261436 – www/phpmustache: update to 2.14.1

Bug 261436 - www/phpmustache: update to 2.14.1

Summary: www/phpmustache: update to 2.14.1

Status:	Closed FIXED

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	--- Affects Many People
Assignee:	Fernando Apesteguía

URL:	https://github.com/bobthecow/mustache...
Keywords:	security

Depends on:
Blocks:

Reported:	2022-01-24 18:08 UTC by Marc Veldman
Modified:	2022-01-27 07:23 UTC (History)
CC List:	2 users (show)

See Also:

Flags:	fernape: merge-quarterly+

Attachments
Patch to update to 2.14.1 (1.25 KB, patch) 2022-01-24 18:08 UTC, Marc Veldman	marc: maintainer-approval+	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Marc Veldman 2022-01-24 18:08:22 UTC

Created attachment 231280 [details]
Patch to update to 2.14.1

- Fix for CVE-2022-0323 https://nvd.nist.gov/vuln/detail/CVE-2022-0323
- Other minor fixes

Comment 1 Fernando Apesteguía freebsd_committer

2022-01-26 12:38:13 UTC

^Triage: If there is a changelog or release notes URL available for this version, please add it to the URL field.

^Triage: Please set the maintainer-approval attachment flag (to +) on patches for ports you maintain to signify approval.
--
Attachment -> Details -> maintainer-approval [+]


Thanks!

Comment 2 Marc Veldman 2022-01-26 12:44:21 UTC

I've updated the fields as requested.
My apologies for the oversight.

Comment 3 Fernando Apesteguía freebsd_committer

2022-01-26 12:51:10 UTC

No worries. Thanks!

Comment 4 Fernando Apesteguía freebsd_committer

2022-01-27 06:51:07 UTC

This fixes CVE-2022-0323.

Remainder: This needs a Vuxml entry.

Comment 5 commit-hook freebsd_committer

2022-01-27 07:19:13 UTC

A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=6901bf72b3b20f999a6a6141acf5c99219e65198

commit 6901bf72b3b20f999a6a6141acf5c99219e65198
Author:     Marc Veldman <marc@bumblingdork.com>
AuthorDate: 2022-01-26 12:38:17 +0000
Commit:     Fernando Apesteguía <fernape@FreeBSD.org>
CommitDate: 2022-01-27 07:17:08 +0000

    www/phpmustache: update to 2.14.1

    ChangeLog: https://github.com/bobthecow/mustache.php/releases/tag/v2.14.1

     * Fix for CVE-2022-0323
     * Other minor fixes

    VuXml entry to follow soon.

    PR:     261436
    Reported by:    marc@bumblingdork.com (maintainer)
    Security:       CVE-2022-0323
    MFH:    2022Q1 (security release)

 www/phpmustache/Makefile | 2 +-
 www/phpmustache/distinfo | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

Comment 6 commit-hook freebsd_committer

2022-01-27 07:23:15 UTC

A commit in branch 2022Q1 references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=4f146094da078e8249815fa8cd510d9fb6e9afc0

commit 4f146094da078e8249815fa8cd510d9fb6e9afc0
Author:     Marc Veldman <marc@bumblingdork.com>
AuthorDate: 2022-01-26 12:38:17 +0000
Commit:     Fernando Apesteguía <fernape@FreeBSD.org>
CommitDate: 2022-01-27 07:20:24 +0000

    www/phpmustache: update to 2.14.1

    ChangeLog: https://github.com/bobthecow/mustache.php/releases/tag/v2.14.1

     * Fix for CVE-2022-0323
     * Other minor fixes

    VuXml entry to follow soon.

    PR:     261436
    Reported by:    marc@bumblingdork.com (maintainer)
    Security:       CVE-2022-0323
    MFH:    2022Q1 (security release)

    (cherry picked from commit 6901bf72b3b20f999a6a6141acf5c99219e65198)

 www/phpmustache/Makefile | 2 +-
 www/phpmustache/distinfo | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

Comment 7 Fernando Apesteguía freebsd_committer

2022-01-27 07:23:49 UTC

Committed and merged to 2022Q1

Thanks!