Created attachment 166369 [details] Update shotwell to a git snapshot Update to a snapshot, to fix ssl cert validation. Sadly it doesn't look upstream shotwell is still active so we need to update to a snapshot. Also to fix this they had to port it to webkit2gtk3. Announcement: https://mail.gnome.org/archives/distributor-list/2016-January/msg00000.html upstream bug: https://bugzilla.gnome.org/show_bug.cgi?id=751709
The right thing to do here is protect our users. As we have the capability to do so and as long as this does not rely on a defunct version of webkit we should be able to keep it alive in our ports tree. I can approve this snapshot update and MFH.
A commit references this bug: Author: kwm Date: Fri Feb 5 16:32:10 UTC 2016 New revision: 408219 URL: https://svnweb.freebsd.org/changeset/ports/408219 Log: Document shotwell failure to validate TLS certificates. PR: 206807 Changes: head/security/vuxml/vuln.xml
A commit references this bug: Author: kwm Date: Fri Feb 5 16:34:59 UTC 2016 New revision: 408220 URL: https://svnweb.freebsd.org/changeset/ports/408220 Log: Update shotwell to a git snapshot. Update to a snapshot, to fix ssl cert validation. Sadly it doesn't look upstream shotwell is still active so we need to update to a snapshot. Also to fix this, they had to port it to webkit2gtk3. PR: 206807 Approved by: ports-secteam (feld) MFH: 2016Q1 Changes: head/graphics/shotwell/Makefile head/graphics/shotwell/distinfo head/graphics/shotwell/files/patch-Makefile head/graphics/shotwell/pkg-plist