svn commit: r490941 - head/security/vuxml

Glen Barber gjb at freebsd.org
Tue Jan 22 13:55:39 UTC 2019 

On Wed, Jan 23, 2019 at 12:35:05AM +1100, Kubilay Kocak wrote:
> On 22/01/2019 11:32 pm, Glen Barber wrote:
> > Author: gjb
> > Date: Tue Jan 22 12:32:18 2019
> > New Revision: 490941
> > URL: https://svnweb.freebsd.org/changeset/ports/490941
> > 
> > Log:
> >    Attempt to fix vuxml build.
> >    Sponsored by:	The FreeBSD Foundation
> > 
> > Modified:
> >    head/security/vuxml/vuln.xml
> > 
> > Modified: head/security/vuxml/vuln.xml
> > ==============================================================================
> > --- head/security/vuxml/vuln.xml	Tue Jan 22 12:30:21 2019	(r490940)
> > +++ head/security/vuxml/vuln.xml	Tue Jan 22 12:32:18 2019	(r490941)
> > @@ -62,7 +62,7 @@ Notes:
> >       <topic>www/py-requests -- Information disclosure vulnerability</topic>
> >       <affects>
> >         <package>
> > -	<name>py*-requests</name>
> > +	<name>py-requests</name>
> >   	<range><lt>2.20.0</lt></range>
> >         </package>
> >       </affects>
> > 
> 
> Hi Glen,
> 
> This now doesn't match PKGNAME's (pyXY-requests).
> 
> What is/was the issue exactly?
> 

I'm not entirely sure, but the build failed with:

 /home/vuxmlbuild/vuxmlweb/dtd/vuxml-1/catalog.xml /home/vuxmlbuild/vuxmlweb/dtd/xhtml-modularization/catalog.xml
 /home/vuxmlbuild/vuxmlweb/dtd/xhtml-basic/catalog.xml
 Parsing VuXML ...Application exception:
 bad package name for vid 50ad9a9a-1e28-11e9-98d7-0050562a4d7b: py*-requests @ho:220
 *** Error code 1

Removing the '*' stopped the build failure emails.

> It passed make validate and passed the pkg audit tests (see below) mentioned
> in the file, in order to match any python version of the port, future or
> past. This at least means pkg audit understands the globbing pattern.

'pkg audit' does, yes, but that does not mean the XML parser does for
this case.

Glen

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/svn-ports-head/attachments/20190122/7e34aeb8/attachment.sig>

More information about the svn-ports-head mailing list