git: be89efd78347 - 2023Q3 - devel/artifactory: Mark as FORBIDDEN
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sat, 19 Aug 2023 17:53:19 UTC
The branch 2023Q3 has been updated by fernape:
URL: https://cgit.FreeBSD.org/ports/commit/?id=be89efd78347e3c661cb83ee6fbb45c129fb0307
commit be89efd78347e3c661cb83ee6fbb45c129fb0307
Author: Fernando Apesteguía <fernape@FreeBSD.org>
AuthorDate: 2023-08-18 06:13:43 +0000
Commit: Fernando Apesteguía <fernape@FreeBSD.org>
CommitDate: 2023-08-19 17:53:07 +0000
devel/artifactory: Mark as FORBIDDEN
Port hasn't been updated since 2018 an ships a very old version of Tomcat with
multiple vulnerabilities.
PR: 269426
Reported by: lapo@lapo.it
(cherry picked from commit a13e8d285c9195e769514732ea4493c90432e39f)
---
devel/artifactory/Makefile | 3 +++
1 file changed, 3 insertions(+)
diff --git a/devel/artifactory/Makefile b/devel/artifactory/Makefile
index 8f58f139cef5..88ad006a6cbd 100644
--- a/devel/artifactory/Makefile
+++ b/devel/artifactory/Makefile
@@ -1,5 +1,6 @@
PORTNAME= artifactory
DISTVERSION= 5.8.3
+PORTREVISION= 1
CATEGORIES= devel java
MASTER_SITES= https://bintray.com/artifact/download/jfrog/artifactory/
DISTNAME= jfrog-${PORTNAME}-oss-${PORTVERSION}
@@ -13,6 +14,8 @@ LICENSE_COMB= multi
LICENSE_FILE_GPLv3= ${WRKSRC}/COPYING.AFFERO
LICENSE_FILE_APACHE20= ${WRKSRC}/tomcat/LICENSE
+FORBIDDEN= Ships a very vulnerable Tomcat 8.5.23
+
RUN_DEPENDS= bash:shells/bash
WRKSRC= ${WRKDIR}/${PORTNAME}-oss-${PORTVERSION}