Bug 251791

Summary: security/p11-kit: Update to 0.23.22
Product: Ports & Packages Reporter: Daniel Engberg <diizzy>
Component: Individual Port(s)Assignee: Roman Bogorodskiy <novel>
Status: Closed FIXED    
Severity: Affects Only Me CC: brnrd
Priority: --- Flags: novel: maintainer-feedback+
novel: merge-quarterly?
Version: Latest   
Hardware: Any   
OS: Any   
URL: https://github.com/p11-glue/p11-kit/releases/tag/0.23.22
Attachments:
Description Flags
Patch for p11-kit
none
Patch for p11-kit v2 none

Description Daniel Engberg freebsd_committer freebsd_triage 2020-12-12 17:39:21 UTC
Created attachment 220503 [details]
Patch for p11-kit

Update p11-kit to 0.23.22
Change PORTVERSION to DISTVERSION [1]
Fixes multiple CVEs, CVE-2020-29361, CVE-2020-29362, and CVE-2020-29363

Compile tested on FreeBSD 13.0-CURRENT r367711 (amd64) (make, make check-plist, make test)
Poudriere testport OK 12.2-RELEASE (amd64)
Poudriere testport OK 11.4-RELEASE (amd64)
Comment 1 Daniel Engberg freebsd_committer freebsd_triage 2020-12-12 17:46:08 UTC
References:
"Table 5.2. Package Naming Examples" in Porter's Handbook

I'll try to add a VuXML entry during the weekend unless someone is quicker
Comment 2 Bernard Spil freebsd_committer freebsd_triage 2020-12-12 18:50:30 UTC
(In reply to daniel.engberg.lists from comment #1)

Added vuxml entry fdc49972-3ca7-11eb-929d-d4c9ef517024 in 557848
Comment 3 Daniel Engberg freebsd_committer freebsd_triage 2020-12-12 20:12:08 UTC
Created attachment 220510 [details]
Patch for p11-kit v2

Backport merged patch from upstream repo
Comment 4 commit-hook freebsd_committer freebsd_triage 2020-12-13 06:38:36 UTC
A commit references this bug:

Author: novel
Date: Sun Dec 13 06:38:08 UTC 2020
New revision: 557886
URL: https://svnweb.freebsd.org/changeset/ports/557886

Log:
  security/p11-kit: update to 0.23.22

  PR:		251791
  Submitted by:	daniel.engberg.lists@pyret.net
  MFH:		2020Q4
  Security:	CVE-2020-29361
  Security:	CVE-2020-29362
  Security:	CVE-2020-29363

Changes:
  head/security/p11-kit/Makefile
  head/security/p11-kit/distinfo
Comment 5 Daniel Engberg freebsd_committer freebsd_triage 2021-01-01 12:08:16 UTC
Closing as its committed