Bug 205961 - textproc/kibana41: upgrade to version 4.1.4
Summary: textproc/kibana41: upgrade to version 4.1.4
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Jimmy Olgeni
URL:
Keywords: patch
Depends on:
Blocks:
 
Reported: 2016-01-06 16:43 UTC by Jimmy Olgeni
Modified: 2016-01-13 23:59 UTC (History)
2 users (show)

See Also:
skozlov: maintainer-feedback+
junovitch: merge-quarterly+


Attachments
Upgrade patch (817 bytes, patch)
2016-01-06 16:43 UTC, Jimmy Olgeni
koobs: maintainer-approval+
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Jimmy Olgeni freebsd_committer 2016-01-06 16:43:20 UTC
Created attachment 165162 [details]
Upgrade patch

Upgrade to version 4.1.4.

Poudriere log here:

http://olgeni.olgeni.com/~olgeni/log/kibana41-4.1.4.log
Comment 1 Serhii (Sergey) Kozlov freebsd_committer 2016-01-06 18:09:08 UTC
Looks fine for me. 
Thanks for the effort!
Comment 2 commit-hook freebsd_committer 2016-01-07 16:09:22 UTC
A commit references this bug:

Author: olgeni
Date: Thu Jan  7 16:08:23 UTC 2016
New revision: 405463
URL: https://svnweb.freebsd.org/changeset/ports/405463

Log:
  Upgrade textproc/kibana41 to version 4.1.4.

  PR:		205961
  Submitted by:	olgeni
  Approved by:	maintainer

Changes:
  head/textproc/kibana41/Makefile
  head/textproc/kibana41/distinfo
Comment 3 Jimmy Olgeni freebsd_committer 2016-01-07 16:11:43 UTC
Patch committed.
Comment 4 Jason Unovitch freebsd_committer 2016-01-08 00:05:49 UTC
Reopen and set merge-quarterly?.  Can this get MFH'd?   See https://www.elastic.co/blog/kibana-4-3-1-and-4-2-2-and-4-1-4 as there is a security issue documented.

4.1.4 Changes
Fixes XSS vulnerability (CVE pending) - Thanks to Vladimir Ivanov for responsibly reporting
Comment 5 Jimmy Olgeni freebsd_committer 2016-01-08 08:58:25 UTC
Good point!

https://reviews.freebsd.org/D4829
Comment 6 commit-hook freebsd_committer 2016-01-13 23:58:07 UTC
A commit references this bug:

Author: junovitch
Date: Wed Jan 13 23:57:53 UTC 2016
New revision: 406081
URL: https://svnweb.freebsd.org/changeset/ports/406081

Log:
  Document Kibana 4.x XSS vulnerabilty

  PR:		205961
  PR:		205962
  PR:		205963
  Security:	https://vuxml.FreeBSD.org/freebsd/a7a4e96c-ba50-11e5-9728-002590263bf5.html

Changes:
  head/security/vuxml/vuln.xml
Comment 7 Jason Unovitch freebsd_committer 2016-01-13 23:59:35 UTC
Closed PR again and set merge-quartely+... Fix MFH'd in https://svnweb.FreeBSD.org/changeset/ports/406043