Date: Thu, 22 Nov 2018 09:24:57 +0100 From: Matthias Fechner <idefix@fechner.net> To: Sunpoet Po-Chuan Hsieh <sunpoet@FreeBSD.org>, ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: Re: svn commit: r485174 - head/devel/rubygem-warden Message-ID: <24d170e0-1174-5a43-66a7-2821f19b54fc@fechner.net> In-Reply-To: <b2ea11d9-18b9-30a6-b0c3-10944dd8afee@fechner.net> References: <201811171734.wAHHYZSG071135@repo.freebsd.org> <b2ea11d9-18b9-30a6-b0c3-10944dd8afee@fechner.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Am 18.11.2018 um 10:53 schrieb Matthias Fechner:
> Am 17.11.2018 um 18:34 schrieb Sunpoet Po-Chuan Hsieh:
>> -PORTVERSION= 1.2.7
>> +PORTVERSION= 1.2.8
>> CATEGORIES= devel rubygems
>> MASTER_SITES= RG
>>
>> @@ -12,10 +12,11 @@ COMMENT= Rack middleware that provides authentication
>> LICENSE= MIT
>> LICENSE_FILE= ${WRKSRC}/LICENSE
>>
>> -RUN_DEPENDS= rubygem-rack>=1.0:www/rubygem-rack
>> +RUN_DEPENDS= rubygem-rack>=2.0.6:www/rubygem-rack
> could someone please help to understand why this upgrade has broken
> www/gitlab-ce?
> I do not really understand it, but I do not want to downgrade this port,
> as there a CVE is related to:
> https://github.com/wardencommunity/warden/releases/tag/v1.2.8
>
> I see the following error:
> https://pkg.fechner.net/data/112amd64-gitlab/2018-11-18_10h44m24s/logs/errors/gitlab-ce-11.4.5.log
>
> If I downgrade rubygem-warden again to 1.2.7 it solves the problem.
as I do not get any feedback, what must I do, that this commit get
reverted till the problem is solved?
Or I'm allowed to revert this commit by myself?
Gruß
Matthias
--
"Programming today is a race between software engineers striving to
build bigger and better idiot-proof programs, and the universe trying to
produce bigger and better idiots. So far, the universe is winning." --
Rich Cook
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?24d170e0-1174-5a43-66a7-2821f19b54fc>