From owner-svn-ports-all@freebsd.org Mon Mar 4 10:43:10 2019 Return-Path: Delivered-To: svn-ports-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id CF77B150BB7B; Mon, 4 Mar 2019 10:43:10 +0000 (UTC) (envelope-from tobik@freebsd.org) Received: from out2-smtp.messagingengine.com (out2-smtp.messagingengine.com [66.111.4.26]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 6EA6F92ACD; Mon, 4 Mar 2019 10:43:10 +0000 (UTC) (envelope-from tobik@freebsd.org) Received: from compute7.internal (compute7.nyi.internal [10.202.2.47]) by mailout.nyi.internal (Postfix) with ESMTP id 79189221C6; Mon, 4 Mar 2019 05:43:04 -0500 (EST) Received: from mailfrontend1 ([10.202.2.162]) by compute7.internal (MEProxy); Mon, 04 Mar 2019 05:43:04 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; bh=Niq81c gz6BLRsbj0MgEQ52QxVsdTWoABbvSFSiSZivA=; b=E7yHlb0wRVGtm8WnowcPf3 kloKa8YJkoAm9k9RkpGp/ilGDNBaVnw/0nTOQZVn2GDLRBn9bz/CM9UN5sqLKSj9 eh1bhJ80RAFdXKOSETwKIT0sBUYe/R7VAPAwps8JizRmqcwMiw6Gp4faR1ECu+YX 318xjDPDprK8egKWWRswn5kBxZsrMyvJspGe2VFENwwauHbX/v74W4agSleqkLTc TFgw/4Tw/nCvggUJYJh2Cy8xaXdF44Pv+xE+1/jD2Ml78569WtuVvHL4Zv2Ibije bX40AHqOjxPPKe6zzp8ACfOQzobK5mMDlUEf5kOG0rjBkF0L8aqY/YRU0UZ7iJ0A == X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedutddrfedugddukecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenuc fjughrpeffhffvuffkfhggtggujggfsehgtderredtredvnecuhfhrohhmpefvohgsihgr shcumfhorhhtkhgrmhhpuceothhosghikhesfhhrvggvsghsugdrohhrgheqnecuffhomh grihhnpehfrhgvvggsshgurdhorhhgnecukfhppeelhedrledtrddvtddvrdejudenucfr rghrrghmpehmrghilhhfrhhomhepthhosghikhesfhhrvggvsghsugdrohhrghenucevlh hushhtvghrufhiiigvpedt X-ME-Proxy: Received: from urd.tobik.me (ip5f5aca47.dynamic.kabel-deutschland.de [95.90.202.71]) by mail.messagingengine.com (Postfix) with ESMTPA id 59C94E46B8; Mon, 4 Mar 2019 05:43:03 -0500 (EST) Date: Mon, 4 Mar 2019 11:43:01 +0100 From: Tobias Kortkamp To: Jochen Neumeister Cc: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: Re: svn commit: r494571 - head/www/mybb Message-ID: <20190304104300.GA61251@urd.tobik.me> References: <201903041002.x24A2c3F085833@repo.freebsd.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="FCuugMFkClbJLl1L" Content-Disposition: inline In-Reply-To: <201903041002.x24A2c3F085833@repo.freebsd.org> User-Agent: Mutt/1.11.2 (2019-01-07) X-Rspamd-Queue-Id: 6EA6F92ACD X-Spamd-Bar: ------ Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-6.99 / 15.00]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; NEURAL_HAM_SHORT(-0.99)[-0.991,0]; REPLY(-4.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0] X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 04 Mar 2019 10:43:11 -0000 --FCuugMFkClbJLl1L Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Mar 04, 2019 at 10:02:38AM +0000, Jochen Neumeister wrote: > Author: joneum > Date: Mon Mar 4 10:02:38 2019 > New Revision: 494571 > URL: https://svnweb.freebsd.org/changeset/ports/494571 >=20 > Log: > in r494382, et to update GH_TAGNAME. This fixes it > =20 > MFH: 2019Q1 > Security: 395ed9d5-3cca-11e9-9ba0-4c72b94353b5 > Sponsored by: Netzkommune GmbH >=20 > Modified: > head/www/mybb/Makefile > head/www/mybb/distinfo > head/www/mybb/pkg-plist >=20 > Modified: head/www/mybb/Makefile > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D > --- head/www/mybb/Makefile Mon Mar 4 09:45:56 2019 (r494570) > +++ head/www/mybb/Makefile Mon Mar 4 10:02:38 2019 (r494571) > @@ -11,7 +11,7 @@ COMMENT=3D PHP-based bulletin board / discussion forum s > LICENSE=3D GPLv3 > =20 > USE_GITHUB=3D yes > -GH_TAGNAME=3D ${PORTNAME}_1819 > +GH_TAGNAME=3D ${PORTNAME}_1820 Do you plan to update vuxml too? Our mybb-1.8.20 is mybb-1.8.19 in reality which is still vulnerable, but is not marked as such by pkg audit. $ pkg audit mybb-1.8.19 mybb-1.8.19 is vulnerable: mybb -- vulnerabilities WWW: https://vuxml.FreeBSD.org/freebsd/395ed9d5-3cca-11e9-9ba0-4c72b94353b5= =2Ehtml 1 problem(s) in the installed packages found. $ pkg audit mybb-1.8.20=20 0 problem(s) in the installed packages found. --FCuugMFkClbJLl1L Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQGTBAEBCgB9FiEElXvTEJc6ePgdQuobpPCftzzFH2EFAlx9AS9fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDk1 N0JEMzEwOTczQTc4RjgxRDQyRUExQkE0RjA5RkI3M0NDNTFGNjEACgkQpPCftzzF H2EYMwf8CGZUEwaInZRX4MVejrdvnHGGl6MF2XxBVOHM+F0RzKucvbUJp5T/5NwH C7IQlxd3Zr7HjhHhcgnmV10cz71jEVY3ONPBZ+rM0ZjlJcyG73D9Ozwm0OPbwAwx Iwa+lMAtVnBbh0gWGJR1z+ojC21SUa9bOfGCfDYCCac/M13Relil6X9Jh5NTZrtR YBz9u7XwsuLpcIm8DK2JBobpBiAxuvjw2shhvsSprJ1Zrkgly/+ur8fHqDkoOWxV QuOh1yW/uflD2Rvgmk+4WXzmp0dS029xlc1xmH7QWlFDaPJHXLBHgj3MeT4OHp0p X3xMHHth54DhcJrXLMYoNJtJ4zWYLg== =MGVP -----END PGP SIGNATURE----- --FCuugMFkClbJLl1L--