git: 254b5056ef6b - main - www/grafana8: Security update to 8.5.24
Date: Thu, 27 Apr 2023 09:58:01 UTC
The branch main has been updated by matthew:
URL: https://cgit.FreeBSD.org/ports/commit/?id=254b5056ef6b62f36901bbf7b7fb134b33e5e1b7
commit 254b5056ef6b62f36901bbf7b7fb134b33e5e1b7
Author: Boris Korzun <drtr0jan@yandex.ru>
AuthorDate: 2023-04-27 08:50:21 +0000
Commit: Matthew Seaman <matthew@FreeBSD.org>
CommitDate: 2023-04-27 09:57:45 +0000
www/grafana8: Security update to 8.5.24
Changes: https://github.com/grafana/grafana/releases
PR: 271086
Reported by: Boris Korzun
MFH: 2023Q2
Security: 0b85b1cd-e468-11ed-834b-6c3be5272acd
Security: d2c6173f-e43b-11ed-a1d7-002590f2a714
---
www/grafana8/Makefile | 5 ++---
www/grafana8/Makefile.modules | 12 ++++++------
www/grafana8/distinfo | 34 +++++++++++++++++-----------------
3 files changed, 25 insertions(+), 26 deletions(-)
diff --git a/www/grafana8/Makefile b/www/grafana8/Makefile
index 749caa6ac4de..d731df0132c4 100644
--- a/www/grafana8/Makefile
+++ b/www/grafana8/Makefile
@@ -1,7 +1,6 @@
PORTNAME= grafana
DISTVERSIONPREFIX= v
-DISTVERSION= 8.5.22
-PORTREVISION= 1
+DISTVERSION= 8.5.24
CATEGORIES= www
MASTER_SITES= https://dl.grafana.com/oss/release/:public
PKGNAMESUFFIX= ${DISTVERSION:C/([0-9]).*/\1/1}
@@ -24,7 +23,7 @@ USES= cpe go:modules
USE_GITHUB= yes
USE_RC_SUBR= grafana
-TAG= 210e06b
+TAG= 87c0302
GO_TARGET= ./pkg/cmd/grafana-server \
./pkg/cmd/grafana-cli
diff --git a/www/grafana8/Makefile.modules b/www/grafana8/Makefile.modules
index f896a4a897a8..a201a8ec96cc 100644
--- a/www/grafana8/Makefile.modules
+++ b/www/grafana8/Makefile.modules
@@ -113,7 +113,7 @@ GH_TUPLE= \
golang:tools:v0.6.0:golang_tools/vendor/golang.org/x/tools \
golang:xerrors:5ec99f83aff1:golang_xerrors/vendor/golang.org/x/xerrors \
golang-jwt:jwt:v3.2.1:golang_jwt_jwt/vendor/github.com/golang-jwt/jwt \
- golang-jwt:jwt:v4.4.2:golang_jwt_jwt_v4/vendor/github.com/golang-jwt/jwt/v4 \
+ golang-jwt:jwt:v4.4.3:golang_jwt_jwt_v4/vendor/github.com/golang-jwt/jwt/v4 \
golang-migrate:migrate:v4.7.0:golang_migrate_migrate/vendor/github.com/golang-migrate/migrate/v4 \
golang-sql:civil:cb61b32ac6fe:golang_sql_civil/vendor/github.com/golang-sql/civil \
gomodule:redigo:v2.0.0:gomodule_redigo/vendor/github.com/gomodule/redigo \
@@ -121,7 +121,7 @@ GH_TUPLE= \
google:btree:v1.0.1:google_btree/vendor/github.com/google/btree \
google:flatbuffers:v2.0.0:google_flatbuffers/vendor/github.com/google/flatbuffers \
google:go-cloud:99801bbb523a:google_go_cloud/vendor/gocloud.dev \
- google:go-cmp:v0.5.8:google_go_cmp/vendor/github.com/google/go-cmp \
+ google:go-cmp:v0.5.9:google_go_cmp/vendor/github.com/google/go-cmp \
google:go-genproto:81c1377c94b1:google_go_genproto/vendor/google.golang.org/genproto \
google:subcommands:v1.0.1:google_subcommands/vendor/github.com/google/subcommands \
google:uuid:v1.3.0:google_uuid/vendor/github.com/google/uuid \
@@ -141,7 +141,7 @@ GH_TUPLE= \
grafana:grafana-google-sdk-go:b190293eaf58:grafana_grafana_google_sdk_go/vendor/github.com/grafana/grafana-google-sdk-go \
grafana:grafana-plugin-sdk-go:v0.131.0:grafana_grafana_plugin_sdk_go/vendor/github.com/grafana/grafana-plugin-sdk-go \
grafana:loki:7832783b1caa:grafana_loki/vendor/github.com/grafana/loki \
- grafana:saml:9d456850a65a:grafana_saml/vendor/github.com/crewjam/saml \
+ grafana:saml:67cbfa09c7b6:grafana_saml/vendor/github.com/crewjam/saml \
grafana:xorm:2fcda7565af6:grafana_xorm/vendor/xorm.io/xorm \
grpc-ecosystem:go-grpc-middleware:v1.3.0:grpc_ecosystem_go_grpc_middleware/vendor/github.com/grpc-ecosystem/go-grpc-middleware \
grpc-ecosystem:go-grpc-prometheus:6af20e3a5340:grpc_ecosystem_go_grpc_prometheus/vendor/github.com/grpc-ecosystem/go-grpc-prometheus \
@@ -221,7 +221,7 @@ GH_TUPLE= \
robfig:cron:b41be1df6967:robfig_cron/vendor/github.com/robfig/cron \
robfig:cron:v3.0.1:robfig_cron_v3/vendor/github.com/robfig/cron/v3 \
rs:cors:v1.8.0:rs_cors/vendor/github.com/rs/cors \
- russellhaering:goxmldsig:v1.1.1:russellhaering_goxmldsig/vendor/github.com/russellhaering/goxmldsig \
+ russellhaering:goxmldsig:v1.2.0:russellhaering_goxmldsig/vendor/github.com/russellhaering/goxmldsig \
russross:blackfriday:v2.0.1:russross_blackfriday_v2/vendor/github.com/russross/blackfriday/v2 \
sean-:seed:e2103e2c3529:sean__seed/vendor/github.com/sean-/seed \
segmentio:asm:v1.1.1:segmentio_asm/vendor/github.com/segmentio/asm \
@@ -233,8 +233,8 @@ GH_TUPLE= \
shurcooL:vfsgen:0d455de96546:shurcool_vfsgen/vendor/github.com/shurcooL/vfsgen \
sirupsen:logrus:v1.8.1:sirupsen_logrus/vendor/github.com/sirupsen/logrus \
square:go-jose:v2.5.1:square_go_jose/vendor/gopkg.in/square/go-jose.v2 \
- stretchr:objx:v0.2.0:stretchr_objx/vendor/github.com/stretchr/objx \
- stretchr:testify:v1.7.0:stretchr_testify/vendor/github.com/stretchr/testify \
+ stretchr:objx:v0.5.0:stretchr_objx/vendor/github.com/stretchr/objx \
+ stretchr:testify:v1.8.1:stretchr_testify/vendor/github.com/stretchr/testify \
teris-io:shortid:771a37caa5cf:teris_io_shortid/vendor/github.com/teris-io/shortid \
ua-parser:uap-go:00c877edfe0f:ua_parser_uap_go/vendor/github.com/ua-parser/uap-go \
uber-go:atomic:v1.9.0:uber_go_atomic/vendor/go.uber.org/atomic \
diff --git a/www/grafana8/distinfo b/www/grafana8/distinfo
index ac806925545e..5190a69bcea1 100644
--- a/www/grafana8/distinfo
+++ b/www/grafana8/distinfo
@@ -1,12 +1,12 @@
-TIMESTAMP = 1680271514
-SHA256 (grafana-8.5.22.linux-amd64.tar.gz) = 94a10da45bb09dca16e1f2d67397d7939c15306d0c2db1f5b3929113008f886e
-SIZE (grafana-8.5.22.linux-amd64.tar.gz) = 79199127
+TIMESTAMP = 1682538075
+SHA256 (grafana-8.5.24.linux-amd64.tar.gz) = ff088012f356bcece24e5c89f924fed83a3b63736ec2cc9bc2a66341bf8fe00c
+SIZE (grafana-8.5.24.linux-amd64.tar.gz) = 79211718
SHA256 (v0.3.6.tar.gz) = af49dbe70ab6b0eb31d69afd89c3260b82cb662607b66eac41b65d642faee6bb
SIZE (v0.3.6.tar.gz) = 22747
SHA256 (v0.7.3.tar.gz) = 9709c0e8eec3045832f9da81c7bcacf1a32774cb674efcd5662dd8b4d82f70c1
SIZE (v0.7.3.tar.gz) = 21163
-SHA256 (grafana-grafana-v8.5.22_GH0.tar.gz) = 7a1ca31a4acfcf995f83e81895b44c1194a64173511c73a1f25048a6fbd3947e
-SIZE (grafana-grafana-v8.5.22_GH0.tar.gz) = 18873937
+SHA256 (grafana-grafana-v8.5.24_GH0.tar.gz) = 9332fea516f617e6f9b418f28154f4f8f162c2abb3b739cc6ae7fedac21ddc41
+SIZE (grafana-grafana-v8.5.24_GH0.tar.gz) = 18834604
SHA256 (Azure-azure-sdk-for-go-v59.3.0_GH0.tar.gz) = 219e6cdb7b26dcb4bdac35de2f06abf9caa71810fe88395e692f42729c8e55f5
SIZE (Azure-azure-sdk-for-go-v59.3.0_GH0.tar.gz) = 46199521
SHA256 (Azure-azure-sdk-for-go-sdk-azcore-v0.22.0_GH0.tar.gz) = 7375ac472dc4a19c5ce4eb9e646c20d97a9802e68790dc968b49c7874177b331
@@ -227,8 +227,8 @@ SHA256 (golang-xerrors-5ec99f83aff1_GH0.tar.gz) = 71975d658357e170fd6a41f92539cd
SIZE (golang-xerrors-5ec99f83aff1_GH0.tar.gz) = 13664
SHA256 (golang-jwt-jwt-v3.2.1_GH0.tar.gz) = 9c7d8c881a6517a7d38276d5cbcfbef93ff7ebb7d43181c471d9dc05b0b8feed
SIZE (golang-jwt-jwt-v3.2.1_GH0.tar.gz) = 38016
-SHA256 (golang-jwt-jwt-v4.4.2_GH0.tar.gz) = 5c48e918854c3fc1c9bbb9ebf747addb960250f977aa8523344f60f4c423c7c1
-SIZE (golang-jwt-jwt-v4.4.2_GH0.tar.gz) = 51392
+SHA256 (golang-jwt-jwt-v4.4.3_GH0.tar.gz) = be13d01d3a5b72b14bd828260ded61ce0eedfdf975160ca9ccebbbea6b09bf6a
+SIZE (golang-jwt-jwt-v4.4.3_GH0.tar.gz) = 52257
SHA256 (golang-migrate-migrate-v4.7.0_GH0.tar.gz) = d3f5d2ede4dac95cc2ccf0ec051331e3980b5414b182d9854da2baa0d9cbdfb1
SIZE (golang-migrate-migrate-v4.7.0_GH0.tar.gz) = 119632
SHA256 (golang-sql-civil-cb61b32ac6fe_GH0.tar.gz) = ebc100d46719b1374b59e59bc63baffaec6a2bface5b0d519024f43c097cdc3e
@@ -243,8 +243,8 @@ SHA256 (google-flatbuffers-v2.0.0_GH0.tar.gz) = 9ddb9031798f4f8754d00fca2f1a68ec
SIZE (google-flatbuffers-v2.0.0_GH0.tar.gz) = 1538022
SHA256 (google-go-cloud-99801bbb523a_GH0.tar.gz) = c00d52b97ab7f6d61e149f64723c019ea828600c5931ef79995df3aaec29e990
SIZE (google-go-cloud-99801bbb523a_GH0.tar.gz) = 3365526
-SHA256 (google-go-cmp-v0.5.8_GH0.tar.gz) = 34b57f44eb6ead7de4988fd91a8605f77ecb4a430ddbba36bada0d0224017222
-SIZE (google-go-cmp-v0.5.8_GH0.tar.gz) = 104647
+SHA256 (google-go-cmp-v0.5.9_GH0.tar.gz) = 41a074c2fcfc72f813736f8ca8e3116e260a6b79af407d9da0d4c5e4c3f61acf
+SIZE (google-go-cmp-v0.5.9_GH0.tar.gz) = 104427
SHA256 (google-go-genproto-81c1377c94b1_GH0.tar.gz) = 90876687d67e4831319edd6a91ab67ae31b654103e36971ca922363941880356
SIZE (google-go-genproto-81c1377c94b1_GH0.tar.gz) = 12125189
SHA256 (google-subcommands-v1.0.1_GH0.tar.gz) = 7ddd3eac82240ce08b75f9b03ff50483e121329517d9c20570207aaddfeff14f
@@ -283,8 +283,8 @@ SHA256 (grafana-grafana-plugin-sdk-go-v0.131.0_GH0.tar.gz) = 2c26090b753aaa8b01c
SIZE (grafana-grafana-plugin-sdk-go-v0.131.0_GH0.tar.gz) = 1307404
SHA256 (grafana-loki-7832783b1caa_GH0.tar.gz) = e89867b5a7b0e8d40d43d355a6292ac05b65f8c85f5ad549fd3ba6e58b6ed02d
SIZE (grafana-loki-7832783b1caa_GH0.tar.gz) = 26035626
-SHA256 (grafana-saml-9d456850a65a_GH0.tar.gz) = 04ec34dc2da38ed91c4a5483247a8e310ae70eb978d1172bd018aa6624354c2e
-SIZE (grafana-saml-9d456850a65a_GH0.tar.gz) = 305541
+SHA256 (grafana-saml-67cbfa09c7b6_GH0.tar.gz) = 1791eab89185a2f17b1cbca0a6dfad335b6c5f73a4c5a5fc37c3bbded4a8cb42
+SIZE (grafana-saml-67cbfa09c7b6_GH0.tar.gz) = 305966
SHA256 (grafana-xorm-2fcda7565af6_GH0.tar.gz) = f9ef23a67e683ef3153425856c9e71d38c584e76320a174f296e80774659af28
SIZE (grafana-xorm-2fcda7565af6_GH0.tar.gz) = 414050
SHA256 (grpc-ecosystem-go-grpc-middleware-v1.3.0_GH0.tar.gz) = c9b908202c05a7f821b03ee49cd678e7e71469519054629770e0565d78275cbc
@@ -443,8 +443,8 @@ SHA256 (robfig-cron-v3.0.1_GH0.tar.gz) = ef97328622b5eac7adfb1aa47ddab7b3f68271b
SIZE (robfig-cron-v3.0.1_GH0.tar.gz) = 25639
SHA256 (rs-cors-v1.8.0_GH0.tar.gz) = e5229b85f5506ebdb5114dbe8047c998f778060996001c51ac1def6444d6697f
SIZE (rs-cors-v1.8.0_GH0.tar.gz) = 14136
-SHA256 (russellhaering-goxmldsig-v1.1.1_GH0.tar.gz) = 35ce86e92fa004d9093d0cbf2940e326a8a81f27b0951bbd320044c3ac26ac90
-SIZE (russellhaering-goxmldsig-v1.1.1_GH0.tar.gz) = 29753
+SHA256 (russellhaering-goxmldsig-v1.2.0_GH0.tar.gz) = c738b41707ab49ac0fc8ed34d6ab2b1558014434d8ba19825e74f7433855488b
+SIZE (russellhaering-goxmldsig-v1.2.0_GH0.tar.gz) = 30441
SHA256 (russross-blackfriday-v2.0.1_GH0.tar.gz) = 5a0f38a36b6f3b2d59b72d713451a895a4d3a4406b3533882483782e37797cff
SIZE (russross-blackfriday-v2.0.1_GH0.tar.gz) = 79613
SHA256 (sean--seed-e2103e2c3529_GH0.tar.gz) = 2c46372999670ca4411cc2a08d02b4a79818c15df219b1775073e161d22e3933
@@ -467,10 +467,10 @@ SHA256 (sirupsen-logrus-v1.8.1_GH0.tar.gz) = e9492c08ac8f202b438ccfb992bf81b7860
SIZE (sirupsen-logrus-v1.8.1_GH0.tar.gz) = 47161
SHA256 (square-go-jose-v2.5.1_GH0.tar.gz) = 74c65592183c542b254eb2933f7a99ee869abdf9e7ac02aad4d9f0dce980ace8
SIZE (square-go-jose-v2.5.1_GH0.tar.gz) = 309860
-SHA256 (stretchr-objx-v0.2.0_GH0.tar.gz) = be7dce02798cdc24cee6bd2d95bfcf6976b1521ef735349bf5e7dfe6d147746f
-SIZE (stretchr-objx-v0.2.0_GH0.tar.gz) = 79981
-SHA256 (stretchr-testify-v1.7.0_GH0.tar.gz) = 560c0984072cb436b17bbce5699b205d5aa2beb58ef7a94530d7724b5739a8d6
-SIZE (stretchr-testify-v1.7.0_GH0.tar.gz) = 91073
+SHA256 (stretchr-objx-v0.5.0_GH0.tar.gz) = 751d86bfc628ac94df05749de3ecf09cb63310ada3d384f50b6a30f0f161bd42
+SIZE (stretchr-objx-v0.5.0_GH0.tar.gz) = 165516
+SHA256 (stretchr-testify-v1.8.1_GH0.tar.gz) = 6749fede6c26ae66b7e7500136dbe56913b4e0679099b6c1154d2210a9a1ec00
+SIZE (stretchr-testify-v1.8.1_GH0.tar.gz) = 97670
SHA256 (teris-io-shortid-771a37caa5cf_GH0.tar.gz) = 79146ef4720e5afc1548c4953e0cc07988efbce613cb00c2938b0b69edf60e3b
SIZE (teris-io-shortid-771a37caa5cf_GH0.tar.gz) = 8667
SHA256 (ua-parser-uap-go-00c877edfe0f_GH0.tar.gz) = 70146f5f7f1e1f076b6af02e90d4b41d405abca9c3eca752009ba6b03c6256d2