Bug 166307 - [SECURITY UPDATE] security/gnutls
Summary: [SECURITY UPDATE] security/gnutls
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Only Me
Assignee: Xin LI
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2012-03-21 22:50 UTC by Xin LI
Modified: 2012-04-05 11:20 UTC (History)
1 user (show)

See Also:

Attachments
gnutls.diff (1.86 KB, patch)
2012-03-21 22:50 UTC, Xin LI 		no flags Details | Diff
bump.diff (128.00 KB, patch)
2012-03-21 23:24 UTC, Xin LI 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Xin LI freebsd_committer freebsd_triage 2012-03-21 22:50:13 UTC 
	This proposed patch is intended for a pointyhat build to validate
if there is build breakage, as the changeset would introduce a shared
library bump.
Comment 1 Edwin Groothuis freebsd_committer freebsd_triage 2012-03-21 22:50:25 UTC 
Responsible Changed
From-To: freebsd-ports-bugs->novel

Over to maintainer (via the GNATS Auto Assign Tool)
Comment 2 Xin LI 2012-03-21 23:24:40 UTC 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Attached is the proposed diff for version bumps to chase the shared
library bump.

Cheers,
- -- 
Xin LI <delphij@delphij.net>	https://www.delphij.net/
FreeBSD - The Power to Serve!		Live free or die
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.18 (FreeBSD)

iQEcBAEBCAAGBQJPamM4AAoJEG80Jeu8UPuzCjIH/0lB3hdkhk9FHJQwAovhq5An
3UkIFDRS5bVCrEaqjXgEzt9KZtXyaNwxkJboQS2cRz7HUL0Db3zXd432GMsrRuQa
bvhmZBJoJceVd1NsPYIhXPaJrfXlQjO4a7kmX8SjI/BJmBVLtWVlyYwU6FXOMYl9
TUOUGLL22iC+Wg01dAzfJBCu2kNpg0u8ccjRThNDg5nop3McFGmnS+Vu1vwcpTgz
Op7ibdKj6/9j6LR7CNGZw28Yl18aasXVh+M6rWA1ElUHYMRoZirF0vQnlkvXYDBW
CrUN9T/zDsAv7ml+O5UcwcbdA0mhXgqOQM906FlSUMQehktnFjwV/3DVeCn7Is8=
=0TzL
-----END PGP SIGNATURE-----
Comment 3 Xin LI freebsd_committer freebsd_triage 2012-03-21 23:26:05 UTC 
Responsible Changed
From-To: novel->portmgr

Pointyhat build requested.
Comment 4 Pav Lucistnik freebsd_committer freebsd_triage 2012-03-22 08:52:11 UTC 
On 2012/03/22 00:30, Xin Li wrote:

>   Attached is the proposed diff for version bumps to chase the shared
>   library bump.

The patch is truncated somewhere around emulators/qemu.

-- 
Pav Lucistnik <pav@oook.cz>
               <pav@FreeBSD.org>
Comment 5 Pav Lucistnik freebsd_committer freebsd_triage 2012-03-25 10:51:25 UTC 
Responsible Changed
From-To: portmgr->delphij

No build failures detected with new version in experimental run on pointyhat.
Comment 6 dfilter service freebsd_committer freebsd_triage 2012-03-25 16:25:12 UTC 
novel       2012-03-25 15:24:24 UTC

  FreeBSD ports repository

  Modified files:
    security/gnutls      Makefile distinfo 
  Added files:
    security/gnutls/files patch-lib-Makefile.in 
                          patch-libextra-Makefile.in 
  Log:
  Update to 2.12.18. This update includes a dirty hack to prevent shared
  library bump which is necessary because of not properly set LIBTOOLFILES.
  This would be properly fixed after ports slush is over.
  
  PR:             166307
  Submitted by:   delphij
  Security:       CVE-2012-1569, CVE-2012-1573
  Feature safe:   yes
  
  Revision  Changes    Path
  1.100     +1 -1      ports/security/gnutls/Makefile
  1.43      +2 -2      ports/security/gnutls/distinfo
  1.1       +15 -0     ports/security/gnutls/files/patch-lib-Makefile.in (new)
  1.1       +15 -0     ports/security/gnutls/files/patch-libextra-Makefile.in (new)
_______________________________________________
cvs-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
Comment 7 Michael Scheidell freebsd_committer freebsd_triage 2012-04-05 11:13:40 UTC 
I noticed this is still open.
Can you wait  to close this until I doublecheck this patch in tinderbox ?
Makefile and pkg-plist accounts for NOPORTDOCS, but doesn't check for   
NOPORTEXAMPLES, and it installs 100K of examples:


du -ch /usr/local/share/examples/gnutls
100K    /usr/local/share/examples/gnutls
100K    total

running this in a tinderbox, backed up with a bunch of other jobs.  I'll 
attach patch once I validate it on with/without portexamples


-- 
Michael Scheidell, CTO
 >*| * SECNAP Network Security Corporation
d: +1.561.948.2259
w: http://people.freebsd.org/~scheidell
Comment 8 Xin LI freebsd_committer freebsd_triage 2012-04-05 11:14:53 UTC 
State Changed
From-To: open->closed

novel@ have committed an update already.