Created attachment 195595 [details] Update In 1.12.1 and important CVE fix was added CVE-2018-7749, where a modified SSH client could request that an AsyncSSH server perform operations before authentication had completed https://github.com/ronf/asyncssh/blob/master/docs/changes.rst : Release Notes For this version 1.13.3: Added support for setting the Unicode error handling strategy in conjunction with setting an encoding when creating new SSH sessions, streams, and processes. This strategy can also be set when specifying a session encoding in create_server(), and when providing an encoding in the get_comment() and set_comment() functions on private/public keys and certificates. Changed handling of Unicode in channels to use incrmeental codec, similar to what was previously done in process redirection. Added Python 3.7 to the list of classifiers in setup.py, now that it has been released. Updated Travis CI configuration to add Python 3.7 builds, and moved Linux builds on never versions of Python up to xenial. Added missing coroutine decorator in test_channel.
Bugzilla was unable to make any match at all for one or more of the names and/or email addresses you entered on the previous page. Please go back and try other names or email addresses. maintainer-feedback requestee: bartosz@ixsystems.com did not match anything unknow Maintainer @Koobs can this committed without Maintainer feedback?
Yeah I tried doing that as well. I would say pkg is abandoned
If the title on original bug entry had matched the portname, Bugzilla would have emailed the maintainer, who doesn't currently have an account on the system, but should. Since that mechanism is only triggered on new bug creation (not subsequent title changes), I would manually email the maintainer requesting that they create an account here and request approval on that basis Two week timeout period would begin after sending that email. Having said that, since this is a security related issue, it can also be approved by ports-secteam (now CC'd) In the meantime, the security/vuxml entry can be landed, so go ahead on that
Please also provide QA confirmation (portlint, poudriere, py2/3), especially since this will be merged to the quarterly branch. Ideally this includes running the packages test suite (which exist). Judging by the setup.py file, one should be able to just add: do-test: @cd ${WRKSRC} && ${PYTHON_CMD} ${PYDISTUTILS_SETUP} test Some TEST_DEPENDS may be necessary if the test suite fails (not skips) tests that want non-compulsory dependencies.
Emailed maintainer. Added test and so far there is four fails
Created attachment 195731 [details] Python Test As far as I can tell, the error is saying it can't find sspi_stub module but I do see it in tests/ folder
(In reply to Kubilay Kocak from comment #4) > Please also provide QA confirmation (portlint, poudriere, py2/3), especially > since this will be merged to the quarterly branch. > > Ideally this includes running the packages test suite (which exist). Judging > by the setup.py file, one should be able to just add: > > do-test: > @cd ${WRKSRC} && ${PYTHON_CMD} ${PYDISTUTILS_SETUP} test > > Some TEST_DEPENDS may be necessary if the test suite fails (not skips) tests > that want non-compulsory dependencies. ⇒ portlint -AC WARN: Makefile: for new port, make $FreeBSD$ tag in comment section empty, to make SVN happy.
Created attachment 195735 [details] Poudriere Log for Py3
Created attachment 195736 [details] Poudriere Log for py2.7
(In reply to Nathan from comment #9) > Created attachment 195736 [details] > Poudriere Log for py2.7 I do believe that the update is only for python3+
Created attachment 196995 [details] vuxml vuxml entry
Created attachment 196997 [details] Update; Fix CVE-2018-7749 security/py-asyncssh: * Update to 1.14.0 -- Fixes CVE-2018-7749 Changelog: https://github.com/ronf/asyncssh/blob/v1.14.0/docs/changes.rst portlint -AC: Fixed a space to a tab; looks fine now(Think that may be why maintainer wasn't informed?) poudriere(amd64/i386): 11.2 12-cur: Built fine 4/900+ tests failed, reported: https://github.com/ronf/asyncssh/issues/165
Builds on (armv6/arm64/mips/mips64) 12
any news here?
Assignee timeout (2+ months), open to take
A commit references this bug: Author: swills Date: Sun Dec 9 01:47:39 UTC 2018 New revision: 487009 URL: https://svnweb.freebsd.org/changeset/ports/487009 Log: security/py-asyncssh: Update to 1.14.0 While here, add test target PR: 230151 Submitted by: Nathan <ndowens@yahoo.com> Approved by: maintainer timeout (bartosz@ixsystems.com, >2 months) MFH: 2018Q4 Security: 0e8f496a-b498-11e8-bdcf-74d435e60b7c Changes: head/security/py-asyncssh/Makefile head/security/py-asyncssh/distinfo
A commit references this bug: Author: swills Date: Sun Dec 9 01:49:15 UTC 2018 New revision: 487010 URL: https://svnweb.freebsd.org/changeset/ports/487010 Log: MFH: r487009 security/py-asyncssh: Update to 1.14.0 While here, add test target PR: 230151 Submitted by: Nathan <ndowens@yahoo.com> Approved by: maintainer timeout (bartosz@ixsystems.com, >2 months) Security: 0e8f496a-b498-11e8-bdcf-74d435e60b7c Approved by: ports-secteam (implicit) Changes: _U branches/2018Q4/ branches/2018Q4/security/py-asyncssh/Makefile branches/2018Q4/security/py-asyncssh/distinfo
Committed, thanks!