Created attachment 222161 [details] www/oauth2-proxy Update to v7.0.0 Fixes CVE-2021-21291 Tested on 12.2-RELEASE (make package / make check-plist / portlint -AC)
Build and package info is available at https://gitlab.com/swills/freebsd-ports/pipelines/251434852
^Triage: If there is a changelog or release notes URL available for this version, please add it to the URL field. ^Triage: Please set the maintainer-approval attachment flag (to +) on patches for ports you maintain to signify approval. -- Attachment -> Details -> maintainer-approval [+] Thanks!
^Triage: Maintainer-feedback flag (+) not required unless requested (?) first
Note to committer: needs an entry in security/vuxml
Added the approval flag to the patch and updated the URL to the release notes for this version, thanks a lot!
Created attachment 222369 [details] www/oauth2-proxy New patch to upgrade to v7.0.1
A commit references this bug: Author: nc Date: Fri Feb 12 04:51:50 UTC 2021 New revision: 564995 URL: https://svnweb.freebsd.org/changeset/ports/564995 Log: www/oauth2-proxy: Update to v7.0.1 Fixes CVE-2021-21291. Changes: https://github.com/oauth2-proxy/oauth2-proxy/releases/tag/v7.0.1 PR: 253247 Submitted by: Matthias Wolf <freebsd AT rheinwolf DOT de> (maintainer) MFH: 2021Q1 Changes: head/www/oauth2-proxy/Makefile head/www/oauth2-proxy/distinfo
A commit references this bug: Author: nc Date: Fri Feb 12 05:12:45 UTC 2021 New revision: 564996 URL: https://svnweb.freebsd.org/changeset/ports/564996 Log: MFH: r564995 www/oauth2-proxy: Update to v7.0.1 Fixes CVE-2021-21291. Changes: https://github.com/oauth2-proxy/oauth2-proxy/releases/tag/v7.0.1 PR: 253247 Submitted by: Matthias Wolf <freebsd AT rheinwolf DOT de> (maintainer) Approved by: portmgr (security blanket) Changes: _U branches/2021Q1/
Committed! To the fellow committers: Sorry for the botched MFH, I realized this port is not in 2021Q1 so I'm extremely sorry for for r564996 (I did r564997 to revert it).