Created attachment 228143 [details] net-mgmt/phpipam: update to 1.4.4 Bugfixes: ---------------------------- + Allow UTF-8 in instruction widgets (#3360); + Exclude IPv6 from Ping and Discovery scans (#3354); Security Fixes: ---------------------------- + XSS (reflected) in IP calculator (#3351); + XSS in pass-change/result.php (#3373);
relnotes link: https://github.com/phpipam/phpipam/releases/tag/v1.4.4
(In reply to Oleg Ginzburg from comment #0) Since this is a security fix, can you also help to create a vuxml entry? Thanks!
(In reply to Li-Wen Hsu from comment #2) I've never done this before, where do I start? just updating the port isn't enough?
(In reply to Oleg Ginzburg from comment #3) Please use https://docs.freebsd.org/en/books/porters-handbook/security/ as a reference.
While here can you add the missing runtime deps: The following required PHP extensions are missing: dom mod_rewrite (Apache module) Please recompile PHP to include missing extensions and restart Apache.
And: Threading is required for scanning subnets - Error: Required PHP extension not installed: posix
Can we commit this please?
Created attachment 228721 [details] v0
app/admin/import-export/upload should be writable by www
Created attachment 228872 [details] v1 fix ownership
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=7ae8747093e99782e245ad1399f8c707709778dd commit 7ae8747093e99782e245ad1399f8c707709778dd Author: Mikael Urankar <mikael@FreeBSD.org> AuthorDate: 2021-11-10 08:42:37 +0000 Commit: Mikael Urankar <mikael@FreeBSD.org> CommitDate: 2021-11-10 08:42:37 +0000 net-mgmt/phpipam: Update to 1.4.4 - Update to 1.4.4 - Add missing php modules - Fix folder permission Changes: https://github.com/phpipam/phpipam/releases/tag/v1.4.4 PR: 258700 net-mgmt/phpipam/Makefile | 8 ++++---- net-mgmt/phpipam/distinfo | 6 +++--- net-mgmt/phpipam/pkg-plist | 5 +++++ 3 files changed, 12 insertions(+), 7 deletions(-)
A commit in branch 2021Q4 references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=c04c2d088284e45e3ede588dd89de5e393948ec1 commit c04c2d088284e45e3ede588dd89de5e393948ec1 Author: Mikael Urankar <mikael@FreeBSD.org> AuthorDate: 2021-11-10 08:42:37 +0000 Commit: Mikael Urankar <mikael@FreeBSD.org> CommitDate: 2021-11-13 11:43:12 +0000 net-mgmt/phpipam: Update to 1.4.4 - Update to 1.4.4 - Add missing php modules - Fix folder permission Changes: https://github.com/phpipam/phpipam/releases/tag/v1.4.4 PR: 258700 (cherry picked from commit 7ae8747093e99782e245ad1399f8c707709778dd) net-mgmt/phpipam/Makefile | 8 ++++---- net-mgmt/phpipam/distinfo | 6 +++--- net-mgmt/phpipam/pkg-plist | 5 +++++ 3 files changed, 12 insertions(+), 7 deletions(-)