Bug 202261

Summary: [PATCH] devel/py-foolscap: update to 0.8.0, multiple security improvements
Product: Ports & Packages Reporter: Thomas Hurst <tom>
Component: Individual Port(s)Assignee: Kevin Lo <kevlo>
Status: Closed FIXED    
Severity: Affects Some People CC: delphij
Priority: --- Keywords: patch
Version: LatestFlags: bugzilla: maintainer-feedback? (kevlo)
Hardware: Any   
OS: Any   
Attachments:
Description Flags
patch to 0.8.0
none
testport on 10.1 none

Description Thomas Hurst 2015-08-12 00:55:34 UTC 
Created attachment 159791 [details]
patch to 0.8.0

This patch updates from 0.6.4 to 0.8.0, corrects a use of :=, and adds a regression-test target.

Self tests improve in the update thus on 10.1-BETA2:

0.6.4: FAILED (skips=4, failures=1, errors=10, successes=441)
0.8.0: FAILED (skips=4, failures=1, errors=7, successes=462)

0.7.0 includes this security fix:

> The "flappserver" feature was found to have a vulnerability in the
> service-lookup code which, when combined with an attacker who has the ability
> to write files to a location where the flappserver process could read them,
> would allow that attacker to obtain control of the flappserver process.

0.8.0 generates better TLS certificates, and removes unauthenticated Tubs.
Comment 1 Thomas Hurst 2015-08-12 00:56:20 UTC 
Created attachment 159792 [details]
testport on 10.1
Comment 2 commit-hook freebsd_committer freebsd_triage 2015-08-12 05:45:08 UTC 
A commit references this bug:

Author: kevlo
Date: Wed Aug 12 05:44:31 UTC 2015
New revision: 394005
URL: https://svnweb.freebsd.org/changeset/ports/394005

Log:
  Update to 0.8.0

  PR:	202261
  Submitted by:	Thomas Hurst <tom at hur dot st>

Changes:
  head/devel/py-foolscap/Makefile
  head/devel/py-foolscap/distinfo
  head/devel/py-foolscap/files/
Comment 3 Xin LI freebsd_committer freebsd_triage 2015-08-14 00:30:54 UTC 
Committed, thanks!
Comment 4 commit-hook freebsd_committer freebsd_triage 2015-08-14 00:31:30 UTC 
A commit references this bug:

Author: delphij
Date: Fri Aug 14 00:30:39 UTC 2015
New revision: 394200
URL: https://svnweb.freebsd.org/changeset/ports/394200

Log:
  MFH: r394005

  Update to 0.8.0

  PR:	202261
  Submitted by:	Thomas Hurst <tom at hur dot st>
  Approved by:	ports-secteam

Changes:
_U  branches/2015Q3/
  branches/2015Q3/devel/py-foolscap/Makefile
  branches/2015Q3/devel/py-foolscap/distinfo
  branches/2015Q3/devel/py-foolscap/files/