Bug 233419

Summary: www/tt-rss: Update to bc42dfb790 g20181122 due to CVE-2018-19296
Product: Ports & Packages Reporter: Derek Schrock <dereks>
Component: Individual Port(s)Assignee: Thierry Thomas <thierry>
Status: Closed FIXED    
Severity: Affects Some People CC: ports-secteam
Priority: Normal Keywords: needs-qa, security
Version: LatestFlags: bugzilla: maintainer-feedback? (thierry)
koobs: merge-quarterly?
Hardware: Any   
OS: Any   
See Also: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=233420
Attachments:
Description Flags
update to bc42dfb790 g20181122 none

Description Derek Schrock 2018-11-23 00:26:18 UTC
Created attachment 199463 [details]
update to bc42dfb790 g20181122

Update to commit bc42dfb790 g20181122 that removes [1] phpmailer
due to CVE-2018-19296 [2] in favor of php's mail().

Also, move USES* section around to appease portlint.

[1] https://discourse.tt-rss.org/t/phpmailer-cve-2018-19296-update/1635/2?u=derekschrock
[2] https://github.com/PHPMailer/PHPMailer/releases/tag/v5.2.27

portlint: OK, minor warnings
testport: OK (poudriere: 11amd64)
Comment 1 Thierry Thomas freebsd_committer 2018-11-23 17:49:43 UTC
Committed, thanks!
Comment 2 commit-hook freebsd_committer 2018-11-23 17:50:31 UTC
A commit references this bug:

Author: thierry
Date: Fri Nov 23 17:49:34 UTC 2018
New revision: 485696
URL: https://svnweb.freebsd.org/changeset/ports/485696

Log:
  Update to bc42dfb790 g20181122 due to CVE-2018-19296 (phpmailer).

  PR:		233419
  Submitted by:	dereks (at) lifeofadishwasher.com
  Security:	CVE-2018-19296

Changes:
  head/www/tt-rss/Makefile
  head/www/tt-rss/distinfo
  head/www/tt-rss/pkg-plist