From owner-svn-ports-branches@freebsd.org Fri Jul 8 15:42:48 2016 Return-Path: Delivered-To: svn-ports-branches@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id EB8B0B82435; Fri, 8 Jul 2016 15:42:48 +0000 (UTC) (envelope-from tz@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C6FF11EC5; Fri, 8 Jul 2016 15:42:48 +0000 (UTC) (envelope-from tz@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u68Fgl4K044574; Fri, 8 Jul 2016 15:42:47 GMT (envelope-from tz@FreeBSD.org) Received: (from tz@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u68FgliW044568; Fri, 8 Jul 2016 15:42:47 GMT (envelope-from tz@FreeBSD.org) Message-Id: <201607081542.u68FgliW044568@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: tz set sender to tz@FreeBSD.org using -f From: Torsten Zuehlsdorff Date: Fri, 8 Jul 2016 15:42:47 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r418230 - in branches/2016Q3/www/gitlab: . files X-SVN-Group: ports-branches MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-branches@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: SVN commit messages for all the branches of the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 08 Jul 2016 15:42:49 -0000 Author: tz Date: Fri Jul 8 15:42:47 2016 New Revision: 418230 URL: https://svnweb.freebsd.org/changeset/ports/418230 Log: MFH: r418223 www/gitlab: update from 8.8.5 to 8.8.7 8.8.7 - Fix privilege escalation issue with OAuth external users. - Ensure references to private repos aren't shown to logged-out users. 8.8.6 - Fix visibility of snippets when searching. - Update omniauth-saml to 1.6.0 Approved by: junovitch (mentor, implicit) Security: CVE-2016-5697 Approved by: ports-secteam (junovitch) Modified: branches/2016Q3/www/gitlab/Makefile branches/2016Q3/www/gitlab/distinfo branches/2016Q3/www/gitlab/files/patch-Gemfile branches/2016Q3/www/gitlab/pkg-plist Directory Properties: branches/2016Q3/ (props changed) Modified: branches/2016Q3/www/gitlab/Makefile ============================================================================== --- branches/2016Q3/www/gitlab/Makefile Fri Jul 8 15:36:15 2016 (r418229) +++ branches/2016Q3/www/gitlab/Makefile Fri Jul 8 15:42:47 2016 (r418230) @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= gitlab -PORTVERSION= 8.8.5 +PORTVERSION= 8.8.7 DISTVERSIONPREFIX= v CATEGORIES= www devel @@ -34,7 +34,7 @@ RUN_DEPENDS= git>=2.7.4:devel/git \ rubygem-omniauth-github>=1.1.1:net/rubygem-omniauth-github \ rubygem-omniauth-gitlab>=1.0.0:security/rubygem-omniauth-gitlab \ rubygem-omniauth-google-oauth2>=0.2.0:net/rubygem-omniauth-google-oauth2 \ - rubygem-omniauth-saml>=1.5.0:security/rubygem-omniauth-saml \ + rubygem-omniauth-saml>=1.6.0:security/rubygem-omniauth-saml \ rubygem-omniauth-shibboleth>=1.2.0:security/rubygem-omniauth-shibboleth \ rubygem-omniauth-twitter>=1.2.0:net/rubygem-omniauth-twitter \ rubygem-omniauth_crowd>=2.2.0:devel/rubygem-omniauth_crowd \ Modified: branches/2016Q3/www/gitlab/distinfo ============================================================================== --- branches/2016Q3/www/gitlab/distinfo Fri Jul 8 15:36:15 2016 (r418229) +++ branches/2016Q3/www/gitlab/distinfo Fri Jul 8 15:42:47 2016 (r418230) @@ -1,3 +1,3 @@ -TIMESTAMP = 1466158783 -SHA256 (gitlabhq-gitlabhq-v8.8.5_GH0.tar.gz) = 385fefd73ea70797ee2b1d9084c0b5a0f90917a7636926537746bd86143e0335 -SIZE (gitlabhq-gitlabhq-v8.8.5_GH0.tar.gz) = 18478664 +TIMESTAMP = 1467811812 +SHA256 (gitlabhq-gitlabhq-v8.8.7_GH0.tar.gz) = 42ecd49943c879006d6042583b2e55f31a8f4b11d04faf693e1b1fe594697e4d +SIZE (gitlabhq-gitlabhq-v8.8.7_GH0.tar.gz) = 18479391 Modified: branches/2016Q3/www/gitlab/files/patch-Gemfile ============================================================================== --- branches/2016Q3/www/gitlab/files/patch-Gemfile Fri Jul 8 15:36:15 2016 (r418229) +++ branches/2016Q3/www/gitlab/files/patch-Gemfile Fri Jul 8 15:42:47 2016 (r418230) @@ -38,7 +38,7 @@ -gem 'omniauth-google-oauth2', '~> 0.2.0' -gem 'omniauth-kerberos', '~> 0.3.0', group: :kerberos +gem 'omniauth-google-oauth2', '>= 0.2.0' - gem 'omniauth-saml', '~> 1.5.0' + gem 'omniauth-saml', '~> 1.6.0' gem 'omniauth-shibboleth', '~> 1.2.0' gem 'omniauth-twitter', '~> 1.2.0' gem 'omniauth_crowd', '~> 2.2.0' Modified: branches/2016Q3/www/gitlab/pkg-plist ============================================================================== --- branches/2016Q3/www/gitlab/pkg-plist Fri Jul 8 15:36:15 2016 (r418229) +++ branches/2016Q3/www/gitlab/pkg-plist Fri Jul 8 15:42:47 2016 (r418230) @@ -3632,6 +3632,7 @@ %%WWWDIR%%/spec/services/projects/upload_service_spec.rb %%WWWDIR%%/spec/services/repair_ldap_blocked_user_service_spec.rb %%WWWDIR%%/spec/services/search_service_spec.rb +%%WWWDIR%%/spec/services/search/snippet_service_spec.rb %%WWWDIR%%/spec/services/system_hooks_service_spec.rb %%WWWDIR%%/spec/services/system_note_service_spec.rb %%WWWDIR%%/spec/services/test_hook_service_spec.rb