Bug 225447 - www/squid-devel: update to 4.0.23, Fixes security vulnerability
Summary: www/squid-devel: update to 4.0.23, Fixes security vulnerability
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Danilo G. Baio
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2018-01-25 13:00 UTC by Pavel Timofeev
Modified: 2018-02-23 19:53 UTC (History)
2 users (show)

See Also:
dbaio: merge-quarterly+


Attachments
port patch (1.02 KB, patch)
2018-01-25 13:00 UTC, Pavel Timofeev
timp87: maintainer-approval+
Details | Diff
squid-devel-4.0.23.patch (2.63 KB, patch)
2018-02-22 19:55 UTC, Danilo G. Baio
timp87: maintainer-approval+
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Pavel Timofeev 2018-01-25 13:00:56 UTC
Created attachment 190050 [details]
port patch

Update www/squid-devel to 4.0.23
Comment 1 Danilo G. Baio freebsd_committer freebsd_triage 2018-01-28 21:12:32 UTC
(In reply to timp87 from comment #0)

Building fine in 10.3, 11 and 12-CURRENT amd64 but not in i386 arch.

Kid.cc:93:42: error: format specifies type 'long' but the argument has type 'time_t' (aka 'int') [-Werror,-Wformat]
               theName.termedBuf(), pid, Config.hopelessKidRevivalDelay);
                                         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1 error generated.

Needs to investigate or report upstream.
Comment 2 Danilo G. Baio freebsd_committer freebsd_triage 2018-02-22 19:55:39 UTC
Created attachment 190900 [details]
squid-devel-4.0.23.patch

This patch attached includes a patch from upstream that fixes build on i386.
Could you exec a runtime test?
Comment 3 Pavel Timofeev 2018-02-23 06:10:08 UTC
(In reply to Danilo G. Baio from comment #2)
Thanks a lot!
Comment 4 commit-hook freebsd_committer freebsd_triage 2018-02-23 13:35:51 UTC
A commit references this bug:

Author: dbaio
Date: Fri Feb 23 13:35:44 UTC 2018
New revision: 462698
URL: https://svnweb.freebsd.org/changeset/ports/462698

Log:
  www/squid-devel: Update to 4.0.23, Fixes security vulnerabilities

  - Add a patch from upstream that fixes a problem when building on i386 arch

    Kid.cc:93:42: error: format specifies type 'long' but the argument has type
    'time_t' (aka 'int') [-Werror,-Wformat]
                   theName.termedBuf(), pid, Config.hopelessKidRevivalDelay);
                                           ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    1 error generated.

  - Remove CXXFLAGS with clang, not necessary anymore

  PR:		225447
  Submitted by:	timp87@gmail.com (maintainer)
  MFH:		2018Q1
  Security:	d5b6d151-1887-11e8-94f7-9c5c8e75236a

Changes:
  head/www/squid-devel/Makefile
  head/www/squid-devel/distinfo
  head/www/squid-devel/files/patch-src_ipc_Kid.cc
Comment 5 commit-hook freebsd_committer freebsd_triage 2018-02-23 19:52:12 UTC
A commit references this bug:

Author: dbaio
Date: Fri Feb 23 19:51:28 UTC 2018
New revision: 462737
URL: https://svnweb.freebsd.org/changeset/ports/462737

Log:
  MFH: r462698

  www/squid-devel: Update to 4.0.23, Fixes security vulnerabilities

  - Add a patch from upstream that fixes a problem when building on i386 arch

    Kid.cc:93:42: error: format specifies type 'long' but the argument has type
    'time_t' (aka 'int') [-Werror,-Wformat]
                   theName.termedBuf(), pid, Config.hopelessKidRevivalDelay);
                                           ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    1 error generated.

  - Remove CXXFLAGS with clang, not necessary anymore

  PR:		225447
  Submitted by:	timp87@gmail.com (maintainer)
  Security:	d5b6d151-1887-11e8-94f7-9c5c8e75236a

  Approved by:	ports-secteam (swills)

Changes:
_U  branches/2018Q1/
  branches/2018Q1/www/squid-devel/Makefile
  branches/2018Q1/www/squid-devel/distinfo
  branches/2018Q1/www/squid-devel/files/patch-src_ipc_Kid.cc
Comment 6 Danilo G. Baio freebsd_committer freebsd_triage 2018-02-23 19:53:35 UTC
Committed, thanks!