Bug 260334 - archivers/p7zip: Add expiration date -- has known vulns and unmaintained
Summary: archivers/p7zip: Add expiration date -- has known vulns and unmaintained
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Many People
Assignee: Carlo Strub
URL:
Keywords: easy, patch, patch-ready
Depends on:
Blocks:
 
Reported: 2021-12-11 08:53 UTC by Chris Hutchinson
Modified: 2021-12-11 22:08 UTC (History)
2 users (show)

See Also:

Attachments
git diff for archivers/p7zip (415 bytes, patch)
2021-12-11 08:53 UTC, Chris Hutchinson 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Chris Hutchinson 2021-12-11 08:53:07 UTC 
Created attachment 230039 [details]
git diff for archivers/p7zip

This pr adds an expiration date for archivers/p7zip
It's currently an unmaintained port and has not been
maintained upstream for years. There are a few
unresolved CVE's as discussed in bug #228239
There was a recent alternative added as
archivers/7-zip which is a fork using the same algos
but unlike p7zip, is actively maintained. So the
(eventual) removal of p7zip should have no real
impact.

Changes
Makefile
DEPRECATED=	Unmaintained for years and has known vulnerabilities
EXPIRATION_DATE=2022-01-01

That's it.

Thanks!

--Chris
Comment 1 commit-hook freebsd_committer freebsd_triage 2021-12-11 22:07:32 UTC 
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=c24478fc61e9e0a9c5d280ac0f0299710b5fd9cc

commit c24478fc61e9e0a9c5d280ac0f0299710b5fd9cc
Author:     Carlo Strub <cs@FreeBSD.org>
AuthorDate: 2021-12-11 22:04:09 +0000
Commit:     Carlo Strub <cs@FreeBSD.org>
CommitDate: 2021-12-11 22:04:09 +0000

    archivers/p7zip: Deprecate

    Vulnerabilities and no upstream maintenance

    PR:             260334
    Reported by:    Chris Hutchinson <portmaster@bsdforge.com>

 archivers/p7zip/Makefile | 3 +++
 1 file changed, 3 insertions(+)