git: e9b329f9108e - main - devel/sonarqube-community: update to 9.2.3

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Alexander Leidinger <netchild_at_FreeBSD.org>
Date: Fri, 17 Dec 2021 08:20:27 UTC
The branch main has been updated by netchild:

URL: https://cgit.FreeBSD.org/ports/commit/?id=e9b329f9108e1f915a5a213c3776d41ba785d3af

commit e9b329f9108e1f915a5a213c3776d41ba785d3af
Author:     Alexander Leidinger <netchild@FreeBSD.org>
AuthorDate: 2021-12-17 08:14:19 +0000
Commit:     Alexander Leidinger <netchild@FreeBSD.org>
CommitDate: 2021-12-17 08:20:24 +0000

    devel/sonarqube-community: update to 9.2.3
    
    This is a feel-good release for the log4j vulnerabilities.
    
    Log4j is bundled in the included elasticsearch only. Elasticsearch
    states, that for JDK9+ (the FreeBSD port uses 11+) is not susceptible
    to either remote code execution or information leakage due to the
    useage of the Java Security Manager.
    The updated Elasticsearch in sonarqube has certain components of
    log4j removed "out of an abundance of caution".
    
    Reference:      https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476
---
 devel/sonarqube-community/Makefile  |   4 +-
 devel/sonarqube-community/distinfo  |   6 +--
 devel/sonarqube-community/pkg-plist | 100 +++++++++++++++++++-----------------
 3 files changed, 57 insertions(+), 53 deletions(-)

diff --git a/devel/sonarqube-community/Makefile b/devel/sonarqube-community/Makefile
index 5b02f8fce28d..edd2faa00ee5 100644
--- a/devel/sonarqube-community/Makefile
+++ b/devel/sonarqube-community/Makefile
@@ -1,6 +1,6 @@
 PORTNAME=	sonarqube
-DISTVERSION=	9.2.1.49989
-PORTREVISION=	3
+DISTVERSION=	9.2.3.50713
+PORTREVISION=	0
 CATEGORIES=	devel security www java
 MASTER_SITES=	https://binaries.sonarsource.com/Distribution/sonarqube/:m_core \
 		https://binaries.sonarsource.com/Distribution/sonar-csharp-plugin/:m_csharp \
diff --git a/devel/sonarqube-community/distinfo b/devel/sonarqube-community/distinfo
index cd3018b204db..da8caec018fa 100644
--- a/devel/sonarqube-community/distinfo
+++ b/devel/sonarqube-community/distinfo
@@ -1,6 +1,6 @@
-TIMESTAMP = 1639486424
-SHA256 (sonarqube-9.2.1.49989.zip) = 86d6adb3879f450142d6df766d0f6e197491ec80a6e9f5326bee57d665db578a
-SIZE (sonarqube-9.2.1.49989.zip) = 303896929
+TIMESTAMP = 1639728349
+SHA256 (sonarqube-9.2.3.50713.zip) = 0c3639063fe58d46303c8cb0a42f8ae912ff81d0f7b85db44c477b589d2e2533
+SIZE (sonarqube-9.2.3.50713.zip) = 309828548
 SHA256 (sonar-csharp-plugin-8.33.0.40503.jar) = 7d06264c0b37395e468eaa065fe9929416e05192ab3b922781a7be629174c40a
 SIZE (sonar-csharp-plugin-8.33.0.40503.jar) = 5304142
 SHA256 (sonar-java-plugin-7.6.0.28201.jar) = a7222621a20a380df78d10d031e3d60b98bdfd8fccf25bbf041ad45404a9a7ff
diff --git a/devel/sonarqube-community/pkg-plist b/devel/sonarqube-community/pkg-plist
index 2f9eaac92f40..dd2e7f0fc1ba 100644
--- a/devel/sonarqube-community/pkg-plist
+++ b/devel/sonarqube-community/pkg-plist
@@ -16,7 +16,7 @@
 @(,,755) libexec/sonarqube/elasticsearch/bin/elasticsearch-service-tokens
 @(,,755) libexec/sonarqube/elasticsearch/bin/elasticsearch-setup-passwords
 @(,,755) libexec/sonarqube/elasticsearch/bin/elasticsearch-sql-cli
-@(,,755) libexec/sonarqube/elasticsearch/bin/elasticsearch-sql-cli-7.14.1.jar
+@(,,755) libexec/sonarqube/elasticsearch/bin/elasticsearch-sql-cli-7.16.1.jar
 @(,,755) libexec/sonarqube/elasticsearch/bin/elasticsearch-syskeygen
 @(,,755) libexec/sonarqube/elasticsearch/bin/elasticsearch-users
 @(,,755) libexec/sonarqube/elasticsearch/bin/x-pack-env
@@ -25,6 +25,7 @@
 libexec/sonarqube/elasticsearch/LICENSE.txt
 libexec/sonarqube/elasticsearch/NOTICE.txt
 libexec/sonarqube/elasticsearch/README.asciidoc
+libexec/sonarqube/elasticsearch/config/elasticsearch-plugins.example.yml
 libexec/sonarqube/elasticsearch/config/elasticsearch.yml
 libexec/sonarqube/elasticsearch/config/jvm.options
 libexec/sonarqube/elasticsearch/config/log4j2.properties
@@ -33,45 +34,43 @@ libexec/sonarqube/elasticsearch/config/roles.yml
 libexec/sonarqube/elasticsearch/config/users
 libexec/sonarqube/elasticsearch/config/users_roles
 libexec/sonarqube/elasticsearch/lib/HdrHistogram-2.1.9.jar
-libexec/sonarqube/elasticsearch/lib/elasticsearch-7.14.1.jar
-libexec/sonarqube/elasticsearch/lib/elasticsearch-cli-7.14.1.jar
-libexec/sonarqube/elasticsearch/lib/elasticsearch-core-7.14.1.jar
-libexec/sonarqube/elasticsearch/lib/elasticsearch-geo-7.14.1.jar
-libexec/sonarqube/elasticsearch/lib/elasticsearch-launchers-7.14.1.jar
-libexec/sonarqube/elasticsearch/lib/elasticsearch-plugin-classloader-7.14.1.jar
-libexec/sonarqube/elasticsearch/lib/elasticsearch-secure-sm-7.14.1.jar
-libexec/sonarqube/elasticsearch/lib/elasticsearch-x-content-7.14.1.jar
+libexec/sonarqube/elasticsearch/lib/elasticsearch-7.16.1.jar
+libexec/sonarqube/elasticsearch/lib/elasticsearch-cli-7.16.1.jar
+libexec/sonarqube/elasticsearch/lib/elasticsearch-core-7.16.1.jar
+libexec/sonarqube/elasticsearch/lib/elasticsearch-geo-7.16.1.jar
+libexec/sonarqube/elasticsearch/lib/elasticsearch-launchers-7.16.1.jar
+libexec/sonarqube/elasticsearch/lib/elasticsearch-log4j-7.16.1.jar
+libexec/sonarqube/elasticsearch/lib/elasticsearch-lz4-7.16.1.jar
+libexec/sonarqube/elasticsearch/lib/elasticsearch-plugin-classloader-7.16.1.jar
+libexec/sonarqube/elasticsearch/lib/elasticsearch-secure-sm-7.16.1.jar
+libexec/sonarqube/elasticsearch/lib/elasticsearch-x-content-7.16.1.jar
 libexec/sonarqube/elasticsearch/lib/hppc-0.8.1.jar
 libexec/sonarqube/elasticsearch/lib/jackson-core-2.10.4.jar
 libexec/sonarqube/elasticsearch/lib/jackson-dataformat-cbor-2.10.4.jar
 libexec/sonarqube/elasticsearch/lib/jackson-dataformat-smile-2.10.4.jar
 libexec/sonarqube/elasticsearch/lib/jackson-dataformat-yaml-2.10.4.jar
-libexec/sonarqube/elasticsearch/lib/java-version-checker-7.14.1.jar
-libexec/sonarqube/elasticsearch/lib/jna-5.7.0-1.jar
+libexec/sonarqube/elasticsearch/lib/java-version-checker-7.16.1.jar
+libexec/sonarqube/elasticsearch/lib/jna-5.10.0.jar
 libexec/sonarqube/elasticsearch/lib/joda-time-2.10.10.jar
 libexec/sonarqube/elasticsearch/lib/jopt-simple-5.0.2.jar
-libexec/sonarqube/elasticsearch/lib/jts-core-1.15.0.jar
 libexec/sonarqube/elasticsearch/lib/log4j-api-2.11.1.jar
-libexec/sonarqube/elasticsearch/lib/log4j-core-2.11.1.jar
-libexec/sonarqube/elasticsearch/lib/lucene-analyzers-common-8.9.0.jar
-libexec/sonarqube/elasticsearch/lib/lucene-backward-codecs-8.9.0.jar
-libexec/sonarqube/elasticsearch/lib/lucene-core-8.9.0.jar
-libexec/sonarqube/elasticsearch/lib/lucene-grouping-8.9.0.jar
-libexec/sonarqube/elasticsearch/lib/lucene-highlighter-8.9.0.jar
-libexec/sonarqube/elasticsearch/lib/lucene-join-8.9.0.jar
-libexec/sonarqube/elasticsearch/lib/lucene-memory-8.9.0.jar
-libexec/sonarqube/elasticsearch/lib/lucene-misc-8.9.0.jar
-libexec/sonarqube/elasticsearch/lib/lucene-queries-8.9.0.jar
-libexec/sonarqube/elasticsearch/lib/lucene-queryparser-8.9.0.jar
-libexec/sonarqube/elasticsearch/lib/lucene-sandbox-8.9.0.jar
-libexec/sonarqube/elasticsearch/lib/lucene-spatial-extras-8.9.0.jar
-libexec/sonarqube/elasticsearch/lib/lucene-spatial3d-8.9.0.jar
-libexec/sonarqube/elasticsearch/lib/lucene-suggest-8.9.0.jar
+libexec/sonarqube/elasticsearch/lib/lucene-analyzers-common-8.10.1.jar
+libexec/sonarqube/elasticsearch/lib/lucene-backward-codecs-8.10.1.jar
+libexec/sonarqube/elasticsearch/lib/lucene-core-8.10.1.jar
+libexec/sonarqube/elasticsearch/lib/lucene-grouping-8.10.1.jar
+libexec/sonarqube/elasticsearch/lib/lucene-highlighter-8.10.1.jar
+libexec/sonarqube/elasticsearch/lib/lucene-join-8.10.1.jar
+libexec/sonarqube/elasticsearch/lib/lucene-memory-8.10.1.jar
+libexec/sonarqube/elasticsearch/lib/lucene-misc-8.10.1.jar
+libexec/sonarqube/elasticsearch/lib/lucene-queries-8.10.1.jar
+libexec/sonarqube/elasticsearch/lib/lucene-queryparser-8.10.1.jar
+libexec/sonarqube/elasticsearch/lib/lucene-sandbox-8.10.1.jar
+libexec/sonarqube/elasticsearch/lib/lucene-spatial3d-8.10.1.jar
+libexec/sonarqube/elasticsearch/lib/lucene-suggest-8.10.1.jar
 libexec/sonarqube/elasticsearch/lib/lz4-java-1.8.0.jar
 libexec/sonarqube/elasticsearch/lib/snakeyaml-1.26.jar
-libexec/sonarqube/elasticsearch/lib/spatial4j-0.7.jar
 libexec/sonarqube/elasticsearch/lib/t-digest-3.2.jar
-libexec/sonarqube/elasticsearch/modules/analysis-common/analysis-common-7.14.1.jar
+libexec/sonarqube/elasticsearch/modules/analysis-common/analysis-common-7.16.1.jar
 libexec/sonarqube/elasticsearch/modules/analysis-common/plugin-descriptor.properties
 libexec/sonarqube/elasticsearch/modules/lang-painless/antlr4-runtime-4.5.3.jar
 libexec/sonarqube/elasticsearch/modules/lang-painless/asm-7.2.jar
@@ -79,30 +78,35 @@ libexec/sonarqube/elasticsearch/modules/lang-painless/asm-analysis-7.2.jar
 libexec/sonarqube/elasticsearch/modules/lang-painless/asm-commons-7.2.jar
 libexec/sonarqube/elasticsearch/modules/lang-painless/asm-tree-7.2.jar
 libexec/sonarqube/elasticsearch/modules/lang-painless/asm-util-7.2.jar
-libexec/sonarqube/elasticsearch/modules/lang-painless/elasticsearch-scripting-painless-spi-7.14.1.jar
-libexec/sonarqube/elasticsearch/modules/lang-painless/lang-painless-7.14.1.jar
+libexec/sonarqube/elasticsearch/modules/lang-painless/lang-painless-7.16.1.jar
 libexec/sonarqube/elasticsearch/modules/lang-painless/plugin-descriptor.properties
 libexec/sonarqube/elasticsearch/modules/lang-painless/plugin-security.policy
-libexec/sonarqube/elasticsearch/modules/parent-join/parent-join-client-7.14.1.jar
+libexec/sonarqube/elasticsearch/modules/lang-painless/spi/elasticsearch-scripting-painless-spi-7.16.1.jar
+libexec/sonarqube/elasticsearch/modules/legacy-geo/jts-core-1.15.0.jar
+libexec/sonarqube/elasticsearch/modules/legacy-geo/legacy-geo-7.16.1.jar
+libexec/sonarqube/elasticsearch/modules/legacy-geo/lucene-spatial-extras-8.10.1.jar
+libexec/sonarqube/elasticsearch/modules/legacy-geo/plugin-descriptor.properties
+libexec/sonarqube/elasticsearch/modules/legacy-geo/spatial4j-0.7.jar
+libexec/sonarqube/elasticsearch/modules/parent-join/parent-join-client-7.16.1.jar
 libexec/sonarqube/elasticsearch/modules/parent-join/plugin-descriptor.properties
-libexec/sonarqube/elasticsearch/modules/percolator/percolator-client-7.14.1.jar
+libexec/sonarqube/elasticsearch/modules/percolator/percolator-client-7.16.1.jar
 libexec/sonarqube/elasticsearch/modules/percolator/plugin-descriptor.properties
-libexec/sonarqube/elasticsearch/modules/runtime-fields-common/elasticsearch-dissect-7.14.1.jar
-libexec/sonarqube/elasticsearch/modules/runtime-fields-common/elasticsearch-grok-7.14.1.jar
+libexec/sonarqube/elasticsearch/modules/runtime-fields-common/elasticsearch-dissect-7.16.1.jar
+libexec/sonarqube/elasticsearch/modules/runtime-fields-common/elasticsearch-grok-7.16.1.jar
 libexec/sonarqube/elasticsearch/modules/runtime-fields-common/jcodings-1.0.44.jar
 libexec/sonarqube/elasticsearch/modules/runtime-fields-common/joni-2.1.29.jar
 libexec/sonarqube/elasticsearch/modules/runtime-fields-common/plugin-descriptor.properties
-libexec/sonarqube/elasticsearch/modules/runtime-fields-common/runtime-fields-common-7.14.1.jar
-libexec/sonarqube/elasticsearch/modules/transport-netty4/netty-buffer-4.1.49.Final.jar
-libexec/sonarqube/elasticsearch/modules/transport-netty4/netty-codec-4.1.49.Final.jar
-libexec/sonarqube/elasticsearch/modules/transport-netty4/netty-codec-http-4.1.49.Final.jar
-libexec/sonarqube/elasticsearch/modules/transport-netty4/netty-common-4.1.49.Final.jar
-libexec/sonarqube/elasticsearch/modules/transport-netty4/netty-handler-4.1.49.Final.jar
-libexec/sonarqube/elasticsearch/modules/transport-netty4/netty-resolver-4.1.49.Final.jar
-libexec/sonarqube/elasticsearch/modules/transport-netty4/netty-transport-4.1.49.Final.jar
+libexec/sonarqube/elasticsearch/modules/runtime-fields-common/runtime-fields-common-7.16.1.jar
+libexec/sonarqube/elasticsearch/modules/transport-netty4/netty-buffer-4.1.66.Final.jar
+libexec/sonarqube/elasticsearch/modules/transport-netty4/netty-codec-4.1.66.Final.jar
+libexec/sonarqube/elasticsearch/modules/transport-netty4/netty-codec-http-4.1.66.Final.jar
+libexec/sonarqube/elasticsearch/modules/transport-netty4/netty-common-4.1.66.Final.jar
+libexec/sonarqube/elasticsearch/modules/transport-netty4/netty-handler-4.1.66.Final.jar
+libexec/sonarqube/elasticsearch/modules/transport-netty4/netty-resolver-4.1.66.Final.jar
+libexec/sonarqube/elasticsearch/modules/transport-netty4/netty-transport-4.1.66.Final.jar
 libexec/sonarqube/elasticsearch/modules/transport-netty4/plugin-descriptor.properties
 libexec/sonarqube/elasticsearch/modules/transport-netty4/plugin-security.policy
-libexec/sonarqube/elasticsearch/modules/transport-netty4/transport-netty4-client-7.14.1.jar
+libexec/sonarqube/elasticsearch/modules/transport-netty4/transport-netty4-client-7.16.1.jar
 libexec/sonarqube/lib/extensions/sonar-config-plugin-1.1.0.185.jar
 libexec/sonarqube/lib/extensions/sonar-csharp-plugin-%%SONARCSHARP_VER%%.jar
 libexec/sonarqube/lib/extensions/sonar-flex-plugin-2.6.2.2641.jar
@@ -277,10 +281,10 @@ libexec/sonarqube/web/images/tutorials/jenkins.svg
 libexec/sonarqube/web/images/tutorials/manual.svg
 libexec/sonarqube/web/images/tutorials/refresh.svg
 libexec/sonarqube/web/index.html
-libexec/sonarqube/web/js/outV7HKTALN.css
-libexec/sonarqube/web/js/outV7HKTALN.css.map
-libexec/sonarqube/web/js/outZA7ASMV3.js
-libexec/sonarqube/web/js/outZA7ASMV3.js.map
+libexec/sonarqube/web/js/out7PZXUY6W.css
+libexec/sonarqube/web/js/out7PZXUY6W.css.map
+libexec/sonarqube/web/js/outZ4QEXPZ4.js
+libexec/sonarqube/web/js/outZ4QEXPZ4.js.map
 libexec/sonarqube/web/mstile-512x512.png
 libexec/sonarqube/web/robots.txt
 @owner sonarqube