202261 – [PATCH] devel/py-foolscap: update to 0.8.0, multiple security improvements

Bug 202261 - [PATCH] devel/py-foolscap: update to 0.8.0, multiple security improvements

Summary: [PATCH] devel/py-foolscap: update to 0.8.0, multiple security improvements

Status:	Closed FIXED

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	--- Affects Some People
Assignee:	Kevin Lo

URL:
Keywords:	patch

Depends on:
Blocks:

Reported:	2015-08-12 00:55 UTC by Thomas Hurst
Modified:	2015-08-14 00:31 UTC (History)
CC List:	1 user (show)

See Also:

Flags:	bugzilla: maintainer-feedback? (kevlo)

Attachments
patch to 0.8.0 (1.77 KB, patch) 2015-08-12 00:55 UTC, Thomas Hurst	no flags	Details \| Diff
testport on 10.1 (48.41 KB, text/plain) 2015-08-12 00:56 UTC, Thomas Hurst	no flags	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Thomas Hurst 2015-08-12 00:55:34 UTC

Created attachment 159791 [details]
patch to 0.8.0

This patch updates from 0.6.4 to 0.8.0, corrects a use of :=, and adds a regression-test target.

Self tests improve in the update thus on 10.1-BETA2:

0.6.4: FAILED (skips=4, failures=1, errors=10, successes=441)
0.8.0: FAILED (skips=4, failures=1, errors=7, successes=462)

0.7.0 includes this security fix:

> The "flappserver" feature was found to have a vulnerability in the
> service-lookup code which, when combined with an attacker who has the ability
> to write files to a location where the flappserver process could read them,
> would allow that attacker to obtain control of the flappserver process.

0.8.0 generates better TLS certificates, and removes unauthenticated Tubs.

Comment 1 Thomas Hurst 2015-08-12 00:56:20 UTC

Created attachment 159792 [details]
testport on 10.1

Comment 2 commit-hook freebsd_committer

2015-08-12 05:45:08 UTC

A commit references this bug:

Author: kevlo
Date: Wed Aug 12 05:44:31 UTC 2015
New revision: 394005
URL: https://svnweb.freebsd.org/changeset/ports/394005

Log:
  Update to 0.8.0

  PR:	202261
  Submitted by:	Thomas Hurst <tom at hur dot st>

Changes:
  head/devel/py-foolscap/Makefile
  head/devel/py-foolscap/distinfo
  head/devel/py-foolscap/files/

Comment 3 Xin LI freebsd_committer

2015-08-14 00:30:54 UTC

Committed, thanks!

Comment 4 commit-hook freebsd_committer

2015-08-14 00:31:30 UTC

A commit references this bug:

Author: delphij
Date: Fri Aug 14 00:30:39 UTC 2015
New revision: 394200
URL: https://svnweb.freebsd.org/changeset/ports/394200

Log:
  MFH: r394005

  Update to 0.8.0

  PR:	202261
  Submitted by:	Thomas Hurst <tom at hur dot st>
  Approved by:	ports-secteam

Changes:
_U  branches/2015Q3/
  branches/2015Q3/devel/py-foolscap/Makefile
  branches/2015Q3/devel/py-foolscap/distinfo
  branches/2015Q3/devel/py-foolscap/files/