Bug 234088 - www/py-gunicorn : Update to 19.9.0
Summary: www/py-gunicorn : Update to 19.9.0
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Wen Heping
URL:
Keywords: security
: 213084 (view as bug list)
Depends on:
Blocks:
 
Reported: 2018-12-17 07:01 UTC by wen
Modified: 2019-03-07 08:11 UTC (History)
2 users (show)

See Also:
koobs: maintainer-feedback+
koobs: merge-quarterly+


Attachments
update to 19.9.0 (1.53 KB, text/plain)
2018-12-17 07:01 UTC, wen
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description wen 2018-12-17 07:01:43 UTC
Created attachment 200179 [details]
update to 19.9.0

update to 19.9.0
Comment 1 Tobias Kortkamp freebsd_committer 2019-02-27 12:00:03 UTC
*** Bug 213084 has been marked as a duplicate of this bug. ***
Comment 2 Tobias Kortkamp freebsd_committer 2019-02-27 12:06:04 UTC
Any news? 19.4.5 is fairly old and also affected by CVE-2018-1000164.

https://epadillas.github.io/2018/04/02/http-header-splitting-in-gunicorn-19.4.5
Comment 3 Tobias Kortkamp freebsd_committer 2019-03-05 06:21:56 UTC
(In reply to Tobias Kortkamp from comment #2)
> Any news? 19.4.5 is fairly old and also affected by CVE-2018-1000164.
> 
> https://epadillas.github.io/2018/04/02/http-header-splitting-in-gunicorn-19.
> 4.5

Added to vuln.xml in ports r494678 (forgot to reference this PR)
Comment 4 Kubilay Kocak freebsd_committer freebsd_triage 2019-03-05 09:15:39 UTC
Thanks for the VuXML entry Tobias.

If you've QA'd the attached patch (in particular the test suite), feel free to assign yourself, commit and merge
Comment 5 commit-hook freebsd_committer 2019-03-05 23:36:40 UTC
A commit references this bug:

Author: wen
Date: Tue Mar  5 23:35:53 UTC 2019
New revision: 494753
URL: https://svnweb.freebsd.org/changeset/ports/494753

Log:
  - Update to 19.9.0(include security fix)

  PR:		234088
  Submitted by:	wenheping2000@hotmail.com(myself)
  Approved by:	maintainer
  MFH:		2019Q1

Changes:
  head/www/py-gunicorn/Makefile
  head/www/py-gunicorn/distinfo
  head/www/py-gunicorn/files/
Comment 6 wen 2019-03-05 23:39:15 UTC
I committed the PR.
I remove the patch file patch-requirements__test.txt, because 2 tests failed with test-depend package in ports.

Thank you, tobik@ and koobs@.
Comment 7 commit-hook freebsd_committer 2019-03-07 06:20:25 UTC
A commit references this bug:

Author: wen
Date: Thu Mar  7 06:20:17 UTC 2019
New revision: 494904
URL: https://svnweb.freebsd.org/changeset/ports/494904

Log:
  MFH: r494753

  - Update to 19.9.0(include security fix)

  PR:		234088
  Submitted by:	wenheping2000@hotmail.com(myself)
  Approved by:	maintainer

  Approved by:	ports-secteam@(miwi@)

Changes:
_U  branches/2019Q1/
  branches/2019Q1/www/py-gunicorn/Makefile
  branches/2019Q1/www/py-gunicorn/distinfo
  branches/2019Q1/www/py-gunicorn/files/
Comment 8 Kubilay Kocak freebsd_committer freebsd_triage 2019-03-07 08:11:29 UTC
Thank you Wen