Date: Sun, 4 Aug 2013 13:40:12 +0000 (UTC) From: William Grzybowski <wg@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r324232 - in head/devel: . py-defusedxml Message-ID: <201308041340.r74DeCpv063034@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: wg Date: Sun Aug 4 13:40:11 2013 New Revision: 324232 URL: http://svnweb.freebsd.org/changeset/ports/324232 Log: devel/py-defusedxml: Defusing XML bombs and other exploits The results of an attack on a vulnerable XML library can be fairly dramatic. With just a few hundred Bytes of XML data an attacker can occupy several Gigabytes of memory within seconds. An attacker can also keep CPUs busy for a long time with a small to medium size request. This library prevents such issues. WWW: https://bitbucket.org/tiran/defusedxml Added: head/devel/py-defusedxml/ head/devel/py-defusedxml/Makefile (contents, props changed) head/devel/py-defusedxml/distinfo (contents, props changed) head/devel/py-defusedxml/pkg-descr (contents, props changed) head/devel/py-defusedxml/pkg-plist (contents, props changed) Modified: head/devel/Makefile Modified: head/devel/Makefile ============================================================================== --- head/devel/Makefile Sun Aug 4 13:18:24 2013 (r324231) +++ head/devel/Makefile Sun Aug 4 13:40:11 2013 (r324232) @@ -3496,6 +3496,7 @@ SUBDIR += py-dbus SUBDIR += py-decorator SUBDIR += py-decoratortools + SUBDIR += py-defusedxml SUBDIR += py-deliciousapi SUBDIR += py-demjson SUBDIR += py-dexml Added: head/devel/py-defusedxml/Makefile ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/devel/py-defusedxml/Makefile Sun Aug 4 13:40:11 2013 (r324232) @@ -0,0 +1,35 @@ +# Created by: William Grzybowski <wg@FreeBSD.org> +# $FreeBSD$ + +PORTNAME= defusedxml +PORTVERSION= 0.4.1 +CATEGORIES= devel python textproc +MASTER_SITES= CHEESESHOP +PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} + +MAINTAINER= wg@FreeBSD.org +COMMENT= XML bomb protection for Python stdlib modules + +LICENSE= PSFL + +USE_PYTHON= yes +USE_PYDISTUTILS= yes + +PORTDOCS= * +DOCS_FILES= CHANGES.txt README.txt + +OPTIONS_DEFINE= DOCS + +.include <bsd.port.pre.mk> + +post-install: +.if ${PYTHON_REL} >= 320 +.include "${PORTSDIR}/devel/py-virtualenv/files/py3k-fix-pkg-plist.inc" +.endif + +.if ${PORT_OPTIONS:MDOCS} + @${MKDIR} ${DOCSDIR} + ${INSTALL_MAN} ${DOCS_FILES:S,^,${WRKSRC}/,} ${DOCSDIR} +.endif + +.include <bsd.port.post.mk> Added: head/devel/py-defusedxml/distinfo ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/devel/py-defusedxml/distinfo Sun Aug 4 13:40:11 2013 (r324232) @@ -0,0 +1,2 @@ +SHA256 (defusedxml-0.4.1.tar.gz) = cd551d5a518b745407635bb85116eb813818ecaf182e773c35b36239fc3f2478 +SIZE (defusedxml-0.4.1.tar.gz) = 48889 Added: head/devel/py-defusedxml/pkg-descr ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/devel/py-defusedxml/pkg-descr Sun Aug 4 13:40:11 2013 (r324232) @@ -0,0 +1,9 @@ +Defusing XML bombs and other exploits + +The results of an attack on a vulnerable XML library can be fairly dramatic. +With just a few hundred Bytes of XML data an attacker can occupy several +Gigabytes of memory within seconds. An attacker can also keep CPUs busy for +a long time with a small to medium size request. This library prevents +such issues. + +WWW: https://bitbucket.org/tiran/defusedxml Added: head/devel/py-defusedxml/pkg-plist ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/devel/py-defusedxml/pkg-plist Sun Aug 4 13:40:11 2013 (r324232) @@ -0,0 +1,34 @@ +%%PYTHON_SITELIBDIR%%/defusedxml/ElementTree.py +%%PYTHON_SITELIBDIR%%/defusedxml/ElementTree.pyc +%%PYTHON_SITELIBDIR%%/defusedxml/ElementTree.pyo +%%PYTHON_SITELIBDIR%%/defusedxml/__init__.py +%%PYTHON_SITELIBDIR%%/defusedxml/__init__.pyc +%%PYTHON_SITELIBDIR%%/defusedxml/__init__.pyo +%%PYTHON_SITELIBDIR%%/defusedxml/cElementTree.py +%%PYTHON_SITELIBDIR%%/defusedxml/cElementTree.pyc +%%PYTHON_SITELIBDIR%%/defusedxml/cElementTree.pyo +%%PYTHON_SITELIBDIR%%/defusedxml/common.py +%%PYTHON_SITELIBDIR%%/defusedxml/common.pyc +%%PYTHON_SITELIBDIR%%/defusedxml/common.pyo +%%PYTHON_SITELIBDIR%%/defusedxml/expatbuilder.py +%%PYTHON_SITELIBDIR%%/defusedxml/expatbuilder.pyc +%%PYTHON_SITELIBDIR%%/defusedxml/expatbuilder.pyo +%%PYTHON_SITELIBDIR%%/defusedxml/expatreader.py +%%PYTHON_SITELIBDIR%%/defusedxml/expatreader.pyc +%%PYTHON_SITELIBDIR%%/defusedxml/expatreader.pyo +%%PYTHON_SITELIBDIR%%/defusedxml/lxml.py +%%PYTHON_SITELIBDIR%%/defusedxml/lxml.pyc +%%PYTHON_SITELIBDIR%%/defusedxml/lxml.pyo +%%PYTHON_SITELIBDIR%%/defusedxml/minidom.py +%%PYTHON_SITELIBDIR%%/defusedxml/minidom.pyc +%%PYTHON_SITELIBDIR%%/defusedxml/minidom.pyo +%%PYTHON_SITELIBDIR%%/defusedxml/pulldom.py +%%PYTHON_SITELIBDIR%%/defusedxml/pulldom.pyc +%%PYTHON_SITELIBDIR%%/defusedxml/pulldom.pyo +%%PYTHON_SITELIBDIR%%/defusedxml/sax.py +%%PYTHON_SITELIBDIR%%/defusedxml/sax.pyc +%%PYTHON_SITELIBDIR%%/defusedxml/sax.pyo +%%PYTHON_SITELIBDIR%%/defusedxml/xmlrpc.py +%%PYTHON_SITELIBDIR%%/defusedxml/xmlrpc.pyc +%%PYTHON_SITELIBDIR%%/defusedxml/xmlrpc.pyo +@dirrm %%PYTHON_SITELIBDIR%%/defusedxml
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201308041340.r74DeCpv063034>