Bug 248761 - textproc/elasticsearch6: Update to 6.8.12
Summary: textproc/elasticsearch6: Update to 6.8.12
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Dmitri Goutnik
URL: https://www.elastic.co/guide/en/elast...
Keywords:
Depends on:
Blocks:
 
Reported: 2020-08-19 21:17 UTC by Juraj Lutter
Modified: 2020-08-20 19:07 UTC (History)
3 users (show)

See Also:
otis: maintainer-feedback+


Attachments
textproc/elasticsearch6: Update to 6.8.12 (4.84 KB, patch)
2020-08-19 21:17 UTC, Juraj Lutter
otis: maintainer-approval+
Details | Diff
textproc/elasticsearch6: Update to 6.8.12 vuxml entry (1.17 KB, text/plain)
2020-08-20 06:44 UTC, Juraj Lutter
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description Juraj Lutter freebsd_committer 2020-08-19 21:17:34 UTC
Created attachment 217354 [details]
textproc/elasticsearch6: Update to 6.8.12

Hi,

please find the patch attached.

The main thing is fixed CVE-2020-7019

Changelog:
* Security updates:
  - A field disclosure flaw was found in Elasticsearch when running a scrolling search with field level security. If a user runs the same query another more privileged user recently ran, the scrolling search can leak fields that should be hidden. This could result in an attacker gaining additional permissions against a restricted index. All versions of Elasticsearch before 7.9.0 and 6.8.12 are affected by this flaw. You must upgrade to Elasticsearch version 7.9.0 or 6.8.12 to obtain the fix. CVE-2020-7019

* Bug fixes:
  - CCR:
    - CCR recoveries using wrong setting for chunk sizes
    - Fix synchronization in ShardFollowNodeTask
    - Relax ShardFollowTasksExecutor validation
    - Set timeout of master node requests on follower to unbounded
  - Distributed:
    - Fix cluster health rest api wait_for_no_initializing_shards
  - Machine Learning:
    - Fix restoration of change detectors after seasonality


Testport result:
https://freebsd-stable.builder.wilbury.net/data/12_STABLE_GENERIC_amd64-default/2020-08-19_16h47m00s/logs/elasticsearch6-6.8.12.log

Question is: What is the procedure of creating a proper vulnxml entry?
Comment 1 Juraj Lutter freebsd_committer 2020-08-20 06:44:26 UTC
Created attachment 217364 [details]
textproc/elasticsearch6: Update to 6.8.12 vuxml entry
Comment 2 Juraj Lutter freebsd_committer 2020-08-20 06:47:05 UTC
See the attachment for vuxml entry.
Comment 3 commit-hook freebsd_committer 2020-08-20 11:55:31 UTC
A commit references this bug:

Author: dmgk
Date: Thu Aug 20 11:54:31 UTC 2020
New revision: 545531
URL: https://svnweb.freebsd.org/changeset/ports/545531

Log:
  security/vuxml: Document textproc/elasticsearch6 vulnerability

  PR:		248761
  Submitted by:	Juraj Lutter <juraj@lutter.sk> (maintainer)

Changes:
  head/security/vuxml/vuln.xml
Comment 4 commit-hook freebsd_committer 2020-08-20 11:58:33 UTC
A commit references this bug:

Author: dmgk
Date: Thu Aug 20 11:58:03 UTC 2020
New revision: 545532
URL: https://svnweb.freebsd.org/changeset/ports/545532

Log:
  textproc/elasticsearch6: Update to 6.8.12

  Changes:	https://www.elastic.co/guide/en/elasticsearch/reference/6.8/release-notes-6.8.12.html
  PR:		248761
  Submitted by:	Juraj Lutter <juraj@lutter.sk> (maintainer)
  MFH:		2020Q3
  Security:	fbca6863-e2ad-11ea-9d39-00a09858faf5

Changes:
  head/textproc/elasticsearch6/Makefile
  head/textproc/elasticsearch6/distinfo
Comment 5 Juraj Lutter freebsd_committer 2020-08-20 12:08:42 UTC
Thanks.
Comment 6 commit-hook freebsd_committer 2020-08-20 19:07:38 UTC
A commit references this bug:

Author: dmgk
Date: Thu Aug 20 19:07:20 UTC 2020
New revision: 545549
URL: https://svnweb.freebsd.org/changeset/ports/545549

Log:
  MFH: r545532

  textproc/elasticsearch6: Update to 6.8.12

  Changes:	https://www.elastic.co/guide/en/elasticsearch/reference/6.8/release-notes-6.8.12.html
  PR:		248761
  Submitted by:	Juraj Lutter <juraj@lutter.sk> (maintainer)
  Security:	fbca6863-e2ad-11ea-9d39-00a09858faf5

  Approved by:	ports-secteam (joneum)

Changes:
_U  branches/2020Q3/
  branches/2020Q3/textproc/elasticsearch6/Makefile
  branches/2020Q3/textproc/elasticsearch6/distinfo