Bug 261436

Summary: www/phpmustache: update to 2.14.1
Product: Ports & Packages Reporter: Marc Veldman <marc>
Component: Individual Port(s)Assignee: Fernando Apesteguía <fernape>
Status: Closed FIXED    
Severity: Affects Many People CC: fernape, ports-secteam
Priority: --- Keywords: security
Version: LatestFlags: fernape: merge-quarterly+
Hardware: Any   
OS: Any   
URL: https://github.com/bobthecow/mustache.php/releases/tag/v2.14.1
Attachments:
Description Flags
Patch to update to 2.14.1 marc: maintainer-approval+

Description Marc Veldman 2022-01-24 18:08:22 UTC 
Created attachment 231280 [details]
Patch to update to 2.14.1

- Fix for CVE-2022-0323 https://nvd.nist.gov/vuln/detail/CVE-2022-0323
- Other minor fixes
Comment 1 Fernando Apesteguía freebsd_committer freebsd_triage 2022-01-26 12:38:13 UTC 
^Triage: If there is a changelog or release notes URL available for this version, please add it to the URL field.

^Triage: Please set the maintainer-approval attachment flag (to +) on patches for ports you maintain to signify approval.
--
Attachment -> Details -> maintainer-approval [+]


Thanks!
Comment 2 Marc Veldman 2022-01-26 12:44:21 UTC 
I've updated the fields as requested.
My apologies for the oversight.
Comment 3 Fernando Apesteguía freebsd_committer freebsd_triage 2022-01-26 12:51:10 UTC 
No worries. Thanks!
Comment 4 Fernando Apesteguía freebsd_committer freebsd_triage 2022-01-27 06:51:07 UTC 
This fixes CVE-2022-0323.

Remainder: This needs a Vuxml entry.
Comment 5 commit-hook freebsd_committer freebsd_triage 2022-01-27 07:19:13 UTC 
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=6901bf72b3b20f999a6a6141acf5c99219e65198

commit 6901bf72b3b20f999a6a6141acf5c99219e65198
Author:     Marc Veldman <marc@bumblingdork.com>
AuthorDate: 2022-01-26 12:38:17 +0000
Commit:     Fernando Apesteguía <fernape@FreeBSD.org>
CommitDate: 2022-01-27 07:17:08 +0000

    www/phpmustache: update to 2.14.1

    ChangeLog: https://github.com/bobthecow/mustache.php/releases/tag/v2.14.1

     * Fix for CVE-2022-0323
     * Other minor fixes

    VuXml entry to follow soon.

    PR:     261436
    Reported by:    marc@bumblingdork.com (maintainer)
    Security:       CVE-2022-0323
    MFH:    2022Q1 (security release)

 www/phpmustache/Makefile | 2 +-
 www/phpmustache/distinfo | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)
Comment 6 commit-hook freebsd_committer freebsd_triage 2022-01-27 07:23:15 UTC 
A commit in branch 2022Q1 references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=4f146094da078e8249815fa8cd510d9fb6e9afc0

commit 4f146094da078e8249815fa8cd510d9fb6e9afc0
Author:     Marc Veldman <marc@bumblingdork.com>
AuthorDate: 2022-01-26 12:38:17 +0000
Commit:     Fernando Apesteguía <fernape@FreeBSD.org>
CommitDate: 2022-01-27 07:20:24 +0000

    www/phpmustache: update to 2.14.1

    ChangeLog: https://github.com/bobthecow/mustache.php/releases/tag/v2.14.1

     * Fix for CVE-2022-0323
     * Other minor fixes

    VuXml entry to follow soon.

    PR:     261436
    Reported by:    marc@bumblingdork.com (maintainer)
    Security:       CVE-2022-0323
    MFH:    2022Q1 (security release)

    (cherry picked from commit 6901bf72b3b20f999a6a6141acf5c99219e65198)

 www/phpmustache/Makefile | 2 +-
 www/phpmustache/distinfo | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)
Comment 7 Fernando Apesteguía freebsd_committer freebsd_triage 2022-01-27 07:23:49 UTC 
Committed and merged to 2022Q1

Thanks!