Bug 261056 - net/uriparser: Update to 0.9.6
Summary: net/uriparser: Update to 0.9.6
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Sergei Vyshenski
URL:
Keywords: patch, security
Depends on:
Blocks:
 
Reported: 2022-01-09 11:17 UTC by Thomas Zander
Modified: 2022-01-09 23:32 UTC (History)
1 user (show)

See Also:
svysh.fbsd: maintainer-feedback+
riggs: merge-quarterly+


Attachments
Update to 0.9.6 (1.99 KB, text/plain)
2022-01-09 11:17 UTC, Thomas Zander
no flags Details
"git diff" to update the port (2.66 KB, patch)
2022-01-09 19:00 UTC, Sergei Vyshenski
svysh.fbsd: maintainer-approval+
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Thomas Zander freebsd_committer freebsd_triage 2022-01-09 11:17:34 UTC
Created attachment 230840 [details]
Update to 0.9.6

There is an update to uriparser to 0.9.6 to address CVE-2021-46141 and
CVE-2021-46142. Patch is attached. May I commit this?
Comment 1 commit-hook freebsd_committer freebsd_triage 2022-01-09 13:37:43 UTC
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=0d1194eee10d5cf02f9b619cdfdd1cec8aa709a4

commit 0d1194eee10d5cf02f9b619cdfdd1cec8aa709a4
Author:     Thomas Zander <riggs@FreeBSD.org>
AuthorDate: 2022-01-09 13:34:01 +0000
Commit:     Thomas Zander <riggs@FreeBSD.org>
CommitDate: 2022-01-09 13:37:24 +0000

    security/vuxml: Document vulnerabilities in net/uniparser before 0.9.6

    PR:             261056
    Security:       CVE-2021-46141
                    CVE-2021-46142

 security/vuxml/vuln-2022.xml | 41 +++++++++++++++++++++++++++++++++++++++++
 1 file changed, 41 insertions(+)
Comment 2 Sergei Vyshenski 2022-01-09 19:00:23 UTC
Created attachment 230848 [details]
"git diff" to update the port

Thomas,
Everything (including googletest's) look fine. 
Please find a new patch:
added some minor cosmetic changes to satisfy new versions of portfmt and of portclippy.
Thank you very much.
Regards, Sergei
Comment 3 commit-hook freebsd_committer freebsd_triage 2022-01-09 23:25:19 UTC
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=d927653584b767433abd267d630f8241aa4a3898

commit d927653584b767433abd267d630f8241aa4a3898
Author:     Thomas Zander <riggs@FreeBSD.org>
AuthorDate: 2022-01-09 23:18:42 +0000
Commit:     Thomas Zander <riggs@FreeBSD.org>
CommitDate: 2022-01-09 23:18:42 +0000

    net/uriparser: Update to upstream version 0.9.6

    PR:             261056
    Reviewed by:    svysh.fbsd@gmail.com (maintainer)
    Approved by:    svysh.fbsd@gmail.com (maintainer)
    MFH:            2022Q1
    Security:       CVE-2021-46141
                    CVE-2021-46142

 net/uriparser/Makefile  | 10 +++++-----
 net/uriparser/distinfo  | 14 +++++++-------
 net/uriparser/pkg-plist |  2 +-
 3 files changed, 13 insertions(+), 13 deletions(-)
Comment 4 commit-hook freebsd_committer freebsd_triage 2022-01-09 23:31:21 UTC
A commit in branch 2022Q1 references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=6a136fc643dfa13d14b3b262791358f9838be2fc

commit 6a136fc643dfa13d14b3b262791358f9838be2fc
Author:     Thomas Zander <riggs@FreeBSD.org>
AuthorDate: 2022-01-09 23:18:42 +0000
Commit:     Thomas Zander <riggs@FreeBSD.org>
CommitDate: 2022-01-09 23:25:38 +0000

    net/uriparser: Update to upstream version 0.9.6

    PR:             261056
    Reviewed by:    svysh.fbsd@gmail.com (maintainer)
    Approved by:    svysh.fbsd@gmail.com (maintainer)
    MFH:            2022Q1
    Security:       CVE-2021-46141
                    CVE-2021-46142

    (cherry picked from commit d927653584b767433abd267d630f8241aa4a3898)

 net/uriparser/Makefile  | 10 +++++-----
 net/uriparser/distinfo  | 14 +++++++-------
 net/uriparser/pkg-plist |  2 +-
 3 files changed, 13 insertions(+), 13 deletions(-)
Comment 5 Thomas Zander freebsd_committer freebsd_triage 2022-01-09 23:32:54 UTC
Thank you! Committed your reviewed version!