Bug 258700 - net-mgmt/phpipam: update to 1.4.4
Summary: net-mgmt/phpipam: update to 1.4.4
Status: In Progress
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Many People
Assignee: Li-Wen Hsu
URL: https://github.com/phpipam/phpipam/re...
Keywords:
Depends on:
Blocks:
 
Reported: 2021-09-23 23:32 UTC by Oleg Ginzburg
Modified: 2021-10-20 13:09 UTC (History)
4 users (show)

See Also:
mikael: maintainer-feedback+


Attachments
net-mgmt/phpipam: update to 1.4.4 (1.20 KB, patch)
2021-09-23 23:32 UTC, Oleg Ginzburg
mikael: maintainer-approval+
Details | Diff
v0 (1.38 KB, patch)
2021-10-15 12:08 UTC, Mikael Urankar
mikael: maintainer-approval+
Details | Diff
v1 (1.84 KB, patch)
2021-10-20 13:09 UTC, Mikael Urankar
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Oleg Ginzburg 2021-09-23 23:32:19 UTC
Created attachment 228143 [details]
net-mgmt/phpipam: update to 1.4.4

Bugfixes:
----------------------------
+ Allow UTF-8 in instruction widgets (#3360);
+ Exclude IPv6 from Ping and Discovery scans (#3354);

Security Fixes:
----------------------------
+ XSS (reflected) in IP calculator (#3351);
+ XSS in pass-change/result.php (#3373);
Comment 1 Oleg Ginzburg 2021-09-23 23:33:06 UTC
relnotes link: https://github.com/phpipam/phpipam/releases/tag/v1.4.4
Comment 2 Li-Wen Hsu freebsd_committer 2021-09-27 10:03:52 UTC
(In reply to Oleg Ginzburg from comment #0)
Since this is a security fix, can you also help to create a vuxml entry? Thanks!
Comment 3 Oleg Ginzburg 2021-09-29 08:55:49 UTC
(In reply to Li-Wen Hsu from comment #2)
I've never done this before, where do I start? just updating the port isn't enough?
Comment 4 Li-Wen Hsu freebsd_committer 2021-09-29 09:03:32 UTC
(In reply to Oleg Ginzburg from comment #3)
Please use https://docs.freebsd.org/en/books/porters-handbook/security/ as a reference.
Comment 5 Mikael Urankar freebsd_committer 2021-10-04 13:00:57 UTC
While here can you add the missing runtime deps:

The following required PHP extensions are missing:

    dom
    mod_rewrite (Apache module)

Please recompile PHP to include missing extensions and restart Apache.
Comment 6 Mikael Urankar freebsd_committer 2021-10-04 13:38:58 UTC
And:
Threading is required for scanning subnets - Error: Required PHP extension not installed: posix
Comment 7 Mikael Urankar freebsd_committer 2021-10-15 12:06:59 UTC
Can we commit this please?
Comment 8 Mikael Urankar freebsd_committer 2021-10-15 12:08:01 UTC
Created attachment 228721 [details]
v0
Comment 9 Mikael Urankar freebsd_committer 2021-10-18 12:36:59 UTC
app/admin/import-export/upload should be writable by www
Comment 10 Mikael Urankar freebsd_committer 2021-10-20 13:09:42 UTC
Created attachment 228872 [details]
v1

fix ownership