svn commit: r494571 - head/www/mybb
Jochen Neumeister
joneum at FreeBSD.org
Mon Mar 4 10:48:48 UTC 2019
On 04.03.19 11:47, Tobias Kortkamp wrote:
> On Mon, Mar 04, 2019 at 11:45:24AM +0100, Jochen Neumeister wrote:
>> On 04.03.19 11:43, Tobias Kortkamp wrote:
>>> On Mon, Mar 04, 2019 at 10:02:38AM +0000, Jochen Neumeister wrote:
>>>> Author: joneum
>>>> Date: Mon Mar 4 10:02:38 2019
>>>> New Revision: 494571
>>>> URL: https://svnweb.freebsd.org/changeset/ports/494571
>>>>
>>>> Log:
>>>> in r494382, et to update GH_TAGNAME. This fixes it
>>>>
>>>> MFH: 2019Q1
>>>> Security: 395ed9d5-3cca-11e9-9ba0-4c72b94353b5
>>>> Sponsored by: Netzkommune GmbH
>>>>
>>>> Modified:
>>>> head/www/mybb/Makefile
>>>> head/www/mybb/distinfo
>>>> head/www/mybb/pkg-plist
>>>>
>>>> Modified: head/www/mybb/Makefile
>>>> ==============================================================================
>>>> --- head/www/mybb/Makefile Mon Mar 4 09:45:56 2019 (r494570)
>>>> +++ head/www/mybb/Makefile Mon Mar 4 10:02:38 2019 (r494571)
>>>> @@ -11,7 +11,7 @@ COMMENT= PHP-based bulletin board / discussion forum s
>>>> LICENSE= GPLv3
>>>>
>>>> USE_GITHUB= yes
>>>> -GH_TAGNAME= ${PORTNAME}_1819
>>>> +GH_TAGNAME= ${PORTNAME}_1820
>>> Do you plan to update vuxml too? Our mybb-1.8.20 is mybb-1.8.19
>>> in reality which is still vulnerable, but is not marked as such by
>>> pkg audit.
>>>
>>> $ pkg audit mybb-1.8.19
>>> mybb-1.8.19 is vulnerable:
>>> mybb -- vulnerabilities
>>> WWW: https://vuxml.FreeBSD.org/freebsd/395ed9d5-3cca-11e9-9ba0-4c72b94353b5.html
>>>
>>> 1 problem(s) in the installed packages found.
>>>
>>> $ pkg audit mybb-1.8.20
>>> 0 problem(s) in the installed packages found.
>>>
>> 1.8.20 is in vuxml:
>>
>> + <range><lt>1.8.20</lt></range>
> Yeah, but this entry does not match 1.8.20. It should be 1.8.20_1
> now (the one with PORTREVISION=1 after the GH_TAGNAME fix), not
> 1.8.20 which is the same as 1.8.19.
args ... you're right. Thanks .... i need more coffee.
More information about the svn-ports-all
mailing list