From owner-freebsd-erlang@freebsd.org Tue Sep 11 06:36:44 2018 Return-Path: Delivered-To: freebsd-erlang@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 5EF7A1080B8D for ; Tue, 11 Sep 2018 06:36:44 +0000 (UTC) (envelope-from dch@skunkwerks.at) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id E7FBC88343 for ; Tue, 11 Sep 2018 06:36:43 +0000 (UTC) (envelope-from dch@skunkwerks.at) Received: by mailman.ysv.freebsd.org (Postfix) id A90BF1080B8B; Tue, 11 Sep 2018 06:36:43 +0000 (UTC) Delivered-To: erlang@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 855111080B8A; Tue, 11 Sep 2018 06:36:43 +0000 (UTC) (envelope-from dch@skunkwerks.at) Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 2F70288342; Tue, 11 Sep 2018 06:36:42 +0000 (UTC) (envelope-from dch@skunkwerks.at) Received: from compute7.internal (compute7.nyi.internal [10.202.2.47]) by mailout.nyi.internal (Postfix) with ESMTP id 85A7221221; Tue, 11 Sep 2018 02:36:42 -0400 (EDT) Received: from web6 ([10.202.2.216]) by compute7.internal (MEProxy); Tue, 11 Sep 2018 02:36:42 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=skunkwerks.at; h=cc:content-transfer-encoding:content-type:date:from :in-reply-to:message-id:mime-version:references:subject:to :x-me-sender:x-me-sender:x-sasl-enc; s=fm3; bh=M9ivSvHgThxaTqTI6 ebFG+9I45lQqXVT4zs5o6uOryA=; b=QbMGgqDCzJxgyfhnJRjfoB3MEH+yULkmR cKMdvVWwOp+rSlHEXYDZ5NaRhLLcebmwihTAuGlioZAqwdbn2K+ePsYqZcpa6oRw RoZHihQgB3RXDrALRBhrxMe80UdsfLPBfHYp+uMYyi5BY2oVyPkPYCwYFvb+i1fZ jNMEG+fGlAIRaBGaHsi5bZWUMch5f9B4CapaRQBELduw5vQVZ3yfb08GWE+PdKR0 cJ4wyaEP9oUHFaoLdlKJu7KUEz5myTm5ydjmIMiShgqB2o0SJPdbEIQTxGgwItwR 7cHs6cCTF7pk7eqHsihPxkCGhI0dPehf2r7nFN4mGP7J9VeVjag8Q== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-sender:x-me-sender:x-sasl-enc; s=fm3; bh=M9ivSv HgThxaTqTI6ebFG+9I45lQqXVT4zs5o6uOryA=; b=kG74G2g1LgPBZay369dtL+ Fe49cJ34uC/Ncf9/QAu8uDc6GBNl8PUV6DpjzGG3Rq+0K5OaGzc/LE+pEWyiWf0I /oyaSURnMUwPTWGWwL3/hCa7vR+b7Za1r6tbFuhW5esEhunnGYCbwl4ubmOyYGOy oy0OP84oosgem4u1+O41ghmLyzFbXtC+rSJdN71ctmwkFjC1tm59bSMF2AN6eCCk ig3DrOMm5IjelvJ88FXAC3qdmZjhXBNZNLUnuTO6H3PavM2bk/0Q9eQ177jwECzj jJejq5bgfHLgER5QxoL5st9EozCHOaPd4dFYl02k7UISMxnF/rjUsMhfGrgrxMuQ == X-ME-Proxy: X-ME-Sender: Received: by mailuser.nyi.internal (Postfix, from userid 99) id 8C27C426F; Tue, 11 Sep 2018 02:36:41 -0400 (EDT) Message-Id: <1536647801.1620034.1503828744.64BEDF8C@webmail.messagingengine.com> From: Dave Cottlehuber To: Miroslav Lachman <000.fbsd@quip.cz> Cc: erlang@FreeBSD.org, FreeBSD Ports MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="utf-8" X-Mailer: MessagingEngine.com Webmail Interface - ajax-1234af23 Date: Tue, 11 Sep 2018 08:36:41 +0200 Subject: Re: FreeBSD Port: databases/couchdb upgrade to 2.2 In-Reply-To: <59924f6d-765a-9f0e-67fb-2518d11c1c78@quip.cz> References: <59924f6d-765a-9f0e-67fb-2518d11c1c78@quip.cz> X-BeenThere: freebsd-erlang@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Support of Erlang-related ports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 11 Sep 2018 06:36:44 -0000 On Mon, 10 Sep 2018, at 11:33, Miroslav Lachman wrote: > Hi, > > are there any plans to create port for CouchDB 2.2? > According to latest vulnerability in 1.7.2 and statement on upstream > website http://docs.couchdb.org/en/stable/cve/2018-11769.html there are > no plans to fix it in 1.7, because this version is no longer supported. Correct; however: 1. the risk is low (rogue admin destroys the things they already have access to via DB API) 2. update your /_config to exclude this in /usr/local/etc/couchdb/default.ini *note NOTE local.ini [httpd_global_handlers] ;_config = {couch_httpd_misc_handlers, handle_config_req} > I am not able to create / maintain CouchDB 2.2 port by myself but I > really would like to have not vulnerable version on our server. I'm focused on getting a thing ready for eurobsdcon and ports stuff has had to take a back seat for a couple of weeks, but it's so close now. The phab review patch is already 100% functional https://reviews.freebsd.org/D16819 what remains is polishing up the port esp round how it handles docs. Feedback is welcome of course. You can build / install it and send some feedback in. I'm interested to know how you're using CouchDB on FreeBSD (yay) email me sometime about it! A+ Dave