Please bump to 2.7.7 (see https://vuxml.freebsd.org/freebsd/791841a3-d484-4878-8909-92ef9ce424f4.html).
What's going on that a port with several vulnerabilities is not being updated?
Is anybody doing any work to bump patch to 2.7.7? It's already more than half a year passed.
Maintainer reset.
A commit references this bug: Author: danfe Date: Thu Nov 7 11:35:36 UTC 2019 New revision: 516964 URL: https://svnweb.freebsd.org/changeset/ports/516964 Log: - Pull in security patches from Debian while upstream still CBA to release a new version after almost a year since those bugs and vulnerabilities had been reported - Hook the test suite, which unfortunately requires bash(1), to our framework - Chase redirection in the WWW line of the port description Security: 791841a3-d484-4878-8909-92ef9ce424f4 PR: 233455 Changes: head/devel/patch/Makefile head/devel/patch/distinfo head/devel/patch/files/patch-lib__Makefile.in head/devel/patch/files/patch-lib__localcharset.c head/devel/patch/pkg-descr
Version 2.7.7 had not been released yet, I've pulled security patches from Debian for the moment: ports r516964.
^Triage: - Assign to committer that resolved - VuXML entry added in ports r516965 adjusted in ports r516965 - Re-open pending MFH request (security fix)
2020Q1 was branched in r521721, so MFC happened automatically.