Bug 237390 - [exp-run] print/ghostscript9-agpl-base: update to 9.27
Summary: [exp-run] print/ghostscript9-agpl-base: update to 9.27
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Tijl Coosemans
URL:
Keywords:
Depends on: 237765
Blocks:
  Show dependency treegraph
 
Reported: 2019-04-19 15:48 UTC by Tijl Coosemans
Modified: 2019-05-09 08:11 UTC (History)
4 users (show)

See Also:
bugzilla: maintainer-feedback? (doceng)


Attachments
patch (3.30 KB, patch)
2019-04-19 15:48 UTC, Tijl Coosemans
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Tijl Coosemans freebsd_committer 2019-04-19 15:48:14 UTC
Created attachment 203802 [details]
patch

Update print/ghostscript9-agpl-{base,x11} to 9.27.

This version removes some undocumented features.  An exp-run is needed to make sure no port depends on them.
Comment 1 Tijl Coosemans freebsd_committer 2019-04-19 15:48:52 UTC
Assign to portmgr for exp-run.
Comment 2 Greg Veldman 2019-04-20 12:31:59 UTC
If I'm not mistaken, I believe this is also CVE-2019-3835 and CVE-2019-3838, which should be documented in vuxml.  Tagging ports-secteam on this as well.
Comment 3 Greg Veldman 2019-04-20 12:32:10 UTC
If I'm not mistaken, I believe this is also CVE-2019-3835 and CVE-2019-3838, which should be documented in vuxml.  Tagging ports-secteam on this as well.
Comment 4 Antoine Brodin freebsd_committer 2019-04-21 15:58:41 UTC
Exp-run looks fine
Comment 5 commit-hook freebsd_committer 2019-04-21 16:42:22 UTC
A commit references this bug:

Author: tijl
Date: Sun Apr 21 16:41:38 UTC 2019
New revision: 499546
URL: https://svnweb.freebsd.org/changeset/ports/499546

Log:
  Update to 9.27.

  PR:		237390
  Exp-run by:	antoine
  Approved by:	portmgr (antoine)
  MFH:		2019Q2
  Security:	CVE-2019-3835, CVE-2019-3838

Changes:
  head/print/ghostscript9-agpl-base/Makefile
  head/print/ghostscript9-agpl-base/distinfo
  head/print/ghostscript9-agpl-base/pkg-plist
  head/print/ghostscript9-agpl-x11/Makefile
Comment 6 commit-hook freebsd_committer 2019-04-21 17:36:09 UTC
A commit references this bug:

Author: tijl
Date: Sun Apr 21 17:36:00 UTC 2019
New revision: 499548
URL: https://svnweb.freebsd.org/changeset/ports/499548

Log:
  Document Ghostscript CVE-2019-3835 and CVE-2019-3838.

  PR:		237390
  Security:	CVE-2019-3835, CVE-2019-3838

Changes:
  head/security/vuxml/vuln.xml
Comment 7 commit-hook freebsd_committer 2019-04-22 08:53:21 UTC
A commit references this bug:

Author: tijl
Date: Mon Apr 22 08:53:17 UTC 2019
New revision: 499618
URL: https://svnweb.freebsd.org/changeset/ports/499618

Log:
  MFH: r499546

  Update to 9.27.

  PR:		237390
  Security:	CVE-2019-3835, CVE-2019-3838
  Approved by:	ports-secteam (miwi)

Changes:
_U  branches/2019Q2/
  branches/2019Q2/print/ghostscript9-agpl-base/Makefile
  branches/2019Q2/print/ghostscript9-agpl-base/distinfo
  branches/2019Q2/print/ghostscript9-agpl-base/pkg-plist
  branches/2019Q2/print/ghostscript9-agpl-x11/Makefile
Comment 8 admin-freebsd-bugzilla 2019-05-06 15:13:04 UTC
this broke cups-filters

see here https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=237765