svn commit: r485174 - head/devel/rubygem-warden
Matthias Fechner
idefix at fechner.net
Thu Nov 22 08:25:10 UTC 2018
Am 18.11.2018 um 10:53 schrieb Matthias Fechner:
> Am 17.11.2018 um 18:34 schrieb Sunpoet Po-Chuan Hsieh:
>> -PORTVERSION= 1.2.7
>> +PORTVERSION= 1.2.8
>> CATEGORIES= devel rubygems
>> MASTER_SITES= RG
>>
>> @@ -12,10 +12,11 @@ COMMENT= Rack middleware that provides authentication
>> LICENSE= MIT
>> LICENSE_FILE= ${WRKSRC}/LICENSE
>>
>> -RUN_DEPENDS= rubygem-rack>=1.0:www/rubygem-rack
>> +RUN_DEPENDS= rubygem-rack>=2.0.6:www/rubygem-rack
> could someone please help to understand why this upgrade has broken
> www/gitlab-ce?
> I do not really understand it, but I do not want to downgrade this port,
> as there a CVE is related to:
> https://github.com/wardencommunity/warden/releases/tag/v1.2.8
>
> I see the following error:
> https://pkg.fechner.net/data/112amd64-gitlab/2018-11-18_10h44m24s/logs/errors/gitlab-ce-11.4.5.log
>
> If I downgrade rubygem-warden again to 1.2.7 it solves the problem.
as I do not get any feedback, what must I do, that this commit get
reverted till the problem is solved?
Or I'm allowed to revert this commit by myself?
Gruß
Matthias
--
"Programming today is a race between software engineers striving to
build bigger and better idiot-proof programs, and the universe trying to
produce bigger and better idiots. So far, the universe is winning." --
Rich Cook
More information about the svn-ports-all
mailing list