xml.dist etc/shibboleth/attribute-map.xml
  12. @sample etc/shibboleth/attribute-policy.xml.dist etc/shibboleth/attribute-policy.xml
  13. @sample etc/shibboleth/example-metadata.xml.dist etc/shibboleth/example-metadata.xml
  14. @sample etc/shibboleth/console.logger.dist etc/shibboleth/console.logger
  15. @sample etc/shibboleth/sessionError.html.dist etc/shibboleth/sessionError.html
  16. @sample etc/shibboleth/metadataError.html.dist etc/shibboleth/metadataError.html
  17. @sample etc/shibboleth/bindingTemplate.html.dist etc/shibboleth/bindingTemplate.html
  18. @sample etc/shibboleth/discoveryTemplate.html.dist etc/shibboleth/discoveryTemplate.html
  19. @sample etc/shibboleth/localLogout.html.dist etc/shibboleth/localLogout.html
  20. @sample etc/shibboleth/globalLogout.html.dist etc/shibboleth/globalLogout.html
  21. @sample etc/shibboleth/sslError.html.dist etc/shibboleth/sslError.html
  22. @sample etc/shibboleth/example-shibboleth2.xml.dist etc/shibboleth/example-shibboleth2.xml
  23. @sample etc/shibboleth/protocols.xml.dist etc/shibboleth/protocols.xml
  24. @sample etc/shibboleth/security-policy.xml.dist etc/shibboleth/security-policy.xml
  25. etc/shibboleth/seckeygen.sh
  26. etc/shibboleth/shibd-amazon
  27. etc/shibboleth/shibd-redhat
  28. etc/shibboleth/shibd-debian
  29. etc/shibboleth/shibd-suse
  30. @comment etc/shibboleth/shibd-systemd
  31. etc/shibboleth/shibd-osx.plist
  32. etc/shibboleth/apache.config
  33. etc/shibboleth/apache2.config
  34. @sample etc/shibboleth/attrChecker.html.dist etc/shibboleth/attrChecker.html
  35. etc/shibboleth/apache22.config
  36. etc/shibboleth/apache24.config
  37. etc/shibboleth/keygen.sh
  38. @sample etc/shibboleth/postTemplate.html.dist etc/shibboleth/postTemplate.html
  39. @sample etc/shibboleth/partialLogout.html.dist etc/shibboleth/partialLogout.html
  40. include/shibsp/AbstractSPRequest.h
  41. include/shibsp/AccessControl.h
  42. include/shibsp/Application.h
  43. include/shibsp/GSSRequest.h
  44. include/shibsp/RequestMapper.h
  45. include/shibsp/SPConfig.h
  46. include/shibsp/SPRequest.h
  47. include/shibsp/ServiceProvider.h
  48. include/shibsp/SessionCache.h
  49. include/shibsp/TransactionLog.h
  50. include/shibsp/attribute/Attribute.h
  51. include/shibsp/attribute/AttributeDecoder.h
  52. include/shibsp/attribute/BinaryAttribute.h
  53. include/shibsp/attribute/ExtensibleAttribute.h
  54. include/shibsp/attribute/NameIDAttribute.h
  55. include/shibsp/attribute/ScopedAttribute.h
  56. include/shibsp/attribute/SimpleAttribute.h
  57. include/shibsp/attribute/XMLAttribute.h
  58. include/shibsp/attribute/filtering/AttributeFilter.h
  59. include/shibsp/attribute/filtering/BasicFilteringContext.h
  60. include/shibsp/attribute/filtering/FilterPolicyContext.h
  61. include/shibsp/attribute/filtering/FilteringContext.h
  62. include/shibsp/attribute/filtering/MatchFunctor.h
  63. include/shibsp/attribute/resolver/AttributeExtractor.h
  64. include/shibsp/attribute/resolver/AttributeResolver.h
  65. include/shibsp/attribute/resolver/ResolutionContext.h
  66. include/shibsp/base.h
  67. include/shibsp/binding/ArtifactResolver.h
  68. include/shibsp/binding/ProtocolProvider.h
  69. include/shibsp/binding/SOAPClient.h
  70. include/shibsp/config_pub.h
  71. include/shibsp/exceptions.h
  72. include/shibsp/handler/AbstractHandler.h
  73. include/shibsp/handler/AssertionConsumerService.h
  74. include/shibsp/handler/Handler.h
  75. include/shibsp/handler/LogoutHandler.h
  76. include/shibsp/handler/LogoutInitiator.h
  77. include/shibsp/handler/RemotedHandler.h
  78. include/shibsp/handler/SecuredHandler.h
  79. include/shibsp/handler/SessionInitiator.h
  80. include/shibsp/lite/CommonDomainCookie.h
  81. include/shibsp/lite/SAMLConstants.h
  82. include/shibsp/metadata/MetadataExt.h
  83. include/shibsp/metadata/MetadataProviderCriteria.h
  84. include/shibsp/paths.h
  85. include/shibsp/remoting/ListenerService.h
  86. include/shibsp/remoting/ddf.h
  87. include/shibsp/security/PKIXTrustEngine.h
  88. include/shibsp/security/SecurityPolicy.h
  89. include/shibsp/security/SecurityPolicyProvider.h
  90. include/shibsp/util/CGIParser.h
  91. include/shibsp/util/DOMPropertySet.h
  92. include/shibsp/util/IPRange.h
  93. include/shibsp/util/PropertySet.h
  94. include/shibsp/util/SPConstants.h
  95. include/shibsp/util/TemplateParameters.h
  96. include/shibsp/version.h
  97. lib/libshibsp.so
  98. lib/libshibsp.so.11
  99. lib/libshibsp.so.11.0.1
  100. lib/shibboleth/adfs.so
  101. lib/shibboleth/adfs-lite.so
  102. @comment %%MEMCACHED%%lib/shibboleth/memcache-store.so
  103. lib/shibboleth/odbc-store.so
  104. lib/shibboleth/plugins-lite.so
  105. lib/shibboleth/plugins.so
  106. lib/shibboleth/mod_shib_24.so
  107. @comment lib/shibboleth/shibauthorizer
  108. @comment lib/shibboleth/shibresponder
  109. lib/libshibsp-lite.so
  110. lib/libshibsp-lite.so.11
  111. lib/libshibsp-lite.so.11.0.1
  112. libdata/pkgconfig/shibsp-lite.pc
  113. libdata/pkgconfig/shibsp.pc
  114. sbin/shibd
  115. share/xml/shibboleth/MetadataExchange.xsd
  116. share/xml/shibboleth/WS-Trust.xsd
  117. share/xml/shibboleth/catalog.xml
  118. share/xml/shibboleth/oasis-200401-wss-wssecurity-secext-1.0.xsd
  119. share/xml/shibboleth/oasis-200401-wss-wssecurity-utility-1.0.xsd
  120. share/xml/shibboleth/shibboleth-2.0-afp-mf-basic.xsd
  121. share/xml/shibboleth/shibboleth-2.0-afp-mf-saml.xsd
  122. share/xml/shibboleth/shibboleth-2.0-afp.xsd
  123. share/xml/shibboleth/shibboleth-2.0-attribute-map.xsd
  124. share/xml/shibboleth/shibboleth-2.0-native-sp-config.xsd
  125. share/xml/shibboleth/shibboleth-2.0-native-sp-protocols.xsd
  126. share/xml/shibboleth/shibboleth-2.0-sp-notify.xsd
  127. share/xml/shibboleth/shibboleth-3.0-native-sp-config.xsd
  128. share/xml/shibboleth/shibboleth-metadata-1.0.xsd
  129. share/xml/shibboleth/shibboleth.xsd
  130. share/xml/shibboleth/ws-addr.xsd
  131. share/xml/shibboleth/ws-authorization.xsd
  132. share/xml/shibboleth/ws-federation.xsd
  133. share/xml/shibboleth/ws-securitypolicy-1.2.xsd
  134. share/doc/shibboleth/CREDITS.txt
  135. share/doc/shibboleth/FASTCGI.LICENSE
  136. share/doc/shibboleth/LICENSE.txt
  137. share/doc/shibboleth/LOG4CPP.LICENSE
  138. share/doc/shibboleth/NOTICE.txt
  139. share/doc/shibboleth/OPENSSL.LICENSE
  140. share/doc/shibboleth/README.txt
  141. share/doc/shibboleth/RELEASE.txt
  142. share/doc/shibboleth/main.css
  143. @dir(shibd,shibd,755) /var/log/shibboleth
  144. @dir(shibd,shibd,755) /var/cache/shibboleth
  145. @dir(shibd,www,750) /var/run/shibboleth
  146. @owner
  147. @group
  148. @mode
Collapse this list.
Dependency lines:
  • shibboleth-sp>0:security/shibboleth-sp
To install the port:
cd /usr/ports/security/shibboleth-sp/ && make install clean
To add the package, run one of these commands:
  • pkg install security/shibboleth-sp
  • pkg install shibboleth-sp
NOTE: If this package has multiple flavors (see below), then use one of them instead of the name specified above.
PKGNAME: shibboleth-sp
Flavors: there is no flavor information for this port.
distinfo:
TIMESTAMP = 1673426052 SHA256 (shibboleth-sp-3.4.1.tar.bz2) = bffe3e62e46d86cc75db1093b77fa1456b30da7c930a13708afa0139c8a8acc1 SIZE (shibboleth-sp-3.4.1.tar.bz2) = 830667

Packages (timestamps in pop-ups are UTC):
shibboleth-sp
ABIaarch64amd64armv6armv7i386powerpcpowerpc64powerpc64le
FreeBSD:13:latest3.4.1_13.4.1_13.2.0_13.4.1_13.4.1_1-3.2.0_1-
FreeBSD:13:quarterly3.4.1_13.4.1_13.4.1_13.4.1_13.4.1_13.4.1_13.4.1_13.4.1_1
FreeBSD:14:latest3.4.1_13.4.1_13.4.13.4.1_13.4.1_13.4.1_1-3.4.1_1
FreeBSD:14:quarterly3.4.1_13.4.1_1-3.4.1_13.4.1_13.4.1_13.4.1_13.4.1_1
FreeBSD:15:latest3.4.1_13.4.1_1n/a3.4.1_1n/a3.4.1_13.4.1_13.4.1_1
FreeBSD:15:quarterly--n/a-n/a---
Dependencies
NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.
Build dependencies:
  1. boost-libs>=0 : devel/boost-libs
  2. gmake>=4.3 : devel/gmake
  3. pkgconf>=1.3.0_1 : devel/pkgconf
  4. apxs : www/apache24
Runtime dependencies:
  1. apxs : www/apache24
Library dependencies:
  1. libsaml.so : security/opensaml
  2. liblog4shib.so : devel/log4shib
  3. libxerces-c-3.2.so : textproc/xerces-c3
  4. libxml-security-c.so : security/apache-xml-security-c
  5. libxmltooling.so : devel/xmltooling
  6. libapr-1.so : devel/apr1
  7. libgdbm.so : databases/gdbm
  8. libexpat.so : textproc/expat2
  9. libodbc.so : databases/unixODBC
  10. libdb-5.3.so : databases/db5
There are no ports dependent upon this port

Configuration Options:
===> The following configuration options are available for shibboleth-sp-3.4.1_1: ====> Webserver modules FASTCGI=off: FastCGI protocol support, e.g. for NGINX APACHE=on: Build Apache module ====> Optional session storage ODBC=on: ODBC database backend - store sessions in a database ===> Use 'make config' to modify these settings
Options name:
security_shibboleth-sp
USES:
gmake tar:bzip2 cpe pkgconfig libtool bdb apache
FreshPorts was unable to extract/find any pkg message
Master Sites:
Expand this list (1 items)
Collapse this list.
  1. http://shibboleth.net/downloads/service-provider/3.4.1/
Collapse this list.

Number of commits found: 34

Commit History - (may be incomplete: for full details, see links to repositories near top of page)
CommitCreditsLog message
3.4.1_1
16 Aug 2023 02:31:00
commit hash: 1d9ac156fbbf92a432538dc300020c09f94832eecommit hash: 1d9ac156fbbf92a432538dc300020c09f94832eecommit hash: 1d9ac156fbbf92a432538dc300020c09f94832eecommit hash: 1d9ac156fbbf92a432538dc300020c09f94832ee files touched by this commit
Muhammad Moinur Rahman (bofh) search for other commits by this committer
security/shibboleth-sp: Fix build with llvm16

Approved by:	portmgr (blanket)
Sponsored by:	The FreeBSD Foundation
3.4.1_1
12 Jun 2023 15:09:11
commit hash: 37548fca60c3733e77d6020dcacabd1540f39e64commit hash: 37548fca60c3733e77d6020dcacabd1540f39e64commit hash: 37548fca60c3733e77d6020dcacabd1540f39e64commit hash: 37548fca60c3733e77d6020dcacabd1540f39e64 files touched by this commit
Palle Girgensohn (girgen) search for other commits by this committer
devel/xmltooling: update to 3.2.4

An updated version of the XMLTooling library that is part of the
OpenSAML and Shibboleth Service Provider software is now available
which corrects a server-side request forgery (SSRF) vulnerability.

Security:	f7e9a1cc-0931-11ee-94b4-6cc21735f730
3.4.1
25 Jan 2023 17:54:07
commit hash: 40843b1ccb8f70cca82dd115a71a46ae2a97a450commit hash: 40843b1ccb8f70cca82dd115a71a46ae2a97a450commit hash: 40843b1ccb8f70cca82dd115a71a46ae2a97a450commit hash: 40843b1ccb8f70cca82dd115a71a46ae2a97a450 files touched by this commit
Muhammad Moinur Rahman (bofh) search for other commits by this committer
Mk/Uses/apache.mk: Refactor after removal of older versions

apache22 and apache25 had been removed a long time ago however the
apache.mk file has never been refactored and is out of sync from the
file Mk/bsd.default-versions.mk. These changes refactors the removals of
the older versions. In addition:

- Move some keywords like USE_APACHE, USE_APACHE_BUILD, USE_APACHE_RUN
  from SANITY_DEPRECATED to SANITY_UNSUPPORTED
- Remove apache versions from ports Makefiles as currently there is only
  one available version in the tree. However the version checks are
  still valid and should work flawlessly whenever a new version is
  added. For example USES=apache:2.2+ are simply replaced with
  USES=apache. As currently there are no other versions available for
  test this could not be checked on it's own ground.
- Update FOO_USE=APACHE=yes to FOO_USES=apache
- Remove trailing whitespaces

Approved by:    portmgr
Differential Revision: https://reviews.freebsd.org/D38113
3.4.1
11 Jan 2023 14:46:40
commit hash: a9e71595d93377de9af87a999cd128f3f43069e5commit hash: a9e71595d93377de9af87a999cd128f3f43069e5commit hash: a9e71595d93377de9af87a999cd128f3f43069e5commit hash: a9e71595d93377de9af87a999cd128f3f43069e5 files touched by this commit
Palle Girgensohn (girgen) search for other commits by this committer
shibboleth-sp: Update to 3.4.1

A patch release of the Service Provider, V3.4.1, is now available. This
release fixes a couple of small bugs and adds a warning requested by one
of our member organizations in the absence of the redirectLimit setting,
which leads to SPs being abused as open redirectors.

Notably, this release includes an update to the xmltooling library that
hardens the code base against the sorts of attacks reported against the
IdP in the recent advisory. The SP is, as far as can be determined, not
impacted directly by that vulnerability, but this is a precautionary
change.

Release
notes:	https://shibboleth.atlassian.net/wiki/spaces/SP3/pages/2065335693/ReleaseNotes
3.4.0
07 Nov 2022 17:03:06
commit hash: b4e7dc9bf4a25f8fb4858b55d811f2b001a49602commit hash: b4e7dc9bf4a25f8fb4858b55d811f2b001a49602commit hash: b4e7dc9bf4a25f8fb4858b55d811f2b001a49602commit hash: b4e7dc9bf4a25f8fb4858b55d811f2b001a49602 files touched by this commit
Palle Girgensohn (girgen) search for other commits by this committer
security/shibboleth-sp: update to 3.4.0

This is a minor update containing a new setting suggested by a
contributor (thus the unplanned minor version change) controlling
retries when TCP connections to shibd are used. The other changes are
minimal in nature.

Update the toolchain as well:

devel/xmltooling
textproc/xerces-c3

and bump PORTREVISION for security/opensaml due to dependencies'
updates.

Release notes:	https://wiki.shibboleth.net/confluence/display/SP3/ReleaseNotes
07 Sep 2022 21:58:51
commit hash: fb16dfecae4a6efac9f3a78e0b759fb7a3c53de4commit hash: fb16dfecae4a6efac9f3a78e0b759fb7a3c53de4commit hash: fb16dfecae4a6efac9f3a78e0b759fb7a3c53de4commit hash: fb16dfecae4a6efac9f3a78e0b759fb7a3c53de4 files touched by this commit
Stefan Eßer (se) search for other commits by this committer
Remove WWW entries moved into port Makefiles

Commit b7f05445c00f has added WWW entries to port Makefiles based on
WWW: lines in pkg-descr files.

This commit removes the WWW: lines of moved-over URLs from these
pkg-descr files.

Approved by:		portmgr (tcberner)
3.3.0_2
07 Sep 2022 21:10:59
commit hash: b7f05445c00f2625aa19b4154ebcbce5ed2daa52commit hash: b7f05445c00f2625aa19b4154ebcbce5ed2daa52commit hash: b7f05445c00f2625aa19b4154ebcbce5ed2daa52commit hash: b7f05445c00f2625aa19b4154ebcbce5ed2daa52 files touched by this commit
Stefan Eßer (se) search for other commits by this committer
Add WWW entries to port Makefiles

It has been common practice to have one or more URLs at the end of the
ports' pkg-descr files, one per line and prefixed with "WWW:". These
URLs should point at a project website or other relevant resources.

Access to these URLs required processing of the pkg-descr files, and
they have often become stale over time. If more than one such URL was
present in a pkg-descr file, only the first one was tarnsfered into
the port INDEX, but for many ports only the last line did contain the
port specific URL to further information.

There have been several proposals to make a project URL available as
a macro in the ports' Makefiles, over time.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
3.3.0_2
12 Aug 2022 14:46:53
commit hash: 4cf39decb348615b9c8a28370d987a85d1b8a5edcommit hash: 4cf39decb348615b9c8a28370d987a85d1b8a5edcommit hash: 4cf39decb348615b9c8a28370d987a85d1b8a5edcommit hash: 4cf39decb348615b9c8a28370d987a85d1b8a5ed files touched by this commit
Dima Panov (fluffy) search for other commits by this committer
*/*: bump all consumers after recent boost upgrade
3.3.0_1
20 Jul 2022 14:22:56
commit hash: 857c05f8674c5f4c990f49f9d0fb7034ebd340fecommit hash: 857c05f8674c5f4c990f49f9d0fb7034ebd340fecommit hash: 857c05f8674c5f4c990f49f9d0fb7034ebd340fecommit hash: 857c05f8674c5f4c990f49f9d0fb7034ebd340fe files touched by this commit
Tobias C. Berner (tcberner) search for other commits by this committer
security: remove 'Created by' lines

A big Thank You to the original contributors of these ports:

  *  <ports@c0decafe.net>
  *  Aaron Dalton <aaron@FreeBSD.org>
  *  Adam Weinberger <adamw@FreeBSD.org>
  *  Ade Lovett <ade@FreeBSD.org>
  *  Aldis Berjoza <aldis@bsdroot.lv>
  *  Alex Dupre <ale@FreeBSD.org>
  *  Alex Kapranoff <kappa@rambler-co.ru>
  *  Alex Samorukov <samm@freebsd.org>
  *  Alexander Botero-Lowry <alex@foxybanana.com>
  *  Alexander Kriventsov <avk@vl.ru>
  *  Alexander Leidinger <netchild@FreeBSD.org>
(Only the first 15 lines of the commit message are shown above View all of this commit message)
3.3.0_1
20 Dec 2021 14:02:27
commit hash: d4c09351b85fa9f3fce34923ed1e8b1cddb0bd38commit hash: d4c09351b85fa9f3fce34923ed1e8b1cddb0bd38commit hash: d4c09351b85fa9f3fce34923ed1e8b1cddb0bd38commit hash: d4c09351b85fa9f3fce34923ed1e8b1cddb0bd38 files touched by this commit
Palle Girgensohn (girgen) search for other commits by this committer
security/shibboleth-sp: Silence bogus apache 1.3 warning

PR:		260482
Submitted by:	Craig Leres
3.3.0
30 Nov 2021 14:42:09
commit hash: 1031ca3f51c7dd4480dfed041a4768fe78a35cb0commit hash: 1031ca3f51c7dd4480dfed041a4768fe78a35cb0commit hash: 1031ca3f51c7dd4480dfed041a4768fe78a35cb0commit hash: 1031ca3f51c7dd4480dfed041a4768fe78a35cb0 files touched by this commit
Palle Girgensohn (girgen) search for other commits by this committer
security/shibboleth-sp: update to 3.3.0
3.2.3
08 Jul 2021 08:26:04
commit hash: ddb9b3294533ce1833d5cdc38307d6fd7c8022cecommit hash: ddb9b3294533ce1833d5cdc38307d6fd7c8022cecommit hash: ddb9b3294533ce1833d5cdc38307d6fd7c8022cecommit hash: ddb9b3294533ce1833d5cdc38307d6fd7c8022ce files touched by this commit
Palle Girgensohn (girgen) search for other commits by this committer
security/shibboleth-sp: update to 3.2.3

A regression in the RequestMap feature causing random crashes on some
systems was identified, necessitating this patch update. Most uses of
this feature tend to be on Windows, so that's the primary platform
affected but the bug was generic if the feature were to be used on other
systems.

It isn't easily exploitable by specific requests, so it's a borderline
sort of denial of service risk and the Shibboleth project chose not to
do an advisory, and anybody affected won't need much incentive to get
the patch anyway.
3.2.2
26 Apr 2021 08:51:17
commit hash: 19889886e54f734191490f09765d631b9b67f0a7commit hash: 19889886e54f734191490f09765d631b9b67f0a7commit hash: 19889886e54f734191490f09765d631b9b67f0a7commit hash: 19889886e54f734191490f09765d631b9b67f0a7 files touched by this commit
Palle Girgensohn (girgen) search for other commits by this committer
security/shibboleth-sp: Update to 3.2.2

This is a security fix for an issue that has not yet been disclosed. The
vuxml entry will be updated once the CVE is available.

The patch to mitigate the vulnerability was introduced already on
2021-04-23 in the FreeBSD port as 3.2.1_1.

Security:	e4403051-a667-11eb-b9c9-6cc21735f730
3.2.1_1
23 Apr 2021 19:04:42
commit hash: ff87b258473211ee848d3aba7bea1246fcf44f3ccommit hash: ff87b258473211ee848d3aba7bea1246fcf44f3ccommit hash: ff87b258473211ee848d3aba7bea1246fcf44f3ccommit hash: ff87b258473211ee848d3aba7bea1246fcf44f3c files touched by this commit
Palle Girgensohn (girgen) search for other commits by this committer
security/shibboleth-sp: Reintroduce direct dependencies to silent Q/A.

The dependencies where previously added indirectly through the
dependency chain via opensaml, bust the Q/A disapproved of that.

Add patch to check for missing DataSealer during cookie recovery.
3.2.1
06 Apr 2021 14:31:13
commit hash: 135fdeebb99c3569e42d8162b265e15d29bd937dcommit hash: 135fdeebb99c3569e42d8162b265e15d29bd937dcommit hash: 135fdeebb99c3569e42d8162b265e15d29bd937dcommit hash: 135fdeebb99c3569e42d8162b265e15d29bd937d files touched by this commit This port version is marked as vulnerable.
Mathieu Arnold (mat) search for other commits by this committer
all: Remove all other $FreeBSD keywords.
3.2.1
06 Apr 2021 14:31:07
commit hash: 305f148f482daf30dcf728039d03d019f88344ebcommit hash: 305f148f482daf30dcf728039d03d019f88344ebcommit hash: 305f148f482daf30dcf728039d03d019f88344ebcommit hash: 305f148f482daf30dcf728039d03d019f88344eb files touched by this commit This port version is marked as vulnerable.
Mathieu Arnold (mat) search for other commits by this committer
Remove # $FreeBSD$ from Makefiles.
3.2.1
16 Mar 2021 22:15:12
Revision:568618Original commit files touched by this commit This port version is marked as vulnerable.
girgen search for other commits by this committer
Update to version 3.2.1

Release notes:	https://wiki.shibboleth.net/confluence/display/SP3/ReleaseNotes
[1]
3.2.0_1
18 Dec 2020 08:51:57
Revision:558359Original commit files touched by this commit This port version is marked as vulnerable.
girgen search for other commits by this committer
Update xmltooling to 3.2.0

Bump dependant ports. xmltooling is only used as a dependency for
security/shibboleth-sp.

Release notes:	https://wiki.shibboleth.net/confluence/display/SP3/ReleaseNotes
3.2.0
15 Dec 2020 20:01:41
Revision:558176Original commit files touched by this commit This port version is marked as vulnerable.
girgen search for other commits by this committer
Upgrade Shibboleth and OpenSAML to 3.2.0

Release
notes:	https://wiki.shibboleth.net/confluence/display/SP3/ReleaseNotes#ReleaseNotes-3.2.0(December14,2020)
3.1.0
13 Apr 2020 22:15:37
Revision:531638Original commit files touched by this commit This port version is marked as vulnerable.
girgen search for other commits by this committer
The Shibboleth Project has released V3.1.0 of the Service Provider software.

Release notes:	https://wiki.shibboleth.net/confluence/display/SP3/ReleaseNotes
3.0.4_3
11 Dec 2019 17:53:49
Revision:519824Original commit files touched by this commit This port version is marked as vulnerable.
jbeich search for other commits by this committer
devel/boost-*: update to 1.72.0

Changes:	http://www.boost.org/users/history/version_1_72_0.html
PR:		241449
Exp-run by:	antoine
Differential Revision:	https://reviews.freebsd.org/D22136
3.0.4_2
19 Aug 2019 15:35:28
Revision:509290Original commit files touched by this commit This port version is marked as vulnerable.
jbeich search for other commits by this committer
devel/boost-*: update to 1.71.0

Changes:	http://www.boost.org/users/history/version_1_71_0.html
PR:		238827
Exp-run by:	antoine
Differential Revision:	https://reviews.freebsd.org/D20774
3.0.4_1
12 Apr 2019 06:36:31
Revision:498698Original commit files touched by this commit This port version is marked as vulnerable.
jbeich search for other commits by this committer
devel/boost-*: update to 1.70.0

Changes:	http://www.boost.org/users/history/version_1_70_0.html
PR:		235956
Exp-run by:	antoine
Differential Revision:	https://reviews.freebsd.org/D19303
3.0.4
11 Mar 2019 17:02:37
Revision:495367Original commit files touched by this commit This port version is marked as vulnerable.
girgen search for other commits by this committer
Update Shibboleth and its tool chain to 3.0.4

The security problem was patched alreadyin 3.0.3p1, but all users are
recommended to update to the latest version at next service window.

Security:	CVE-2019-9628
		https://shibboleth.net/community/advisories/secadv_20190311.txt
Release notes:	https://wiki.shibboleth.net/confluence/display/SP3/ReleaseNotes
3.0.3
23 Dec 2018 10:54:35
Revision:488188Original commit files touched by this commit This port version is marked as vulnerable.
girgen search for other commits by this committer
Update to version 3.0.3

The update corrects a denial of service vulnerability.

Security:	4f8665d0-0465-11e9-b77a-6cc21735f730
3.0.2_2
12 Dec 2018 00:15:50
Revision:487266Original commit files touched by this commit This port version is marked as vulnerable.
jbeich search for other commits by this committer
devel/boost-*: update to 1.69.0

Changes:	http://www.boost.org/users/history/version_1_69_0.html
PR:		232525
Exp-run by:	antoine
Differential Revision:	https://reviews.freebsd.org/D17645
3.0.2_1
09 Aug 2018 06:58:31
Revision:476723Original commit files touched by this commit This port version is marked as vulnerable.
jbeich search for other commits by this committer
devel/boost-*: update to 1.68.0

- Switch to C++14 for libboost_system to support C++14 consumers

Changes:	http://www.boost.org/users/history/version_1_68_0.html
PR:		229569
Exp-run by:	antoine
Differential Revision:	https://reviews.freebsd.org/D16165
3.0.2
07 Aug 2018 13:24:37
Revision:476595Original commit files touched by this commit This port version is marked as vulnerable.
girgen search for other commits by this committer
Update Shibboleth to 3.0.2

Also update the toolchain to latest versions. This includes a security fix for
apache-xml-security-c.

Releaseinfo:    https://wiki.shibboleth.net/confluence/display/SP3/ReleaseNotes
Security:       5786185a-9a43-11e8-b34b-6cc21735f730
Security:       https://shibboleth.net/community/advisories/secadv_20180803.txt
1.3f
28 Jan 2010 01:59:05
Original commit files touched by this commit This port version is marked as vulnerable.
miwi search for other commits by this committer
2010-01-08 x11-toolkits/gtkada-gps: has been broken for 3 months
2010-01-08 x11-fm/velocity: has been broken for 7 months
2010-01-08 x11-drivers/xf86-video-nsc: has been broken for 5 months
2010-01-08 www/rubygem-merb: has been broken for 5 months
2010-01-08 security/shibboleth-sp: has been broken for 3 months
1.3f
25 Dec 2009 18:01:14
Original commit files touched by this commit This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- WITH_APACHE22 is deprecated

With Hat: apache@
1.3f
08 Dec 2009 14:30:09
Original commit files touched by this commit This port version is marked as vulnerable.
pav search for other commits by this committer
  This port has been broken for 3+ months, thus

- Mark DEPRECATED and schedule for expiration in one month

With hat:       portmgr
1.3f
01 Sep 2009 07:18:29
Original commit files touched by this commit This port version is marked as vulnerable.
erwin search for other commits by this committer
Mark BROKEN on i386-6 as well.
1.3f
30 Sep 2007 10:33:03
Original commit files touched by this commit This port version is marked as vulnerable.
linimon search for other commits by this committer
Mark as only for i386-6.

Based on:

PR:             ports/115474
Submitted by:   maintainer
1.3f
03 Aug 2007 23:21:26
Original commit files touched by this commit This port version is marked as vulnerable.
pav search for other commits by this committer
Shibboleth is standards-based, open source middleware software which
provides Web Single SignOn (SSO) across or within organizational
boundaries. It allows sites to make informed authorization decisions
for individual access of protected online resources in a
privacy-preserving manner.

This software is a C++ implementation of the Service Provider
component of the Shibboleth can be used in Apache Web servers.  The
service provider manages secured resources. User access to resources
is based on assertions received by the service provider (SP) from
an identity provider.

WWW:    http://shibboleth.internet2.edu/

PR:             ports/114663
Submitted by:   Janos Mohacsi <janos.mohacsi@bsd.hu>

Number of commits found: 34