Bug 231019
| Summary: | www/grafana5: Update to 5.2.3, fixes LDAP & OAuth login vulnerability (CVE-2018-558213) | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Product: | Ports & Packages | Reporter: | Dmitri Goutnik <dmgk> | ||||||||||
| Component: | Individual Port(s) | Assignee: | Steve Wills <swills> | ||||||||||
| Status: | Closed FIXED | ||||||||||||
| Severity: | Affects Only Me | CC: | 8jo-omarcos1, christophernav216, ndowens04, swills | ||||||||||
| Priority: | --- | Flags: | bugzilla:
maintainer-feedback?
(swills) |
||||||||||
| Version: | Latest | ||||||||||||
| Hardware: | Any | ||||||||||||
| OS: | Any | ||||||||||||
| URL: | https://github.com/grafana/grafana/releases/tag/v5.2.3 | ||||||||||||
| See Also: | https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=231021 | ||||||||||||
| Attachments: |
|
||||||||||||
|
Description
Dmitri Goutnik
2018-08-30 13:09:34 UTC
Created attachment 196705 [details]
vuxml-grafana5.patch
I get: Error: Orphaned: %%DATADIR%%/public/build/0.6aa12092d3333cb24394.js Error: Orphaned: %%DATADIR%%/public/build/0.6aa12092d3333cb24394.js.map Error: Orphaned: %%DATADIR%%/public/build/1.6aa12092d3333cb24394.js Error: Orphaned: %%DATADIR%%/public/build/1.6aa12092d3333cb24394.js.map Error: Orphaned: %%DATADIR%%/public/build/app.6aa12092d3333cb24394.js Error: Orphaned: %%DATADIR%%/public/build/app.6aa12092d3333cb24394.js.map Error: Orphaned: %%DATADIR%%/public/build/dark.6aa12092d3333cb24394.js Error: Orphaned: %%DATADIR%%/public/build/dark.6aa12092d3333cb24394.js.map Error: Orphaned: %%DATADIR%%/public/build/light.6aa12092d3333cb24394.js Error: Orphaned: %%DATADIR%%/public/build/light.6aa12092d3333cb24394.js.map Error: Orphaned: %%DATADIR%%/public/build/manifest.6aa12092d3333cb24394.js Error: Orphaned: %%DATADIR%%/public/build/manifest.6aa12092d3333cb24394.js.map Error: Orphaned: %%DATADIR%%/public/build/vendor.6aa12092d3333cb24394.js Error: Orphaned: %%DATADIR%%/public/build/vendor.6aa12092d3333cb24394.js.map ===> Checking for items in pkg-plist which are not in STAGEDIR Error: Missing: %%DATADIR%%/public/build/0.4f5454f867a0cc2fe8dd.js Error: Missing: %%DATADIR%%/public/build/0.4f5454f867a0cc2fe8dd.js.map Error: Missing: %%DATADIR%%/public/build/1.4f5454f867a0cc2fe8dd.js Error: Missing: %%DATADIR%%/public/build/1.4f5454f867a0cc2fe8dd.js.map Error: Missing: %%DATADIR%%/public/build/app.4f5454f867a0cc2fe8dd.js Error: Missing: %%DATADIR%%/public/build/app.4f5454f867a0cc2fe8dd.js.map Error: Missing: %%DATADIR%%/public/build/dark.4f5454f867a0cc2fe8dd.js Error: Missing: %%DATADIR%%/public/build/dark.4f5454f867a0cc2fe8dd.js.map Error: Missing: %%DATADIR%%/public/build/light.4f5454f867a0cc2fe8dd.js Error: Missing: %%DATADIR%%/public/build/light.4f5454f867a0cc2fe8dd.js.map Error: Missing: %%DATADIR%%/public/build/manifest.4f5454f867a0cc2fe8dd.js Error: Missing: %%DATADIR%%/public/build/manifest.4f5454f867a0cc2fe8dd.js.map Error: Missing: %%DATADIR%%/public/build/vendor.4f5454f867a0cc2fe8dd.js Error: Missing: %%DATADIR%%/public/build/vendor.4f5454f867a0cc2fe8dd.js.map ===> Error: Plist issues found. *** Error code 1 Will submit a patch to fix the plist Created attachment 196731 [details]
plist patch
Created attachment 196732 [details]
plist fix
Comment on attachment 196732 [details]
plist fix
After updating, it makes etcdir.conf.sample for some reason
A commit references this bug: Author: swills Date: Fri Aug 31 23:47:51 UTC 2018 New revision: 478626 URL: https://svnweb.freebsd.org/changeset/ports/478626 Log: Document grafana issues PR: 231019 PR: 231020 PR: 231021 PR: 231022 Changes: head/security/vuxml/vuln.xml A commit references this bug: Author: swills Date: Fri Aug 31 23:48:16 UTC 2018 New revision: 478631 URL: https://svnweb.freebsd.org/changeset/ports/478631 Log: www/grafana5: Update to 5.2.3 PR: 231019 Submitted by: Dmitri Goutnik <dg@syrec.org> Security: 1f8d5806-ac51-11e8-9cb6-10c37b4ac2ea Changes: head/www/grafana5/Makefile head/www/grafana5/distinfo head/www/grafana5/pkg-plist Committed, thanks! MARKED AS SPAM MARKED AS SPAM |