Date: Thu, 18 Sep 2014 08:54:26 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 192012] [New ports] devel/tianocore-udk2010 devel/tianocore-udk2014 emulators/tianocore-ovmf-ia32 emulators/tianocore-ovmf-x64 Message-ID: <bug-192012-13-BYesqEOBVy@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-192012-13@https.bugs.freebsd.org/bugzilla/> References: <bug-192012-13@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=192012 --- Comment #18 from Ross McKelvie <ross@exitzero.uk> --- I have updated all submitted ports, enhancing (including writing some man pages), fixing and catering for changes in lang/gcc* and lang/python* ports. The UDK shar files exceeded the 1000k size limit and so I have compressed them with gzip. I hope this is acceptable. Poudriere testport logs for each port with default options are attached for all currently supported releases on amd64 and i386, except for 9.3 i386, on which ports-mgmt/pkg failed to build and testing could not be completed. The Portlint warnings relating to the UDK ports' options are expected due to the way I have used port options to modify and configuration file. Warnings of use of /usr/local in the OVMF ports relate only to pkg-message, which can't be dynamically modified. The OVMF ports are affected by bug 187315, where the native unzip utility fails with some zip archives. For these, I have implemented a work-around, requiring archivers/unzip for FreeBSD 10.0 and later. UDK2014 comes bundled with the source for OpenSSL 0.9.8w and it is included in UDK2010 as a default port option. I am mindful of the vulnerabilities in this bundled library. However, it is this (and only this) version of OpenSSL that is supported by the UDK releases and I was reluctant to unpick the integration only for the port to FreeBSD. The use of this library does not introduce vulnerabilities into FreeBSD systems with the ports installed, though could potentially result in vulnerabilities in UEFI applications compiled with the kit. I have added a security consideration note to the man pages. The sensible place for the current version of OpenSSL to be integrated with UDK is in the upstream project (the development version is EDKII, which I have not yet ported) . I'm happy to discuss any of the above in more detail. -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-192012-13-BYesqEOBVy>