Bug 210458 - www/piwik: Update to 2.16.1 (security update)
Summary: www/piwik: Update to 2.16.1 (security update)
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Some People
Assignee: Torsten Zuehlsdorff
URL:
Keywords: easy, patch, patch-ready, security
Depends on:
Blocks:
 
Reported: 2016-06-22 09:12 UTC by Torsten Zuehlsdorff
Modified: 2016-06-25 02:29 UTC (History)
3 users (show)

See Also:
hans: maintainer-feedback+
koobs: merge-quarterly+

Attachments
path with update to 2.16.1 (8.49 KB, patch)
2016-06-22 09:12 UTC, Torsten Zuehlsdorff 		hans: maintainer-approval+
Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Torsten Zuehlsdorff freebsd_committer freebsd_triage 2016-06-22 09:12:03 UTC 
Created attachment 171669 [details]
path with update to 2.16.1

Aloha,

attached a patch to update wwW/piwik to its current version 2.16.1.

I performed a build test for: 9.3, 10.1, 10.2, 10.3 and current for i386 and amd64. I also was able to start it. 

A vuxml entry is missing and will provided later.

Greetings,
Torsten
Comment 1 VK freebsd_triage 2016-06-22 09:23:26 UTC 
Thanks. Also CC'ing ports-secteam@.
Comment 2 Hans Fredrik Nordhaug 2016-06-22 11:54:09 UTC 
Approved by maintainer. (This release passed under my radar - not good.)
Comment 3 VK freebsd_triage 2016-06-22 14:08:49 UTC 
(In reply to Hans Fredrik Nordhaug from comment #2)

Please flag the attachment as maintainer-approval(+) as that will help track the issue properly through Maintainer Approved saved search. Also please don't forget to flag the PR with maintainer-feedback(+) to avoid maintainer timeout. :)
Comment 4 Hans Fredrik Nordhaug 2016-06-23 09:35:37 UTC 
Thx, Vladimir for the advice.

When you enter a comment all the form options including flags are hard to see/easy to ignore. I found "maintainer-feedback" (twice), but no "maintainer-approval". A-ha, the "maintainer-approval" is on the actual attachment. Hope everything is OK now.
Comment 5 VK freebsd_triage 2016-06-23 11:21:28 UTC 
(In reply to Hans Fredrik Nordhaug from comment #4)

Perfect, thanks!
Comment 6 commit-hook freebsd_committer freebsd_triage 2016-06-23 11:54:37 UTC 
A commit references this bug:

Author: tz
Date: Thu Jun 23 11:54:17 UTC 2016
New revision: 417366
URL: https://svnweb.freebsd.org/changeset/ports/417366

Log:
  www/piwik: Upgrade from 2.16.0 to 2.16.1

  Changes: http://piwik.org/changelog/piwik-2-16-1/

  - The update also contains security fixes.

  PR:          210458
  Approved by: pi (mentor)

Changes:
  head/www/piwik/Makefile
  head/www/piwik/distinfo
  head/www/piwik/pkg-plist
Comment 7 commit-hook freebsd_committer freebsd_triage 2016-06-23 15:45:00 UTC 
A commit references this bug:

Author: feld
Date: Thu Jun 23 15:44:35 UTC 2016
New revision: 417380
URL: https://svnweb.freebsd.org/changeset/ports/417380

Log:
  MFH: r416928 r417366

  www/piwik: Upgrade from 2.16.0 to 2.16.1

  - Add missing depends
  - The update also contains security fixes.

  Changes: http://piwik.org/changelog/piwik-2-16-1/

  PR:          210458
  Approved by: pi (mentor)

  Approved by:	ports-secteam (with hat)

Changes:
_U  branches/2016Q2/
  branches/2016Q2/www/piwik/Makefile
  branches/2016Q2/www/piwik/distinfo
  branches/2016Q2/www/piwik/pkg-plist
Comment 8 commit-hook freebsd_committer freebsd_triage 2016-06-23 15:53:04 UTC 
A commit references this bug:

Author: feld
Date: Thu Jun 23 15:52:40 UTC 2016
New revision: 417381
URL: https://svnweb.freebsd.org/changeset/ports/417381

Log:
  Add piwik XSS to vuxml

  No further information is available. No CVE has been assigned.

  PR:		210458

Changes:
  head/security/vuxml/vuln.xml
Comment 9 Kubilay Kocak freebsd_committer freebsd_triage 2016-06-25 02:29:49 UTC 
Record that this was committed to quarterly