Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 29 Apr 2022 08:17:04 +0000
From:      bugzilla-noreply@freebsd.org
To:        ports-bugs@FreeBSD.org
Subject:   [Bug 263647] databases/hiredis: Update to 1.0.2 (includes security fix)
Message-ID:  <bug-263647-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D263647

            Bug ID: 263647
           Summary: databases/hiredis: Update to 1.0.2 (includes security
                    fix)
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
               URL: https://github.com/redis/hiredis/releases/tag/v1.0.2
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: Individual Port(s)
          Assignee: olgeni@FreeBSD.org
          Reporter: ports@skyforge.at
                CC: olgeni@FreeBSD.org
          Assignee: olgeni@FreeBSD.org
             Flags: maintainer-feedback?(olgeni@FreeBSD.org)
 Attachment #233574 maintainer-approval?(olgeni@FreeBSD.org)
             Flags:
                CC: olgeni@FreeBSD.org

Created attachment 233574
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D233574&action=
=3Dedit
databases/hiredis: Update to 1.0.2

The current version of databases/hiredis in ports is both ancient and
vulnerable (see [1]).

The attached patch should update our port to the most recent release. I've =
also
added and enabled an openssl option by default and added a test target (whi=
ch
requires a running redis server to pass completely).

The port builds and passes testing here, but I'd be grateful for any feedba=
ck.
I also think that we might need some additional QA for ports depending on t=
his
one, as it's a big jump with at least a few breaking changes (see the upgra=
ding
notes in [2]).=20

At least databases/py-hiredis will also require updating to still build with
this new version and I'll submit an update for this in as an independent is=
sue.
I'll also submit a vuxml entry as a seperate issue.


Cheers,
Sascha

[1] https://github.com/redis/hiredis/security/advisories/GHSA-hfm9-39pp-55p2
[2] https://github.com/redis/hiredis/blob/master/README.md

--=20
You are receiving this mail because:
You are the assignee for the bug.=

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-263647-7788>