Bug 252291

Summary: irc/inspircd: Update to 3.8.1 (fixes security vulnerability)
Product: Ports & Packages Reporter: Sadie Powell <sadie>
Component: Individual Port(s)Assignee: Joseph Mingrone <jrm>
Status: Closed FIXED    
Severity: Affects Many People CC: jrm
Priority: Normal Keywords: security
Version: LatestFlags: koobs: merge-quarterly-
Hardware: Any   
OS: Any   
URL: https://docs.inspircd.org/3/change-log/#inspircd-381

Description Sadie Powell 2020-12-30 19:39:36 UTC 
Hello,

I'm the upstream maintainer for the software in this package. In v3.8.1 we released a fix for security advisory 2020-02 (https://docs.inspircd.org/security/2020-02/). Currently FreeBSD is packaging v3.7.0 which is vulnerable to this vulnerability. Would it be possible for you to update it to fix this?

There have been no breaking changes between these two releases but here is the changelog for this version if you need it: https://docs.inspircd.org/3/change-log/#inspircd-381

Thanks,

~Sadie
Comment 1 commit-hook freebsd_committer freebsd_triage 2021-01-01 04:06:45 UTC 
A commit references this bug:

Author: jrm
Date: Fri Jan  1 04:06:34 UTC 2021
New revision: 559799
URL: https://svnweb.freebsd.org/changeset/ports/559799

Log:
  irc/inspircd: Update to version 3.8.1

  - Apply suggestions from portclippy/portfmt/portlint
  - Remove multiple no-op REINPLACE_CMD

  https://docs.inspircd.org/3/change-log/#inspircd-381

  PR:		252291
  Reported by:	Sadie Powell <sadie@witchery.services>

Changes:
  head/irc/inspircd/Makefile
  head/irc/inspircd/distinfo
  head/irc/inspircd/files/patch-make_template_inspircd
  head/irc/inspircd/files/patch-make_template_main.mk
Comment 2 commit-hook freebsd_committer freebsd_triage 2021-01-01 04:31:48 UTC 
A commit references this bug:

Author: jrm
Date: Fri Jan  1 04:31:38 UTC 2021
New revision: 559800
URL: https://svnweb.freebsd.org/changeset/ports/559800

Log:
  Document inspircd vulnerabilitiy

  PR:		252291
  Reported by:	Sadie Powell <sadie@witchery.services>

Changes:
  head/security/vuxml/vuln.xml
Comment 3 Joseph Mingrone freebsd_committer freebsd_triage 2021-01-01 04:32:23 UTC 
Committed.  Thanks!
Comment 4 Kubilay Kocak freebsd_committer freebsd_triage 2021-01-01 05:05:58 UTC 
^Triage: 

- Assign to committer that resolved
- Track non MFH (assuming end of current quarter as reason)