Bug 206000 - security/dropbear: Update to 2015.71, change of email
Summary: security/dropbear: Update to 2015.71, change of email
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Martin Wilke
URL: https://lists.freebsd.org/pipermail/f...
Keywords: easy, patch, patch-ready
Depends on:
Blocks:
 
Reported: 2016-01-07 11:24 UTC by Piotr Kubaj
Modified: 2016-01-09 09:07 UTC (History)
1 user (show)

See Also:

Attachments
update to 2015.71, change email (935 bytes, patch)
2016-01-07 11:24 UTC, Piotr Kubaj 		koobs: maintainer-approval+
Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Piotr Kubaj freebsd_committer freebsd_triage 2016-01-07 11:24:54 UTC 
Created attachment 165206 [details]
update to 2015.71, change email

Patch is attached.
Comment 1 Bugzilla Automation freebsd_committer freebsd_triage 2016-01-07 11:24:54 UTC 
Maintainer informed via mail
Comment 2 Kubilay Kocak freebsd_committer freebsd_triage 2016-01-07 12:09:46 UTC 
@Piotr, MAINTAINER line in ports and Bugzilla account email need to match in order to count as a maintainer report, or maintainer approval
Comment 3 Kubilay Kocak freebsd_committer freebsd_triage 2016-01-07 12:10:31 UTC 
At least until this change is committed :)
Comment 4 Piotr Kubaj freebsd_committer freebsd_triage 2016-01-07 12:13:52 UTC 
I don't really feel like changing my email on Bugzilla back to pkubaj@riseup.net. Can I just send email from pkubaj@riseup.net to koobs@FreeBSD.org, or e.g. freebsd-ports list, stating that I'm changing my email address?
Comment 5 Kubilay Kocak freebsd_committer freebsd_triage 2016-01-07 12:36:27 UTC 
(In reply to Piotr Kubaj from comment #4)

The latter is fine Piotr, at least then I can link to it. However, email is trivially forgeable and if you were a malicious actor, I'm sure the real maintainer would be quite upset ;)
Comment 6 Piotr Kubaj freebsd_committer freebsd_triage 2016-01-07 12:44:45 UTC 
(In reply to Kubilay Kocak from comment #5)
Actually, it's not that simple to forge, when you use SPF and DKIM.
I've sent an email to freebsd-ports and you are CC'd.
Comment 7 Kubilay Kocak freebsd_committer freebsd_triage 2016-01-07 13:49:51 UTC 
Comment on attachment 165206 [details]
update to 2015.71, change email

See mailing list URL for verification
Comment 8 Piotr Kubaj freebsd_committer freebsd_triage 2016-01-07 19:32:45 UTC 
Just in case anyone wants to make sure I am I :)
https://lists.freebsd.org/pipermail/freebsd-ports/2016-January/101561.html
Comment 9 VK freebsd_triage 2016-01-07 19:38:58 UTC 
(In reply to Piotr Kubaj from comment #6)

Just a quick comment to this. SPF and DKIM mean nothing in this case because the spoof is not in sending mail from unallowed IP, but approving a change from a random e-mail address. Eg. anyone can register a bugzilla account as pkubaj@somedomainundertheircontrol.com and say here, change the email addr to this. :) Hope this helps.
Comment 10 Piotr Kubaj freebsd_committer freebsd_triage 2016-01-07 19:45:06 UTC 
(In reply to Vladimir Krstulja from comment #9)
That's right and that's why I sent the linked email from my current maintainer address.
Comment 11 commit-hook freebsd_committer freebsd_triage 2016-01-09 09:07:45 UTC 
A commit references this bug:

Author: miwi
Date: Sat Jan  9 09:07:27 UTC 2016
New revision: 405616
URL: https://svnweb.freebsd.org/changeset/ports/405616

Log:
  - Update to 2015.71
  - Update maintainer mail

  PR:		206000
  Submitted by:	maintainer

Changes:
  head/security/dropbear/Makefile
  head/security/dropbear/distinfo