Bug 240613

Summary: textproc/expat2: Update 2.2.7 -> 2.2.8
Product: Ports & Packages Reporter: Kurt Jaeger <pi>
Component: Individual Port(s)Assignee: Kurt Jaeger <pi>
Status: Closed FIXED    
Severity: Affects Only Me CC: pi, svysh.fbsd
Priority: --- Flags: svysh.fbsd: maintainer-feedback+
antoine: exp-run+
Version: Latest   
Hardware: Any   
OS: Any   
Attachments:
Description Flags
patch
none
vuxml entry svysh.fbsd: maintainer-approval+

Description Kurt Jaeger freebsd_committer freebsd_triage 2019-09-16 11:22:57 UTC 
Created attachment 207535 [details]
patch

TODO: exp-run ?
Comment 1 Sergei Vyshenski 2019-09-16 17:17:46 UTC 
A note from maintainer.
Tested with poudriere @12.0, ok.
Comment 2 Sergei Vyshenski 2019-09-17 13:59:22 UTC 
Created attachment 207575 [details]
vuxml entry

vuxml entry
Comment 3 Antoine Brodin freebsd_committer freebsd_triage 2019-09-19 11:49:22 UTC 
Exp-run looks fine
Comment 4 commit-hook freebsd_committer freebsd_triage 2019-09-19 12:38:04 UTC 
A commit references this bug:

Author: pi
Date: Thu Sep 19 12:37:41 UTC 2019
New revision: 512335
URL: https://svnweb.freebsd.org/changeset/ports/512335

Log:
  textproc/expat2: upgrade 2.2.7 -> 2.2.8

  PR:		240613
  Submitted by:	Sergei Vyshenski <svysh.fbsd@gmail.com> (maintainer)
  Exp-Run by:	antoine
  Relnotes:	https://github.com/libexpat/libexpat/blob/R_2_2_8/expat/Changes
  Security:	CVE-2019-15903

Changes:
  head/textproc/expat2/Makefile
  head/textproc/expat2/distinfo
  head/textproc/expat2/pkg-plist
Comment 5 Kurt Jaeger freebsd_committer freebsd_triage 2019-09-19 12:39:35 UTC 
No MFH because of functional changes in 2.2.7, which might cause other problems in the quarterly tree.
Comment 6 commit-hook freebsd_committer freebsd_triage 2019-09-19 12:44:06 UTC 
A commit references this bug:

Author: pi
Date: Thu Sep 19 12:43:21 UTC 2019
New revision: 512338
URL: https://svnweb.freebsd.org/changeset/ports/512338

Log:
  security/vuxml: add entry for CVE-2019-15903 in expat < 2.2.8

  PR:		240613
  Submitted by:	Sergei Vyshenski <svysh.fbsd@gmail.com> (maintainer)

Changes:
  head/security/vuxml/vuln.xml
Comment 7 Kurt Jaeger freebsd_committer freebsd_triage 2019-09-19 12:47:20 UTC 
Committed, thanks!
Comment 8 commit-hook freebsd_committer freebsd_triage 2019-09-25 17:45:46 UTC 
A commit references this bug:

Author: delphij
Date: Wed Sep 25 17:45:04 UTC 2019
New revision: 512800
URL: https://svnweb.freebsd.org/changeset/ports/512800

Log:
  MFH: r512162, r512335

  textproc/expat2: upgrade 2.2.6 -> 2.2.7

  - exp-run by antoine

  PR:		238864
  Submitted by:	Sergei Vyshenski <svysh.fbsd@gmail.com> (maintainer)
  Reviewed by:	koobs
  Relnotes:	https://github.com/libexpat/libexpat/blob/R_2_2_7/expat/Changes
  Security:	https://github.com/libexpat/libexpat/issues/186
  		https://github.com/libexpat/libexpat/pull/262

  textproc/expat2: upgrade 2.2.7 -> 2.2.8

  PR:		240613
  Submitted by:	Sergei Vyshenski <svysh.fbsd@gmail.com> (maintainer)
  Exp-Run by:	antoine
  Relnotes:	https://github.com/libexpat/libexpat/blob/R_2_2_8/expat/Changes
  Security:	CVE-2019-15903

  Approved by:	ports-secteam

Changes:
_U  branches/2019Q3/
  branches/2019Q3/textproc/expat2/Makefile
  branches/2019Q3/textproc/expat2/distinfo
  branches/2019Q3/textproc/expat2/pkg-plist