Bug 166307 - [SECURITY UPDATE] security/gnutls
Summary: [SECURITY UPDATE] security/gnutls
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Only Me
Assignee: Xin LI
Depends on:
Reported: 2012-03-21 22:50 UTC by Xin LI
Modified: 2012-04-05 11:20 UTC (History)
1 user (show)

See Also:

gnutls.diff (1.86 KB, patch)
2012-03-21 22:50 UTC, Xin LI
no flags Details | Diff
bump.diff (128.00 KB, patch)
2012-03-21 23:24 UTC, Xin LI
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Xin LI freebsd_committer 2012-03-21 22:50:13 UTC
	This proposed patch is intended for a pointyhat build to validate
if there is build breakage, as the changeset would introduce a shared
library bump.
Comment 1 Edwin Groothuis freebsd_committer 2012-03-21 22:50:25 UTC
Responsible Changed
From-To: freebsd-ports-bugs->novel

Over to maintainer (via the GNATS Auto Assign Tool)
Comment 2 Xin LI 2012-03-21 23:24:40 UTC
Hash: SHA256

Attached is the proposed diff for version bumps to chase the shared
library bump.

- -- 
Xin LI <delphij@delphij.net>	https://www.delphij.net/
FreeBSD - The Power to Serve!		Live free or die
Version: GnuPG v2.0.18 (FreeBSD)

Comment 3 Xin LI freebsd_committer 2012-03-21 23:26:05 UTC
Responsible Changed
From-To: novel->portmgr

Pointyhat build requested.
Comment 4 Pav Lucistnik freebsd_committer 2012-03-22 08:52:11 UTC
On 2012/03/22 00:30, Xin Li wrote:

>   Attached is the proposed diff for version bumps to chase the shared
>   library bump.

The patch is truncated somewhere around emulators/qemu.

Pav Lucistnik <pav@oook.cz>
Comment 5 Pav Lucistnik freebsd_committer 2012-03-25 10:51:25 UTC
Responsible Changed
From-To: portmgr->delphij

No build failures detected with new version in experimental run on pointyhat.
Comment 6 dfilter service freebsd_committer 2012-03-25 16:25:12 UTC
novel       2012-03-25 15:24:24 UTC

  FreeBSD ports repository

  Modified files:
    security/gnutls      Makefile distinfo 
  Added files:
    security/gnutls/files patch-lib-Makefile.in 
  Update to 2.12.18. This update includes a dirty hack to prevent shared
  library bump which is necessary because of not properly set LIBTOOLFILES.
  This would be properly fixed after ports slush is over.
  PR:             166307
  Submitted by:   delphij
  Security:       CVE-2012-1569, CVE-2012-1573
  Feature safe:   yes
  Revision  Changes    Path
  1.100     +1 -1      ports/security/gnutls/Makefile
  1.43      +2 -2      ports/security/gnutls/distinfo
  1.1       +15 -0     ports/security/gnutls/files/patch-lib-Makefile.in (new)
  1.1       +15 -0     ports/security/gnutls/files/patch-libextra-Makefile.in (new)
cvs-all@freebsd.org mailing list
To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
Comment 7 Michael Scheidell freebsd_committer 2012-04-05 11:13:40 UTC
I noticed this is still open.
Can you wait  to close this until I doublecheck this patch in tinderbox ?
Makefile and pkg-plist accounts for NOPORTDOCS, but doesn't check for   
NOPORTEXAMPLES, and it installs 100K of examples:

du -ch /usr/local/share/examples/gnutls
100K    /usr/local/share/examples/gnutls
100K    total

running this in a tinderbox, backed up with a bunch of other jobs.  I'll 
attach patch once I validate it on with/without portexamples

Michael Scheidell, CTO
 >*| * SECNAP Network Security Corporation
d: +1.561.948.2259
w: http://people.freebsd.org/~scheidell
Comment 8 Xin LI freebsd_committer 2012-04-05 11:14:53 UTC
State Changed
From-To: open->closed

novel@ have committed an update already.