234088 – www/py-gunicorn : Update to 19.9.0

Bug 234088 - www/py-gunicorn : Update to 19.9.0

Summary: www/py-gunicorn : Update to 19.9.0

Status:	Closed FIXED

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	--- Affects Only Me
Assignee:	Wen Heping

URL:
Keywords:	security

Duplicates (1):	213084 (view as bug list)
Depends on:
Blocks:

Reported:	2018-12-17 07:01 UTC by wen
Modified:	2019-03-07 08:11 UTC (History)
CC List:	2 users (show)

See Also:

Flags:	koobs: maintainer-feedback+ koobs: merge-quarterly+

Attachments
update to 19.9.0 (1.53 KB, text/plain) 2018-12-17 07:01 UTC, wen	no flags	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description wen 2018-12-17 07:01:43 UTC

Created attachment 200179 [details]
update to 19.9.0

update to 19.9.0

Comment 1 Tobias Kortkamp freebsd_committer

2019-02-27 12:00:03 UTC

*** Bug 213084 has been marked as a duplicate of this bug. ***

Comment 2 Tobias Kortkamp freebsd_committer

2019-02-27 12:06:04 UTC

Any news? 19.4.5 is fairly old and also affected by CVE-2018-1000164.

https://epadillas.github.io/2018/04/02/http-header-splitting-in-gunicorn-19.4.5

Comment 3 Tobias Kortkamp freebsd_committer

2019-03-05 06:21:56 UTC

(In reply to Tobias Kortkamp from comment #2)
> Any news? 19.4.5 is fairly old and also affected by CVE-2018-1000164.
> 
> https://epadillas.github.io/2018/04/02/http-header-splitting-in-gunicorn-19.
> 4.5

Added to vuln.xml in ports r494678 (forgot to reference this PR)

Comment 4 Kubilay Kocak freebsd_committer

2019-03-05 09:15:39 UTC

Thanks for the VuXML entry Tobias.

If you've QA'd the attached patch (in particular the test suite), feel free to assign yourself, commit and merge

Comment 5 commit-hook freebsd_committer

2019-03-05 23:36:40 UTC

A commit references this bug:

Author: wen
Date: Tue Mar  5 23:35:53 UTC 2019
New revision: 494753
URL: https://svnweb.freebsd.org/changeset/ports/494753

Log:
  - Update to 19.9.0(include security fix)

  PR:		234088
  Submitted by:	wenheping2000@hotmail.com(myself)
  Approved by:	maintainer
  MFH:		2019Q1

Changes:
  head/www/py-gunicorn/Makefile
  head/www/py-gunicorn/distinfo
  head/www/py-gunicorn/files/

Comment 6 wen 2019-03-05 23:39:15 UTC

I committed the PR.
I remove the patch file patch-requirements__test.txt, because 2 tests failed with test-depend package in ports.

Thank you, tobik@ and koobs@.

Comment 7 commit-hook freebsd_committer

2019-03-07 06:20:25 UTC

A commit references this bug:

Author: wen
Date: Thu Mar  7 06:20:17 UTC 2019
New revision: 494904
URL: https://svnweb.freebsd.org/changeset/ports/494904

Log:
  MFH: r494753

  - Update to 19.9.0(include security fix)

  PR:		234088
  Submitted by:	wenheping2000@hotmail.com(myself)
  Approved by:	maintainer

  Approved by:	ports-secteam@(miwi@)

Changes:
_U  branches/2019Q1/
  branches/2019Q1/www/py-gunicorn/Makefile
  branches/2019Q1/www/py-gunicorn/distinfo
  branches/2019Q1/www/py-gunicorn/files/

Comment 8 Kubilay Kocak freebsd_committer

2019-03-07 08:11:29 UTC

Thank you Wen