openbsd/ports
1
0
Fork 0
mirror of https://github.com/openbsd/ports.git synced 2026-06-17 23:13:55 +02:00
Code Issues Packages Projects Releases Wiki Activity
209,940 Commits 1 Branch 0 Tags
master
Commit Graph

10261 Commits

Author SHA1 Message Date
naddy 72cf37f65d security/strobe: add missing cast to appease llvm22 2026-06-16 21:20:48 +00:00
sthen 79849aa2ec update to p5-Crypt-DSA-1.21 
CVE-2026-12205 key material reuse for multiple signing events
note in DESCR that it is deprecated
 2026-06-15 14:35:10 +00:00
tb d5b0c67266 Update to openssl-ruby-tests 20260530 2026-06-15 08:54:22 +00:00
tb e42bbb441b Update to rust-openssl-tests 20260615 2026-06-15 08:25:52 +00:00
bluhm 82be01db6c update p5-Crypt-PBKDF2 to 0.261630 
CVE-2026-9641 CVE-2026-9638 CVE-2017-20240
OK maintainer Wen Heping
 2026-06-14 21:35:51 +00:00
landry 3239e5e3e4 security/nss: update to 3.125, will be required by mozilla 153 
see https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_125.html
 2026-06-13 08:13:03 +00:00
tb 348acca1d6 Update to c2sp-testvectors 20260605 2026-06-12 08:18:18 +00:00
tb 221b1a4c20 Update to wycheproof 20260606 2026-06-11 18:28:33 +00:00
sthen 88d3dc6988 update to step-ca-0.30.2 2026-06-11 11:26:34 +00:00
sthen 14df1d3deb update to step-cli-0.30.3 
(syscall issue with github.com/chzyer/readline library still applies so,
as before, some features fail at runtime)
 2026-06-11 11:26:28 +00:00
naddy b83ca81049 security/gringotts: use proper object type-casting macro to appease llvm22 2026-06-10 22:53:21 +00:00
sthen e9d4b4face opensc passes pointers to unsigned int to DES_encrypt[123] functions. 
this breaks on i386 with LLVM 22's more restrictive checks as the types
of the variable pointed to don't match (the functions want DES_LONG *,
which is an unsigned long on i386). change to passing pointers to DES_LONG
instead, fixing i386, and a noop on other archs.  ok tb@
 2026-06-10 13:27:55 +00:00
tb eed98a3446 bump statically linked openssl consumers 2026-06-09 13:03:44 +00:00
tb 281c429bc3 Update to openssl 3.5.7 2026-06-09 12:55:42 +00:00
tb a567414c59 Update to OpenSSL 4.0.1 2026-06-09 12:55:19 +00:00
pvk 3e867ddee4 Update keycloak 26.6.2 -> 26.6.3 
Changelogs: https://github.com/keycloak/keycloak/releases
Release notes: https://www.keycloak.org/docs/latest/release_notes/index.html
Upgrading guide: https://www.keycloak.org/docs/26.6.3/upgrading
 2026-06-08 14:00:26 +00:00
pvk 44bc7be6af Update vault 2.0.0 -> 2.0.2 
Changelogs: https://github.com/hashicorp/vault/releases
 2026-06-08 13:58:37 +00:00
jca 467cb400e9 Ignore type mismatch in riscv-specific code, fixes the build on riscv64 
clang-22 considers pointer mismatches between unsigned long * and
unsigned long long * as fatal errors. Make the errors non-fatal until
I nuderstand what it takes to appease the compiler. Said errors
shouldn't matter anyway given that said types are always the same size
on riscv64 anyway.  make test agrees.

Some performance increases are visible for eg chacha or AES on this
Spacemit k1, but more efforts are needed to unlock performance
improvements gated behind riscv_hwprobe checks.
 2026-06-07 15:08:59 +00:00
bluhm 6aa0f4aa6e update p5-Crypt-OpenSSL-X509 to 2.1.1 2026-06-06 16:13:58 +00:00
danj 9b458a22ba Update to gosec-2.27.1 
From Laurent Cheylus (maintainer)
 2026-06-06 10:17:33 +00:00
tb 1bc67fc8f9 Update to pizauth 1.1.0, from maintainer/upstream 2026-06-06 08:40:02 +00:00
sebastia 982eb09216 update to 4.0.0, major rewrite, no need for cms_scanner and opt_parse_validator anymore 2026-06-04 17:58:41 +00:00
sebastia fcc161938c no need for ruby-cms_scanner, due to wpscan update 2026-06-04 17:57:04 +00:00
sebastia 76c3d2f369 unhook security/ruby-cms_scanner 2026-06-04 17:56:28 +00:00
volker 8be5757884 security/sequoia-sq: Fix build with LLVM 22 
(update nettle-sys to 2.3.2 to pull in the upstream fix)
 2026-06-03 18:31:29 +00:00
sebastia d99dd58484 update 2026-05-16 -> 2026-02-06 2026-06-02 20:56:42 +00:00
tb def31032cc Bump clang module consumers whose MODCLANG_VERSION changed 
(these link against libllvm or have a wantlib or rdep change because
of that).
 2026-06-02 17:47:05 +00:00
bentley ddb6f08415 Update to cyberchef-11.0.0. 2026-06-01 08:20:45 +00:00
kmos e28d71c5f6 Building with the newer nettle, aide now also needs stdalign.h 
Move to ports-gcc on sparc64 to fix the build
 2026-05-30 17:18:37 +00:00
naddy 887206546b security/libgcrypt: drop our custom aarch64 feature detection 
Hardware crypto features are found with elf_aux_info() out of the box.
Confirmed by timings from the test suite.

ok ajacoutot@
 2026-05-29 15:34:37 +00:00
kmos 4f5e046573 nettle wants stdalign.h which is not available in base-gcc 
Move to ports-gcc on sparc64 to fix the build
 2026-05-29 02:51:00 +00:00
sthen 2e0ff54f3e update to gpa-0.11.1 2026-05-28 15:46:57 +00:00
sthen b6534b3042 update to pcsc-lite-2.5.0 
add PORTROACH site url pointing at github, doesn't pick up new versions
correctly at author's site
 2026-05-28 15:46:07 +00:00
sthen 5dcf6a42a4 update to ccid-1.8.0 
set PORTROACH to gh releases in the hope that it might do a better job of
picking up new versions
 2026-05-28 15:38:41 +00:00
sthen fa3f87ac8d update to ccid-1.7.1 2026-05-28 15:29:38 +00:00
ajacoutot ee4592d784 Build with nettle 4 (from upstream). 2026-05-27 06:51:19 +00:00
pvk 5e89678d77 Update keycloak 26.5.3 -> 26.6.2 
Changelogs: https://github.com/keycloak/keycloak/releases
Release notes: https://www.keycloak.org/docs/latest/release_notes/index.html
Upgrading guide: https://www.keycloak.org/docs/26.6.2/upgrading
 2026-05-26 18:48:01 +00:00
ajacoutot bf90f8ea1b Quiet PORTROACH. 2026-05-26 17:04:58 +00:00
tb fb691044a4 pgp5: switch int to size_t to fix build with llvm22 
regen patches & plist while there
 2026-05-25 18:18:34 +00:00
ajacoutot bfe4cb8b8a Add missing @conflict libnettle-<3.10.2p0 2026-05-25 06:57:36 +00:00
kn 3ee45377e6 drop myself as maintainer 2026-05-23 21:52:48 +00:00
ajacoutot 456be0d26b Unbreak. 2026-05-23 09:58:37 +00:00
ajacoutot 7fe4725b96 Temporarily mark broken until I fix it after the recent nettle changes. 2026-05-22 15:22:08 +00:00
ajacoutot d8df43f1c8 Stick with older nettle for the time being (security/libnettle). 2026-05-22 15:21:16 +00:00
ajacoutot 2ba5a01dbf Move from security/libnettle(v3) to security/nettle(v4). 2026-05-22 15:20:54 +00:00
ajacoutot 24e5892412 Fix conflict with security/nettle. 2026-05-22 15:19:22 +00:00
ajacoutot 75aca3d273 +nettle 2026-05-22 15:19:05 +00:00
ajacoutot 6f66ec669a Import security/libnettle as nettle and update to 4.0. 
So both can co-exist.

ok robert@
 2026-05-22 15:18:39 +00:00
ajacoutot 445e013aef Regen WANTLIB. 2026-05-22 14:52:00 +00:00
tb d057b7c2e1 Update to Crypt::OpenSSL::RSA 0.41, tested by henning 
Attacks on the Marvin attack were too aggressive and 0.35 disabled the
widely used PKCS#1 v1.5 padding outright, when only decryption is
problematic due to the padding oracle. Signing is fine and required for
many things, among other things TLS and DNSSEC.

  Version 0.35 disabled PKCS#1 v1.5 padding entirely to mitigate the
  Marvin attack. However, the Marvin attack only affects PKCS#1 v1.5
  decryption (padding oracle), not signatures. Version 0.38 re-enables
  use_pkcs1_padding() for use with sign() and verify(), while keeping it
  disabled for encrypt() and decrypt(). PKCS1_OAEP should be used for
  encryption and either PKCS1_PSS or PKCS1 can be used for signing.

https://metacpan.org/pod/Crypt::OpenSSL::RSA
 2026-05-22 14:50:14 +00:00