Bug 282147 - security/libssh2: Update to 1.11.1
Summary: security/libssh2: Update to 1.11.1
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Daniel Engberg
URL: https://github.com/libssh2/libssh2/re...
Keywords:
Depends on:
Blocks:
 
Reported: 2024-10-16 21:43 UTC by Daniel Engberg
Modified: 2024-10-31 05:34 UTC (History)
1 user (show)

See Also:
bugzilla: maintainer-feedback? (sbz)


Attachments
Patch for libssh2 (4.12 KB, patch)
2024-10-16 21:43 UTC, Daniel Engberg
no flags Details | Diff
Patch for libssh2 v2 (4.12 KB, patch)
2024-10-16 22:18 UTC, Daniel Engberg
no flags Details | Diff
Patch for libssh2 v3 (4.13 KB, patch)
2024-10-16 23:02 UTC, Daniel Engberg
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Daniel Engberg freebsd_committer freebsd_triage 2024-10-16 21:43:17 UTC
Created attachment 254295 [details]
Patch for libssh2

* Update MASTER_SITES, use GitHub as primary and upstream main website as fallback
* Fixes CVE-2023-48795
* Convert to CMake for faster builds and cleaner port Makefile
* Make static library option (non default)
* Enable OpenSSL support by default (optional)

Compile and runtime tested on FreeBSD 14.1-RELEASE (amd64) (make, make check-plist, make test)

Poudriere testport OK 14.1-RELEASE (amd64)
Poudriere testport OK 13.3-RELEASE (amd64)

Tested with following consumers in 14.1-RELEASE (amd64) using Poudriere:
databases/pgadmin3
databases/redisdesktopmanager
databases/sequeler
deskutils/subsurface (fails during configure, patch needed)
devel/cargo-c
devel/cargo-edit
devel/cargo-generate
devel/cargo-udeps
devel/dura
devel/gbump
devel/git-repo-manager
devel/gitui
devel/jujutsu
devel/libgit2
devel/libvirt
devel/pipelight
devel/tabby
devel/uv
editors/lapce
ftp/curl
ftp/gstreamer1-plugins-curl
ftp/termscp
lang/julia
misc/mc
net/guacamole-server
net/p5-Net-SSH2
net-mgmt/zabbix5-proxy
net-mgmt/zabbix5-server
net-mgmt/zabbix6-proxy
net-mgmt/zabbix6-server
net-mgmt/zabbix64-proxy
net-mgmt/zabbix64-server
net-mgmt/zabbix7-proxy
net-mgmt/zabbix7-server
science/lammps
security/medusa
security/pecl-ssh2
shells/sheldon
shells/starship
sysutils/cbsd
sysutils/daggy
sysutils/libdnf
sysutils/mise
x11/wezterm
Comment 1 Daniel Engberg freebsd_committer freebsd_triage 2024-10-16 22:18:44 UTC
Created attachment 254297 [details]
Patch for libssh2 v2

Fix typo, deskutils/subsurface now compiles
Comment 2 Daniel Engberg freebsd_committer freebsd_triage 2024-10-16 23:02:20 UTC
Created attachment 254298 [details]
Patch for libssh2 v3

Another typo fixed...
Comment 3 commit-hook freebsd_committer freebsd_triage 2024-10-31 03:53:08 UTC
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=8c7d939b43b30fc125a6fef2459c76e0bc55237c

commit 8c7d939b43b30fc125a6fef2459c76e0bc55237c
Author:     Daniel Engberg <diizzy@FreeBSD.org>
AuthorDate: 2024-10-31 03:50:24 +0000
Commit:     Daniel Engberg <diizzy@FreeBSD.org>
CommitDate: 2024-10-31 03:50:27 +0000

    security/libssh2: Update to 1.11.1

    * Update MASTER_SITES, use GitHub as primary and upstream main website as fallback
    * Fixes CVE-2023-48795
    * Convert to CMake for faster builds and cleaner port Makefile
    * Make static library option (non default)
    * Enable OpenSSL support by default (optional)

    PR:             282147
    Approved by:    portmgr (maintainer timeout, 2+ weeks)

 security/libssh2/Makefile  | 60 +++++++++++++++++++++-------------------------
 security/libssh2/distinfo  |  6 ++---
 security/libssh2/pkg-plist | 12 +++++++++-
 3 files changed, 41 insertions(+), 37 deletions(-)