Bug 261056

Summary: net/uriparser: Update to 0.9.6
Product: Ports & Packages Reporter: Thomas Zander <riggs>
Component: Individual Port(s)Assignee: Sergei Vyshenski <svysh.fbsd>
Status: Closed FIXED    
Severity: Affects Only Me CC: svysh.fbsd
Priority: --- Keywords: patch, security
Version: LatestFlags: svysh.fbsd: maintainer-feedback+
riggs: merge-quarterly+
Hardware: Any   
OS: Any   
Attachments:
Description Flags
Update to 0.9.6
none
"git diff" to update the port svysh.fbsd: maintainer-approval+

Description Thomas Zander freebsd_committer freebsd_triage 2022-01-09 11:17:34 UTC 
Created attachment 230840 [details]
Update to 0.9.6

There is an update to uriparser to 0.9.6 to address CVE-2021-46141 and
CVE-2021-46142. Patch is attached. May I commit this?
Comment 1 commit-hook freebsd_committer freebsd_triage 2022-01-09 13:37:43 UTC 
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=0d1194eee10d5cf02f9b619cdfdd1cec8aa709a4

commit 0d1194eee10d5cf02f9b619cdfdd1cec8aa709a4
Author:     Thomas Zander <riggs@FreeBSD.org>
AuthorDate: 2022-01-09 13:34:01 +0000
Commit:     Thomas Zander <riggs@FreeBSD.org>
CommitDate: 2022-01-09 13:37:24 +0000

    security/vuxml: Document vulnerabilities in net/uniparser before 0.9.6

    PR:             261056
    Security:       CVE-2021-46141
                    CVE-2021-46142

 security/vuxml/vuln-2022.xml | 41 +++++++++++++++++++++++++++++++++++++++++
 1 file changed, 41 insertions(+)
Comment 2 Sergei Vyshenski 2022-01-09 19:00:23 UTC 
Created attachment 230848 [details]
"git diff" to update the port

Thomas,
Everything (including googletest's) look fine. 
Please find a new patch:
added some minor cosmetic changes to satisfy new versions of portfmt and of portclippy.
Thank you very much.
Regards, Sergei
Comment 3 commit-hook freebsd_committer freebsd_triage 2022-01-09 23:25:19 UTC 
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=d927653584b767433abd267d630f8241aa4a3898

commit d927653584b767433abd267d630f8241aa4a3898
Author:     Thomas Zander <riggs@FreeBSD.org>
AuthorDate: 2022-01-09 23:18:42 +0000
Commit:     Thomas Zander <riggs@FreeBSD.org>
CommitDate: 2022-01-09 23:18:42 +0000

    net/uriparser: Update to upstream version 0.9.6

    PR:             261056
    Reviewed by:    svysh.fbsd@gmail.com (maintainer)
    Approved by:    svysh.fbsd@gmail.com (maintainer)
    MFH:            2022Q1
    Security:       CVE-2021-46141
                    CVE-2021-46142

 net/uriparser/Makefile  | 10 +++++-----
 net/uriparser/distinfo  | 14 +++++++-------
 net/uriparser/pkg-plist |  2 +-
 3 files changed, 13 insertions(+), 13 deletions(-)
Comment 4 commit-hook freebsd_committer freebsd_triage 2022-01-09 23:31:21 UTC 
A commit in branch 2022Q1 references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=6a136fc643dfa13d14b3b262791358f9838be2fc

commit 6a136fc643dfa13d14b3b262791358f9838be2fc
Author:     Thomas Zander <riggs@FreeBSD.org>
AuthorDate: 2022-01-09 23:18:42 +0000
Commit:     Thomas Zander <riggs@FreeBSD.org>
CommitDate: 2022-01-09 23:25:38 +0000

    net/uriparser: Update to upstream version 0.9.6

    PR:             261056
    Reviewed by:    svysh.fbsd@gmail.com (maintainer)
    Approved by:    svysh.fbsd@gmail.com (maintainer)
    MFH:            2022Q1
    Security:       CVE-2021-46141
                    CVE-2021-46142

    (cherry picked from commit d927653584b767433abd267d630f8241aa4a3898)

 net/uriparser/Makefile  | 10 +++++-----
 net/uriparser/distinfo  | 14 +++++++-------
 net/uriparser/pkg-plist |  2 +-
 3 files changed, 13 insertions(+), 13 deletions(-)
Comment 5 Thomas Zander freebsd_committer freebsd_triage 2022-01-09 23:32:54 UTC 
Thank you! Committed your reviewed version!