Date: Fri, 27 Oct 2023 07:25:58 GMT From: Matthias Fechner <mfechner@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: git: 7182e7a63684 - main - textproc/rubygem-dartsass: fix security problem Message-ID: <202310270725.39R7PwDS075357@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by mfechner: URL: https://cgit.FreeBSD.org/ports/commit/?id=7182e7a63684aeda919490915f2b9015fdf839dd commit 7182e7a63684aeda919490915f2b9015fdf839dd Author: Matthias Fechner <mfechner@FreeBSD.org> AuthorDate: 2023-10-27 07:24:35 +0000 Commit: Matthias Fechner <mfechner@FreeBSD.org> CommitDate: 2023-10-27 07:25:40 +0000 textproc/rubygem-dartsass: fix security problem The port installed file that are world writeable. Fix this problem. It is also reported upstream: https://github.com/ayushn21/dartsass-ruby/issues/1 --- textproc/rubygem-dartsass/Makefile | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/textproc/rubygem-dartsass/Makefile b/textproc/rubygem-dartsass/Makefile index 65f761721e21..5bcbb045e012 100644 --- a/textproc/rubygem-dartsass/Makefile +++ b/textproc/rubygem-dartsass/Makefile @@ -1,5 +1,6 @@ PORTNAME= dartsass PORTVERSION= 1.49.8 +PORTREVISION= 1 CATEGORIES= textproc ruby MASTER_SITES= RG @@ -13,4 +14,12 @@ USES= gem PLIST_FILES= bin/dartsass +# The port installs binaries world writeable +# Reported upstream here: https://github.com/ayushn21/dartsass-ruby/issues/1 +# Fix this here, till they provide an upstream fix for this security problem +post-extract: + ${CHMOD} 0755 ${WRKSRC}/exe/linux/sass + ${CHMOD} 0755 ${WRKSRC}/exe/darwin/sass + ${CHMOD} 0755 ${WRKSRC}/exe/darwin/src/dart + .include <bsd.port.mk>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202310270725.39R7PwDS075357>