Created attachment 206370 [details] trivial update of version and distinfo + one patch is obsolete now Pretty trivial patch to update the port. files/patch-boost-1.67 is removed. The code it patched was upgraded and now compiles without this patch.
What does needs-qa mean and who is going to do it?
@Ronald Ideally all changes are QA'd prior to submission, at least by the maintainer or the port, if not the reporter, but anyone can do it. You can see descriptions for Keywords by clicking the 'Keywords' field title, but port updates, testing means, but is not necessarily limited to, running channes through our primarily QA tools: at least portlint and poudriere. For more information and instructions, see: https://www.freebsd.org/doc/en/books/porters-handbook/testing.html If you need help or guidance, we have a dedicated porters channel at #freebsd-ports on freenode IRC
Hi. As I'm the maintainer nobody can approve this more than I did. How can I help getting this QA process further? I would like to get this into the Q4 ports. (In reply to Kubilay Kocak from comment #2)
@Ronald The methods for testing ("QA") are described in comment 2 Further, since this is a bugfix and security release, it will be merged in any case. Pending: - QA confirmation - VuXML entry
Created attachment 207963 [details] vuxml entries for 3 CVEs
$ portlint -C WARN: Makefile: [19]: the arguments to ONLY_FOR_ARCHS are not sorted. Please consider sorting them. WARN: Makefile: "USES" has to appear earlier. WARN: /home/builder/mongodb34.22/files/patch-asio-openssl-1.1.0: patch was not generated using ``make makepatch''. It is recommended to use ``make makepatch'' when you need to [re-]generate a patch to ensure proper patch format. WARN: /home/builder/mongodb34.22/files/patch-src_mongo_util_net_ssl__manager.cpp: patch was not generated using ``make makepatch''. It is recommended to use ``make makepatch'' when you need to [re-]generate a patch to ensure proper patch format. WARN: /home/builder/mongodb34.22/files/patch-src_mongo_util_net_ssl__manager.h: patch was not generated using ``make makepatch''. It is recommended to use ``make makepatch'' when you need to [re-]generate a patch to ensure proper patch format. WARN: Consider to set DEVELOPER=yes in /etc/make.conf 0 fatal errors and 6 warnings found. No errors. I will fix some warnings in my next update to this port.
A commit references this bug: Author: pi Date: Thu Oct 10 06:33:04 UTC 2019 New revision: 514207 URL: https://svnweb.freebsd.org/changeset/ports/514207 Log: databases/mongodb34: upgrade 3.4.21 -> 3.4.22 PR: 239717 Submitted by: Ronald Klop <ronald-lists@klop.ws> (maintainer) MFH: 2019Q4 Relnotes: https://docs.mongodb.com/manual/release-notes/3.4/#aug-6-2019 Security: CVE-2019-2386, CVE-2019-2389, CVE-2019-2390 Changes: head/databases/mongodb34/Makefile head/databases/mongodb34/distinfo head/databases/mongodb34/files/patch-boost-1.67
A commit references this bug: Author: pi Date: Fri Oct 11 17:27:21 UTC 2019 New revision: 514292 URL: https://svnweb.freebsd.org/changeset/ports/514292 Log: MFH: r514207 databases/mongodb34: upgrade 3.4.21 -> 3.4.22 PR: 239717 Submitted by: Ronald Klop <ronald-lists@klop.ws> (maintainer) Relnotes: https://docs.mongodb.com/manual/release-notes/3.4/#aug-6-2019 Security: CVE-2019-2386, CVE-2019-2389, CVE-2019-2390 Approved by: ports-secteam (miwi) Changes: _U branches/2019Q4/ branches/2019Q4/databases/mongodb34/Makefile branches/2019Q4/databases/mongodb34/distinfo branches/2019Q4/databases/mongodb34/files/patch-boost-1.67
A commit references this bug: Author: pi Date: Fri Oct 11 17:36:37 UTC 2019 New revision: 514293 URL: https://svnweb.freebsd.org/changeset/ports/514293 Log: security/vuxml: mongodb vulnerabilities - CVE-2019-2386, CVE-2019-2389, CVE-2019-2390 PR: 239717 Submitted by: Ronald Klop <ronald-lists@klop.ws> Changes: head/security/vuxml/vuln.xml