Update of devel/rubygem-google-api-client broke www/rubygem-rest-client (blocks security related update)
Matthias Fechner
idefix at fechner.net
Tue Apr 11 05:53:51 UTC 2017
Hi Kurt,
Am 11.04.2017 um 07:27 schrieb Kurt Jaeger:
> Which security bug does this fix ? Any link ?
> For rubygem-rest-client, we're still waiting for the maintainer to
> approve, as far as I can see.
>
the gitlab port has the following security bug:
https://about.gitlab.com/2017/04/05/gitlab-9-dot-0-dot-4-security-release/
But I cannot apply anything (you even can not run it currently) as the
rubygem-google-api-client upgrade has broken the dependency tree.
To explain it a little bit more:
the new rubygem-google-api-client depends on a module > 3.0.
but rubygem-rest-client needs version < 3.0
This is a run dependency, you will not see while building the port.
But gitlab depends on both ports, which makes it completely broken.
You cannot run it anymore.
I hope that makes it clear, that commiting this port (https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=218366) is really crucial.
Gruß
Matthias
--
"Programming today is a race between software engineers striving to
build bigger and better idiot-proof programs, and the universe trying to
produce bigger and better idiots. So far, the universe is winning." --
Rich Cook
More information about the freebsd-ports
mailing list