Bug 210458

Summary: www/piwik: Update to 2.16.1 (security update)
Product: Ports & Packages Reporter: Torsten Zuehlsdorff <tz>
Component: Individual Port(s)Assignee: Torsten Zuehlsdorff <tz>
Status: Closed FIXED    
Severity: Affects Some People CC: feld, hans, ports-secteam
Priority: Normal Keywords: easy, patch, patch-ready, security
Version: LatestFlags: hans: maintainer-feedback+
koobs: merge-quarterly+
Hardware: Any   
OS: Any   
Attachments:
Description Flags
path with update to 2.16.1 hans: maintainer-approval+

Description Torsten Zuehlsdorff freebsd_committer freebsd_triage 2016-06-22 09:12:03 UTC
Created attachment 171669 [details]
path with update to 2.16.1

Aloha,

attached a patch to update wwW/piwik to its current version 2.16.1.

I performed a build test for: 9.3, 10.1, 10.2, 10.3 and current for i386 and amd64. I also was able to start it. 

A vuxml entry is missing and will provided later.

Greetings,
Torsten
Comment 1 VK 2016-06-22 09:23:26 UTC
Thanks. Also CC'ing ports-secteam@.
Comment 2 Hans Fredrik Nordhaug 2016-06-22 11:54:09 UTC
Approved by maintainer. (This release passed under my radar - not good.)
Comment 3 VK 2016-06-22 14:08:49 UTC
(In reply to Hans Fredrik Nordhaug from comment #2)

Please flag the attachment as maintainer-approval(+) as that will help track the issue properly through Maintainer Approved saved search. Also please don't forget to flag the PR with maintainer-feedback(+) to avoid maintainer timeout. :)
Comment 4 Hans Fredrik Nordhaug 2016-06-23 09:35:37 UTC
Thx, Vladimir for the advice.

When you enter a comment all the form options including flags are hard to see/easy to ignore. I found "maintainer-feedback" (twice), but no "maintainer-approval". A-ha, the "maintainer-approval" is on the actual attachment. Hope everything is OK now.
Comment 5 VK 2016-06-23 11:21:28 UTC
(In reply to Hans Fredrik Nordhaug from comment #4)

Perfect, thanks!
Comment 6 commit-hook freebsd_committer freebsd_triage 2016-06-23 11:54:37 UTC
A commit references this bug:

Author: tz
Date: Thu Jun 23 11:54:17 UTC 2016
New revision: 417366
URL: https://svnweb.freebsd.org/changeset/ports/417366

Log:
  www/piwik: Upgrade from 2.16.0 to 2.16.1

  Changes: http://piwik.org/changelog/piwik-2-16-1/

  - The update also contains security fixes.

  PR:          210458
  Approved by: pi (mentor)

Changes:
  head/www/piwik/Makefile
  head/www/piwik/distinfo
  head/www/piwik/pkg-plist
Comment 7 commit-hook freebsd_committer freebsd_triage 2016-06-23 15:45:00 UTC
A commit references this bug:

Author: feld
Date: Thu Jun 23 15:44:35 UTC 2016
New revision: 417380
URL: https://svnweb.freebsd.org/changeset/ports/417380

Log:
  MFH: r416928 r417366

  www/piwik: Upgrade from 2.16.0 to 2.16.1

  - Add missing depends
  - The update also contains security fixes.

  Changes: http://piwik.org/changelog/piwik-2-16-1/

  PR:          210458
  Approved by: pi (mentor)

  Approved by:	ports-secteam (with hat)

Changes:
_U  branches/2016Q2/
  branches/2016Q2/www/piwik/Makefile
  branches/2016Q2/www/piwik/distinfo
  branches/2016Q2/www/piwik/pkg-plist
Comment 8 commit-hook freebsd_committer freebsd_triage 2016-06-23 15:53:04 UTC
A commit references this bug:

Author: feld
Date: Thu Jun 23 15:52:40 UTC 2016
New revision: 417381
URL: https://svnweb.freebsd.org/changeset/ports/417381

Log:
  Add piwik XSS to vuxml

  No further information is available. No CVE has been assigned.

  PR:		210458

Changes:
  head/security/vuxml/vuln.xml
Comment 9 Kubilay Kocak freebsd_committer freebsd_triage 2016-06-25 02:29:49 UTC
Record that this was committed to quarterly