[MAINTAINER] security update net/prosody to 0.10.2

Henrik Friedrichsen Mon, 04 Jun 2018 12:39:04 -0700

Hi,

attached diff updates prosody to 0.10.2 which fixes CVE-2018-10847[1].


Also included in 0.10.2 and 0.10.1 (which was omitted) are several
other bugfixes [2][3].

[1]: https://prosody.im/security/advisory_20180531/
[2]: https://blog.prosody.im/prosody-0-10-1-released/
[3]: https://blog.prosody.im/prosody-0-10-2-security-release/

Index: Makefile
===================================================================
RCS file: /cvs/ports/net/prosody/Makefile,v
retrieving revision 1.48
diff -u -p -r1.48 Makefile
--- Makefile    18 Jan 2018 03:22:34 -0000      1.48
+++ Makefile    4 Jun 2018 18:33:43 -0000
@@ -1,8 +1,7 @@
 # $OpenBSD: Makefile,v 1.48 2018/01/18 03:22:34 danj Exp $
 
 COMMENT=       communications server for Jabber/XMPP written in Lua
-DISTNAME=      prosody-0.10.0
-REVISION=      2
+DISTNAME=      prosody-0.10.2
 CATEGORIES=    net
 MASTER_SITES=  http://prosody.im/downloads/source/
 
Index: distinfo
===================================================================
RCS file: /cvs/ports/net/prosody/distinfo,v
retrieving revision 1.14
diff -u -p -r1.14 distinfo
--- distinfo    5 Nov 2017 16:52:07 -0000       1.14
+++ distinfo    4 Jun 2018 18:33:43 -0000
@@ -1,2 +1,2 @@
-SHA256 (prosody-0.10.0.tar.gz) = dBTkRyVsYLJkVXjEpZExE810tBnKWgMrVNuQ2YqXhJg=
-SIZE (prosody-0.10.0.tar.gz) = 330461
+SHA256 (prosody-0.10.2.tar.gz) = dbXwNeenTV8gju6vhBm5SoXQm0AlLURM/4Az/ePJdo4=
+SIZE (prosody-0.10.2.tar.gz) = 331874
Index: patches/patch-core_certmanager_lua
===================================================================
RCS file: patches/patch-core_certmanager_lua
diff -N patches/patch-core_certmanager_lua
--- /dev/null   1 Jan 1970 00:00:00 -0000
+++ patches/patch-core_certmanager_lua  4 Jun 2018 18:33:43 -0000
@@ -0,0 +1,14 @@
+$OpenBSD$
+
+Index: core/certmanager.lua
+--- core/certmanager.lua.orig
++++ core/certmanager.lua
+@@ -102,7 +102,7 @@ end
+ 
+ -- Built-in defaults
+ local core_defaults = {
+-      capath = "/etc/ssl/certs";
++      cafile = "/etc/ssl/cert.pem";
+       depth = 9;
+       protocol = "tlsv1+";
+       verify = (ssl_x509 and { "peer", "client_once", }) or "none";
Index: pkg/PLIST
===================================================================
RCS file: /cvs/ports/net/prosody/pkg/PLIST,v
retrieving revision 1.11
diff -u -p -r1.11 PLIST
--- pkg/PLIST   5 Nov 2017 16:52:07 -0000       1.11
+++ pkg/PLIST   4 Jun 2018 18:33:43 -0000
@@ -1,6 +1,7 @@
 @comment $OpenBSD: PLIST,v 1.11 2017/11/05 16:52:07 landry Exp $
 @newgroup _prosody:638
 @newuser _prosody:638:_prosody:daemon:prosody user:/nonexistent:/sbin/nologin
+@rcscript ${RCDIR}/prosody
 lib/prosody/
 lib/prosody/core/
 lib/prosody/core/certmanager.lua
@@ -72,6 +73,7 @@ lib/prosody/modules/mod_s2s/s2sout.lib.l
 lib/prosody/modules/mod_s2s_auth_certs.lua
 lib/prosody/modules/mod_saslauth.lua
 lib/prosody/modules/mod_server_contact_info.lua
+lib/prosody/modules/mod_stanza_debug.lua
 lib/prosody/modules/mod_storage_internal.lua
 lib/prosody/modules/mod_storage_none.lua
 lib/prosody/modules/mod_storage_sql.lua
@@ -208,11 +210,8 @@ share/examples/prosody/prosody.cfg.lua
 @mode 770
 @owner _prosody
 @group _prosody
-@sample /var/prosody/
 share/examples/prosody/prosody.log
 @mode 660
 @sample /var/prosody/prosody.log
-@owner
-@group
-@mode
-@rcscript ${RCDIR}/prosody
+@mode 770
+@sample /var/prosody/

[MAINTAINER] security update net/prosody to 0.10.2

Reply via email to