Bug 261056 - net/uriparser: Update to 0.9.6
Summary: net/uriparser: Update to 0.9.6
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Sergei Vyshenski
URL:
Keywords: patch, security
Depends on:
Blocks:
 
Reported: 2022-01-09 11:17 UTC by Thomas Zander
Modified: 2022-01-09 23:32 UTC (History)
1 user (show)

See Also:
svysh.fbsd: maintainer-feedback+
riggs: merge-quarterly+

Attachments
Update to 0.9.6 (1.99 KB, text/plain)
2022-01-09 11:17 UTC, Thomas Zander 		no flags Details
"git diff" to update the port (2.66 KB, patch)
2022-01-09 19:00 UTC, Sergei Vyshenski 		svysh.fbsd: maintainer-approval+
Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Thomas Zander freebsd_committer freebsd_triage 2022-01-09 11:17:34 UTC 
Created attachment 230840 [details]
Update to 0.9.6

There is an update to uriparser to 0.9.6 to address CVE-2021-46141 and
CVE-2021-46142. Patch is attached. May I commit this?
Comment 1 commit-hook freebsd_committer freebsd_triage 2022-01-09 13:37:43 UTC 
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=0d1194eee10d5cf02f9b619cdfdd1cec8aa709a4

commit 0d1194eee10d5cf02f9b619cdfdd1cec8aa709a4
Author:     Thomas Zander <riggs@FreeBSD.org>
AuthorDate: 2022-01-09 13:34:01 +0000
Commit:     Thomas Zander <riggs@FreeBSD.org>
CommitDate: 2022-01-09 13:37:24 +0000

    security/vuxml: Document vulnerabilities in net/uniparser before 0.9.6

    PR:             261056
    Security:       CVE-2021-46141
                    CVE-2021-46142

 security/vuxml/vuln-2022.xml | 41 +++++++++++++++++++++++++++++++++++++++++
 1 file changed, 41 insertions(+)
Comment 2 Sergei Vyshenski 2022-01-09 19:00:23 UTC 
Created attachment 230848 [details]
"git diff" to update the port

Thomas,
Everything (including googletest's) look fine. 
Please find a new patch:
added some minor cosmetic changes to satisfy new versions of portfmt and of portclippy.
Thank you very much.
Regards, Sergei
Comment 3 commit-hook freebsd_committer freebsd_triage 2022-01-09 23:25:19 UTC 
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=d927653584b767433abd267d630f8241aa4a3898

commit d927653584b767433abd267d630f8241aa4a3898
Author:     Thomas Zander <riggs@FreeBSD.org>
AuthorDate: 2022-01-09 23:18:42 +0000
Commit:     Thomas Zander <riggs@FreeBSD.org>
CommitDate: 2022-01-09 23:18:42 +0000

    net/uriparser: Update to upstream version 0.9.6

    PR:             261056
    Reviewed by:    svysh.fbsd@gmail.com (maintainer)
    Approved by:    svysh.fbsd@gmail.com (maintainer)
    MFH:            2022Q1
    Security:       CVE-2021-46141
                    CVE-2021-46142

 net/uriparser/Makefile  | 10 +++++-----
 net/uriparser/distinfo  | 14 +++++++-------
 net/uriparser/pkg-plist |  2 +-
 3 files changed, 13 insertions(+), 13 deletions(-)
Comment 4 commit-hook freebsd_committer freebsd_triage 2022-01-09 23:31:21 UTC 
A commit in branch 2022Q1 references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=6a136fc643dfa13d14b3b262791358f9838be2fc

commit 6a136fc643dfa13d14b3b262791358f9838be2fc
Author:     Thomas Zander <riggs@FreeBSD.org>
AuthorDate: 2022-01-09 23:18:42 +0000
Commit:     Thomas Zander <riggs@FreeBSD.org>
CommitDate: 2022-01-09 23:25:38 +0000

    net/uriparser: Update to upstream version 0.9.6

    PR:             261056
    Reviewed by:    svysh.fbsd@gmail.com (maintainer)
    Approved by:    svysh.fbsd@gmail.com (maintainer)
    MFH:            2022Q1
    Security:       CVE-2021-46141
                    CVE-2021-46142

    (cherry picked from commit d927653584b767433abd267d630f8241aa4a3898)

 net/uriparser/Makefile  | 10 +++++-----
 net/uriparser/distinfo  | 14 +++++++-------
 net/uriparser/pkg-plist |  2 +-
 3 files changed, 13 insertions(+), 13 deletions(-)
Comment 5 Thomas Zander freebsd_committer freebsd_triage 2022-01-09 23:32:54 UTC 
Thank you! Committed your reviewed version!