Bug 244971 - www/glpi: Update to 9.4.5
Summary: www/glpi: Update to 9.4.5
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Many People
Assignee: Jochen Neumeister
URL:
Keywords: buildisok, security
Depends on:
Blocks: 242476
  Show dependency treegraph
 
Reported: 2020-03-22 11:34 UTC by Mathias Monnerville
Modified: 2020-06-10 04:30 UTC (History)
3 users (show)

See Also:
koobs: merge-quarterly+

Attachments
Patch 9.4.2 to 9.4.5 (1.76 KB, patch)
2020-03-22 11:34 UTC, Mathias Monnerville 		mathias: maintainer-approval+
Details | Diff
Poudriere logs for 9.4.5 (33.96 KB, text/plain)
2020-03-22 11:35 UTC, Mathias Monnerville 		no flags Details
Updated vuln.xml with 2 entries related to GLPI (2.62 KB, patch)
2020-05-05 09:37 UTC, Mathias Monnerville 		mathias: maintainer-approval+
Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Mathias Monnerville 2020-03-22 11:34:54 UTC 
Created attachment 212608 [details]
Patch 9.4.2 to 9.4.5

Patch from 9.4.2 to 9.4.5.

This patch updates www/glpi to the latest version (new features and several security fixes).

ChangeLogs
- 9.4.5: https://github.com/glpi-project/glpi/milestone/38?closed=1
- 9.4.4: https://github.com/glpi-project/glpi/milestone/37?closed=1
- 9.4.3: https://github.com/glpi-project/glpi/milestone/36?closed=1

This patch fixes
- PR 242476


Also attached the Poudriere testport logs.
Comment 1 Mathias Monnerville 2020-03-22 11:35:49 UTC 
Created attachment 212609 [details]
Poudriere logs for 9.4.5
Comment 2 Automation User 2020-03-22 12:04:41 UTC 
Build info is available at https://gitlab.com/swills/freebsd-ports/pipelines/128552881
Comment 3 Kubilay Kocak freebsd_committer freebsd_triage 2020-03-23 15:22:15 UTC 
^Triage: Please set the maintainer-approval attachment flag (to +) on patches for ports you maintain to signify approval

Attachment -> Details -> maintainer-approval [+]

Pending VuXML entry
Comment 4 Mathias Monnerville 2020-03-23 17:02:41 UTC 
(In reply to Kubilay Kocak from comment #3)

Done. Thank you.
Comment 5 Mathias Monnerville 2020-03-28 15:47:18 UTC 
@koobs Those patches address many security fixes in GLPI. I think everything is fine with my patch. Am I missing something? Thanks :)
Comment 6 Mathias Monnerville 2020-04-28 08:16:41 UTC 
(In reply to Kubilay Kocak from comment #3)

Anything needed on my side for this patch to be merged? It fixes several security issues so pretty important to upgrade the port IMO.

Thank you.
Comment 7 Kubilay Kocak freebsd_committer freebsd_triage 2020-04-28 09:15:38 UTC 
(In reply to Mathias Monnerville from comment #5)

Understood, the issue has been triaged as a security issue.

The onlt thing outstanding is a relevant VuXML entry (comment 3) to be added to the security/vuxml port. This can be done by any one, committers or contributors.

The relevant section in the Porters Handbook is: https://www.freebsd.org/doc/en_US.ISO8859-1/books/porters-handbook/security-notify.html

If you'd like to try to create the vuxml entry and need assistance, you'll be able to get support on our #freebsd-ports channel on freenode IRC
Comment 8 Mathias Monnerville 2020-04-28 09:32:24 UTC 
(In reply to Kubilay Kocak from comment #7)

Okay, first time I have to do it on this port, wasn't aware it was required.

Thank you, will work on it ASAP.
Comment 9 Mathias Monnerville 2020-05-05 09:36:43 UTC 
(In reply to Kubilay Kocak from comment #7)

Hi @koobs,

I'm adding a patch here to `vuln.xml` with 2 entries added. Could you speed up the process by applying this patch to `security/vuxml` maybe?

GLPI installations should be updated ASAP to 9.4.5.

Thank you.
Comment 10 Mathias Monnerville 2020-05-05 09:37:46 UTC 
Created attachment 214149 [details]
Updated vuln.xml with 2 entries related to GLPI

For the `security/vuxml` port.
Comment 11 commit-hook freebsd_committer freebsd_triage 2020-05-09 08:24:46 UTC 
A commit references this bug:

Author: joneum
Date: Sat May  9 08:23:43 UTC 2020
New revision: 534722
URL: https://svnweb.freebsd.org/changeset/ports/534722

Log:
  add entry for www/glpi

  PR:		244971
  Sponsored by:	Netzkommune GmbH

Changes:
  head/security/vuxml/vuln.xml
Comment 12 commit-hook freebsd_committer freebsd_triage 2020-05-10 08:54:04 UTC 
A commit references this bug:

Author: joneum
Date: Sun May 10 08:53:53 UTC 2020
New revision: 534833
URL: https://svnweb.freebsd.org/changeset/ports/534833

Log:
  Update to 9.4.5

  ChangeLogs
  - 9.4.5: https://github.com/glpi-project/glpi/milestone/38?closed=1
  - 9.4.4: https://github.com/glpi-project/glpi/milestone/37?closed=1
  - 9.4.3: https://github.com/glpi-project/glpi/milestone/36?closed=1

  PR:		244971
  MFH:		2020Q2
  Security:	d222241d-91cc-11ea-82b8-4c72b94353b5
  Sponsored by:	Netzkommune GmbH

Changes:
  head/www/glpi/Makefile
  head/www/glpi/distinfo
  head/www/glpi/pkg-plist
Comment 13 commit-hook freebsd_committer freebsd_triage 2020-05-10 08:56:06 UTC 
A commit references this bug:

Author: joneum
Date: Sun May 10 08:55:07 UTC 2020
New revision: 534834
URL: https://svnweb.freebsd.org/changeset/ports/534834

Log:
  MFH: r534833

  Update to 9.4.5

  ChangeLogs
  - 9.4.5: https://github.com/glpi-project/glpi/milestone/38?closed=1
  - 9.4.4: https://github.com/glpi-project/glpi/milestone/37?closed=1
  - 9.4.3: https://github.com/glpi-project/glpi/milestone/36?closed=1

  PR:		244971
  Security:	d222241d-91cc-11ea-82b8-4c72b94353b5
  Sponsored by:	Netzkommune GmbH

  Approved by:	ports-secteam (with hat)

Changes:
_U  branches/2020Q2/
  branches/2020Q2/www/glpi/Makefile
  branches/2020Q2/www/glpi/distinfo
  branches/2020Q2/www/glpi/pkg-plist