update www/h2o to 1.4.5 patch, portlint & poudriere logs to come.
Created attachment 161112 [details] secfix
# portlint WARN: Makefile: possible use of absolute pathname "/var/log/${PORTNAME}...". 0 fatal errors and 1 warning found. # poudriere http://pkg.skunkwerks.at/poudriere/data/10_2_amd64-default/2015-09-16_08h02m33s/logs/h2o-1.4.5.log # patch https://github.com/dch/freebsd-ports/commit/9b61c980024f27d136866cb57ba1244aa2a18de0
Created attachment 161114 [details] CVE-2015-5638 first try at a vuxml commit, may need tweaking. # patch https://github.com/dch/freebsd-ports/commit/a5704fb65b3c6af5f03a93c03f347d31b8bc51aa # make validate make validate |& tee /ramdisk/make-validate.vuxml /bin/sh /usr/ports/security/vuxml/files/tidy.sh "/usr/ports/security/vuxml/files/tidy.xsl" "/usr/ports/security/vuxml/vuln.xml" > "/usr/ports/security/vuxml/vuln.xml.tidy" >>> Validating... /usr/local/bin/xmllint --valid --noout /usr/ports/security/vuxml/vuln.xml >>> Successful. Checking if tidy differs... ... seems okay Checking for space/tab... ... seems okay /usr/local/bin/python2.7 /usr/ports/security/vuxml/files/extra-validation.py /usr/ports/security/vuxml/vuln.xml
A commit references this bug: Author: gblach Date: Wed Sep 16 12:29:58 UTC 2015 New revision: 397062 URL: https://svnweb.freebsd.org/changeset/ports/397062 Log: - Fix rc.d issues introduced with recent perl changes [1] - Update to 1.4.5 [2] PR: 203147 [1], 203096 [2] Submitted by: Dave Cottlehuber (maintainer) Changes: head/www/h2o/Makefile head/www/h2o/distinfo head/www/h2o/files/h2o.in
secfix committed
A commit references this bug: Author: feld Date: Wed Sep 16 16:32:40 UTC 2015 New revision: 397072 URL: https://svnweb.freebsd.org/changeset/ports/397072 Log: Document www/h2o vulnerability PR: 203096 PR: 203147 Security: CVE-2015-5638 Changes: head/security/vuxml/vuln.xml
A commit references this bug: Author: junovitch Date: Fri Sep 18 09:56:32 UTC 2015 New revision: 397229 URL: https://svnweb.freebsd.org/changeset/ports/397229 Log: MFH r393066,r396229,r396629,r397062: r393066 www/h2o: 1.2.0 -> 1.4.2 ChangeLog: https://github.com/h2o/h2o/releases PR: 200998 Submitted by: sean@x-n.su Approved by: Dave Cottlehuber <dch@skunkwerks.at> (maintainer) r396229 - Update to 1.4.4 [1] - Drop 8.x support [2] PR: 202818 [1] Submitted by: Dave Cottlehuber (dch <at> skunkwerks <dot> at) [1] Approved by: portmgr blanket [2] r396629 - Fix rc.d script - Bump PORTVERSION PR: 202937 Submitted by: gblach Approved by: Dave Cottlehuber (dch <at> skunkwerks <dot> at) r397062 - Fix rc.d issues introduced with recent perl changes [1] - Update to 1.4.5 [2] PR: 203147 [1], 203096 [2] Submitted by: Dave Cottlehuber (maintainer) Security: 31ea7f73-5c55-11e5-8607-74d02b9a84d5 Security: CVE-2015-5638 Approved by: ports-secteam (feld) Changes: _U branches/2015Q3/ branches/2015Q3/www/h2o/Makefile branches/2015Q3/www/h2o/distinfo branches/2015Q3/www/h2o/files/h2o.conf.sample branches/2015Q3/www/h2o/files/h2o.in branches/2015Q3/www/h2o/files/patch-CMakeLists.txt branches/2015Q3/www/h2o/pkg-plist