Created attachment 212608 [details] Patch 9.4.2 to 9.4.5 Patch from 9.4.2 to 9.4.5. This patch updates www/glpi to the latest version (new features and several security fixes). ChangeLogs - 9.4.5: https://github.com/glpi-project/glpi/milestone/38?closed=1 - 9.4.4: https://github.com/glpi-project/glpi/milestone/37?closed=1 - 9.4.3: https://github.com/glpi-project/glpi/milestone/36?closed=1 This patch fixes - PR 242476 Also attached the Poudriere testport logs.
Created attachment 212609 [details] Poudriere logs for 9.4.5
Build info is available at https://gitlab.com/swills/freebsd-ports/pipelines/128552881
^Triage: Please set the maintainer-approval attachment flag (to +) on patches for ports you maintain to signify approval Attachment -> Details -> maintainer-approval [+] Pending VuXML entry
(In reply to Kubilay Kocak from comment #3) Done. Thank you.
@koobs Those patches address many security fixes in GLPI. I think everything is fine with my patch. Am I missing something? Thanks :)
(In reply to Kubilay Kocak from comment #3) Anything needed on my side for this patch to be merged? It fixes several security issues so pretty important to upgrade the port IMO. Thank you.
(In reply to Mathias Monnerville from comment #5) Understood, the issue has been triaged as a security issue. The onlt thing outstanding is a relevant VuXML entry (comment 3) to be added to the security/vuxml port. This can be done by any one, committers or contributors. The relevant section in the Porters Handbook is: https://www.freebsd.org/doc/en_US.ISO8859-1/books/porters-handbook/security-notify.html If you'd like to try to create the vuxml entry and need assistance, you'll be able to get support on our #freebsd-ports channel on freenode IRC
(In reply to Kubilay Kocak from comment #7) Okay, first time I have to do it on this port, wasn't aware it was required. Thank you, will work on it ASAP.
(In reply to Kubilay Kocak from comment #7) Hi @koobs, I'm adding a patch here to `vuln.xml` with 2 entries added. Could you speed up the process by applying this patch to `security/vuxml` maybe? GLPI installations should be updated ASAP to 9.4.5. Thank you.
Created attachment 214149 [details] Updated vuln.xml with 2 entries related to GLPI For the `security/vuxml` port.
A commit references this bug: Author: joneum Date: Sat May 9 08:23:43 UTC 2020 New revision: 534722 URL: https://svnweb.freebsd.org/changeset/ports/534722 Log: add entry for www/glpi PR: 244971 Sponsored by: Netzkommune GmbH Changes: head/security/vuxml/vuln.xml
A commit references this bug: Author: joneum Date: Sun May 10 08:53:53 UTC 2020 New revision: 534833 URL: https://svnweb.freebsd.org/changeset/ports/534833 Log: Update to 9.4.5 ChangeLogs - 9.4.5: https://github.com/glpi-project/glpi/milestone/38?closed=1 - 9.4.4: https://github.com/glpi-project/glpi/milestone/37?closed=1 - 9.4.3: https://github.com/glpi-project/glpi/milestone/36?closed=1 PR: 244971 MFH: 2020Q2 Security: d222241d-91cc-11ea-82b8-4c72b94353b5 Sponsored by: Netzkommune GmbH Changes: head/www/glpi/Makefile head/www/glpi/distinfo head/www/glpi/pkg-plist
A commit references this bug: Author: joneum Date: Sun May 10 08:55:07 UTC 2020 New revision: 534834 URL: https://svnweb.freebsd.org/changeset/ports/534834 Log: MFH: r534833 Update to 9.4.5 ChangeLogs - 9.4.5: https://github.com/glpi-project/glpi/milestone/38?closed=1 - 9.4.4: https://github.com/glpi-project/glpi/milestone/37?closed=1 - 9.4.3: https://github.com/glpi-project/glpi/milestone/36?closed=1 PR: 244971 Security: d222241d-91cc-11ea-82b8-4c72b94353b5 Sponsored by: Netzkommune GmbH Approved by: ports-secteam (with hat) Changes: _U branches/2020Q2/ branches/2020Q2/www/glpi/Makefile branches/2020Q2/www/glpi/distinfo branches/2020Q2/www/glpi/pkg-plist