Bug 244971 - www/glpi: Update to 9.4.5
Summary: www/glpi: Update to 9.4.5
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Many People
Assignee: Jochen Neumeister
URL:
Keywords: buildisok, security
Depends on:
Blocks: 242476
  Show dependency treegraph
 
Reported: 2020-03-22 11:34 UTC by Mathias Monnerville
Modified: 2020-06-10 04:30 UTC (History)
3 users (show)

See Also:
koobs: merge-quarterly+


Attachments
Patch 9.4.2 to 9.4.5 (1.76 KB, patch)
2020-03-22 11:34 UTC, Mathias Monnerville
mathias: maintainer-approval+
Details | Diff
Poudriere logs for 9.4.5 (33.96 KB, text/plain)
2020-03-22 11:35 UTC, Mathias Monnerville
no flags Details
Updated vuln.xml with 2 entries related to GLPI (2.62 KB, patch)
2020-05-05 09:37 UTC, Mathias Monnerville
mathias: maintainer-approval+
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Mathias Monnerville 2020-03-22 11:34:54 UTC
Created attachment 212608 [details]
Patch 9.4.2 to 9.4.5

Patch from 9.4.2 to 9.4.5.

This patch updates www/glpi to the latest version (new features and several security fixes).

ChangeLogs
- 9.4.5: https://github.com/glpi-project/glpi/milestone/38?closed=1
- 9.4.4: https://github.com/glpi-project/glpi/milestone/37?closed=1
- 9.4.3: https://github.com/glpi-project/glpi/milestone/36?closed=1

This patch fixes
- PR 242476


Also attached the Poudriere testport logs.
Comment 1 Mathias Monnerville 2020-03-22 11:35:49 UTC
Created attachment 212609 [details]
Poudriere logs for 9.4.5
Comment 2 Automation User 2020-03-22 12:04:41 UTC
Build info is available at https://gitlab.com/swills/freebsd-ports/pipelines/128552881
Comment 3 Kubilay Kocak freebsd_committer freebsd_triage 2020-03-23 15:22:15 UTC
^Triage: Please set the maintainer-approval attachment flag (to +) on patches for ports you maintain to signify approval

Attachment -> Details -> maintainer-approval [+]

Pending VuXML entry
Comment 4 Mathias Monnerville 2020-03-23 17:02:41 UTC
(In reply to Kubilay Kocak from comment #3)

Done. Thank you.
Comment 5 Mathias Monnerville 2020-03-28 15:47:18 UTC
@koobs Those patches address many security fixes in GLPI. I think everything is fine with my patch. Am I missing something? Thanks :)
Comment 6 Mathias Monnerville 2020-04-28 08:16:41 UTC
(In reply to Kubilay Kocak from comment #3)

Anything needed on my side for this patch to be merged? It fixes several security issues so pretty important to upgrade the port IMO.

Thank you.
Comment 7 Kubilay Kocak freebsd_committer freebsd_triage 2020-04-28 09:15:38 UTC
(In reply to Mathias Monnerville from comment #5)

Understood, the issue has been triaged as a security issue.

The onlt thing outstanding is a relevant VuXML entry (comment 3) to be added to the security/vuxml port. This can be done by any one, committers or contributors.

The relevant section in the Porters Handbook is: https://www.freebsd.org/doc/en_US.ISO8859-1/books/porters-handbook/security-notify.html

If you'd like to try to create the vuxml entry and need assistance, you'll be able to get support on our #freebsd-ports channel on freenode IRC
Comment 8 Mathias Monnerville 2020-04-28 09:32:24 UTC
(In reply to Kubilay Kocak from comment #7)

Okay, first time I have to do it on this port, wasn't aware it was required.

Thank you, will work on it ASAP.
Comment 9 Mathias Monnerville 2020-05-05 09:36:43 UTC
(In reply to Kubilay Kocak from comment #7)

Hi @koobs,

I'm adding a patch here to `vuln.xml` with 2 entries added. Could you speed up the process by applying this patch to `security/vuxml` maybe?

GLPI installations should be updated ASAP to 9.4.5.

Thank you.
Comment 10 Mathias Monnerville 2020-05-05 09:37:46 UTC
Created attachment 214149 [details]
Updated vuln.xml with 2 entries related to GLPI

For the `security/vuxml` port.
Comment 11 commit-hook freebsd_committer 2020-05-09 08:24:46 UTC
A commit references this bug:

Author: joneum
Date: Sat May  9 08:23:43 UTC 2020
New revision: 534722
URL: https://svnweb.freebsd.org/changeset/ports/534722

Log:
  add entry for www/glpi

  PR:		244971
  Sponsored by:	Netzkommune GmbH

Changes:
  head/security/vuxml/vuln.xml
Comment 12 commit-hook freebsd_committer 2020-05-10 08:54:04 UTC
A commit references this bug:

Author: joneum
Date: Sun May 10 08:53:53 UTC 2020
New revision: 534833
URL: https://svnweb.freebsd.org/changeset/ports/534833

Log:
  Update to 9.4.5

  ChangeLogs
  - 9.4.5: https://github.com/glpi-project/glpi/milestone/38?closed=1
  - 9.4.4: https://github.com/glpi-project/glpi/milestone/37?closed=1
  - 9.4.3: https://github.com/glpi-project/glpi/milestone/36?closed=1

  PR:		244971
  MFH:		2020Q2
  Security:	d222241d-91cc-11ea-82b8-4c72b94353b5
  Sponsored by:	Netzkommune GmbH

Changes:
  head/www/glpi/Makefile
  head/www/glpi/distinfo
  head/www/glpi/pkg-plist
Comment 13 commit-hook freebsd_committer 2020-05-10 08:56:06 UTC
A commit references this bug:

Author: joneum
Date: Sun May 10 08:55:07 UTC 2020
New revision: 534834
URL: https://svnweb.freebsd.org/changeset/ports/534834

Log:
  MFH: r534833

  Update to 9.4.5

  ChangeLogs
  - 9.4.5: https://github.com/glpi-project/glpi/milestone/38?closed=1
  - 9.4.4: https://github.com/glpi-project/glpi/milestone/37?closed=1
  - 9.4.3: https://github.com/glpi-project/glpi/milestone/36?closed=1

  PR:		244971
  Security:	d222241d-91cc-11ea-82b8-4c72b94353b5
  Sponsored by:	Netzkommune GmbH

  Approved by:	ports-secteam (with hat)

Changes:
_U  branches/2020Q2/
  branches/2020Q2/www/glpi/Makefile
  branches/2020Q2/www/glpi/distinfo
  branches/2020Q2/www/glpi/pkg-plist