From owner-freebsd-ports@freebsd.org  Tue Dec  5 11:32:10 2017
Return-Path: <owner-freebsd-ports@freebsd.org>
Delivered-To: freebsd-ports@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9DC42E5EE1C
 for <freebsd-ports@mailman.ysv.freebsd.org>;
 Tue,  5 Dec 2017 11:32:10 +0000 (UTC) (envelope-from hausen@punkt.de)
Received: from kagate.punkt.de (kagate.punkt.de [217.29.33.131])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 35D5476A40
 for <freebsd-ports@freebsd.org>; Tue,  5 Dec 2017 11:32:09 +0000 (UTC)
 (envelope-from hausen@punkt.de)
Received: from hugo10.ka.punkt.de (hugo10.ka.punkt.de [217.29.44.10])
 by gate2.intern.punkt.de with ESMTP id vB5BW7WB032232;
 Tue, 5 Dec 2017 12:32:07 +0100 (CET)
Received: from [217.29.44.110] ([217.29.44.110])
 by hugo10.ka.punkt.de (8.14.2/8.14.2) with ESMTP id vB5BW7Hh026126;
 Tue, 5 Dec 2017 12:32:07 +0100 (CET) (envelope-from hausen@punkt.de)
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
Subject: Re: Missing fixes for various ports in Q4 branch? (was: MySQL 5.6)
From: "Patrick M. Hausen" <hausen@punkt.de>
In-Reply-To: <94AC4DE0-78AB-4EB4-BE43-682D2CCEDB9B@punkt.de>
Date: Tue, 5 Dec 2017 12:32:07 +0100
Cc: freebsd-ports@freebsd.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <3A3D1671-936D-4BE7-9B6F-E73E3BA81A06@punkt.de>
References: <0C45356F-037F-4BF8-8222-0F82879F6A5D@punkt.de>
 <20171205105529.GR2827@home.opsec.eu>
 <94AC4DE0-78AB-4EB4-BE43-682D2CCEDB9B@punkt.de>
To: Kurt Jaeger <lists@opsec.eu>
X-Mailer: Apple Mail (2.3273)
X-BeenThere: freebsd-ports@freebsd.org
X-Mailman-Version: 2.1.25
Precedence: list
List-Id: Porting software to FreeBSD <freebsd-ports.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-ports>,
 <mailto:freebsd-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports/>
List-Post: <mailto:freebsd-ports@freebsd.org>
List-Help: <mailto:freebsd-ports-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
 <mailto:freebsd-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Dec 2017 11:32:10 -0000


> Am 05.12.2017 um 12:05 schrieb Patrick M. Hausen <hausen@punkt.de>:
> PHP 5.6 is 5.6.31 in Q4 with CVE-2016-1283 and 5.6.32 in HEAD.
> Update to HEAD 4 weeks ago.
>=20
> Curl is behind, too - though this fix was committed to HEAD just 2 =
days ago.

And graphics/OpenEXR received security updates in HEAD 4 days ago.

I assumed merging from HEAD to quarterly for security issues was =
automatic?

We relied on just updating the branch every night and running poudriere =
... looks
like I should implement something around pkg audit that sends us daily =
status
reports.

Kind regards,
Patrick
--=20
punkt.de GmbH			Internet - Dienstleistungen - Beratung
Kaiserallee 13a			Tel.: 0721 9109-0 Fax: -100
76133 Karlsruhe			info@punkt.de	http://punkt.de
AG Mannheim 108285		Gf: Juergen Egeling