Created attachment 264720 [details] 0001-databases-adminer-update-to-5.4.1.patch Also adding several additional plugins and refactoring the port in a way, which allows me to patch it.
Created attachment 264721 [details] nginx config for (possible) testing
Created attachment 264724 [details] 0001-databases-adminer-update-to-5.4.1.patch Noticed that those build-time tools are included in the zip file, so I don't need to download them.
ping
Maybe use shorter name: _FORCED_TAG instead of _FORCED_SERVER_TAG?
Changelogs: https://github.com/vrana/adminer/releases/tag/v5.4.0 https://github.com/vrana/adminer/releases/tag/v5.4.1
Created attachment 265408 [details] 0001-databases-adminer-update-to-5.4.1-expire-on-2026-06-.patch There. Also marked this expired due to an obvious reason, these issues that I'm patching here will likely never be fixed upstream. And there are 3 CVEs (no affected code in port however, because I'm not including related parts), which have been unfixed for an extended period. https://nvd.nist.gov/vuln/detail/CVE-2023-45195 https://nvd.nist.gov/vuln/detail/CVE-2023-45196 https://nvd.nist.gov/vuln/detail/CVE-2023-45197
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=ecd5b3f3237d3cb36694edb8f870ef25c4e50cd6 commit ecd5b3f3237d3cb36694edb8f870ef25c4e50cd6 Author: Paavo-Einari Kaipila <pkaipila@gmail.com> AuthorDate: 2025-11-14 11:45:34 +0000 Commit: Vladimir Druzenko <vvd@FreeBSD.org> CommitDate: 2025-11-14 11:45:34 +0000 databases/adminer: Update 5.3.0 => 5.4.1, deprecate Changelogs: https://github.com/vrana/adminer/releases/tag/v5.4.0 https://github.com/vrana/adminer/releases/tag/v5.4.1 - Patch crypto keys to be generated using OS-provided PRNG rather than a timestamp. - Patch passwords to be encrypted with aes256-gcm rather than xxtea. - Add 5 additonal plugins. - Also mark this expired due to an obvious reason, these issues that patched here will likely never be fixed upstream. - And there are 3 CVEs (not affected code in port however, because related parts isn't included), which have been unfixed for an extended period: https://nvd.nist.gov/vuln/detail/CVE-2023-45195 https://nvd.nist.gov/vuln/detail/CVE-2023-45196 https://nvd.nist.gov/vuln/detail/CVE-2023-45197 PR: 290365 databases/adminer/Makefile | 26 +++++--- databases/adminer/distinfo | 10 ++-- databases/adminer/files/makephar.php | 11 ++-- .../patch-adminer_include_functions.inc.php (new) | 11 ++++ .../patch-adminer_include_xxtea.inc.php (new) | 70 ++++++++++++++++++++++ 5 files changed, 111 insertions(+), 17 deletions(-)
Thanks.
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=33523749319f03cebfd6dc0e625212bcf0e87409 commit 33523749319f03cebfd6dc0e625212bcf0e87409 Author: Vladimir Druzenko <vvd@FreeBSD.org> AuthorDate: 2025-11-14 17:58:42 +0000 Commit: Vladimir Druzenko <vvd@FreeBSD.org> CommitDate: 2025-11-14 18:12:41 +0000 databases/adminer: Fix expiration date PR: 290365 Reported by: dvl via email Approved by: Paavo-Einari Kaipila <pkaipila@gmail.com> (maintainer, implicit) Fixes: ecd5b3f3237d (Update 5.3.0 => 5.4.1, deprecate) databases/adminer/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
(In reply to commit-hook from comment #9) The famous two problems: cache invalidation, naming things, and off-by-1 errors