Re: [UPDATE] www/varnish 5.2.0 -> 5.2.1
On [22/11/17] [02:33P], Stuart Henderson wrote: ; This is the *only* code change in the upstream code. (The only others are ; an additional test, and regen for new version number / commit ids in docs). ; ; diff -uNp -r varnish-5.2.0/bin/varnishd/cache/cache_fetch.c varnish-5.2.1/bin/varnishd/cache/cache_fetch.c ; --- varnish-5.2.0/bin/varnishd/cache/cache_fetch.cFri Sep 15 12:12:41 2017 ; +++ varnish-5.2.1/bin/varnishd/cache/cache_fetch.cTue Nov 14 13:39:35 2017 ; @@ -899,6 +899,8 @@ vbf_stp_error(struct worker *wrk, struct busyobj *bo) ; l = ll; ; if (VFP_GetStorage(bo->vfc, , ) != VFP_OK) ; break; ; + if (l > ll) ; + l = ll; ; memcpy(ptr, VSB_data(synth_body) + o, l); ; VFP_Extend(bo->vfc, l); ; ll -= l; ; diff -uNp -r varnish-5.2.0/bin/varnishd/cache/cache_session.c varnish-5.2.1/bin/varnishd/cache/cache_session.c ; --- varnish-5.2.0/bin/varnishd/cache/cache_session.c Tue Sep 5 15:21:34 2017 ; +++ varnish-5.2.1/bin/varnishd/cache/cache_session.c Tue Nov 14 13:39:35 2017 ; @@ -289,7 +289,7 @@ HTC_RxStuff(struct http_conn *htc, htc_complete_f *fun ; WRONG("htc_status_e"); ; ; tmo = tn - now; ; - if (!isnan(ti) && ti < tn) ; + if (!isnan(ti) && ti < tn && hs == HTC_S_EMPTY) ; tmo = ti - now; ; z = maxbytes - (htc->rxbuf_e - htc->rxbuf_b); ; assert(z >= 0); ; ; OK for this simple port update? ; ; Index: Makefile ; === ; RCS file: /cvs/ports/www/varnish/Makefile,v ; retrieving revision 1.33 ; diff -u -p -r1.33 Makefile ; --- Makefile 18 Sep 2017 14:09:53 - 1.33 ; +++ Makefile 22 Nov 2017 14:31:14 - ; @@ -2,7 +2,7 @@ ; ; COMMENT =high-performance HTTP accelerator ; ; -DISTNAME = varnish-5.2.0 ; +DISTNAME = varnish-5.2.1 ; ; CATEGORIES = www ; ; Index: distinfo ; === ; RCS file: /cvs/ports/www/varnish/distinfo,v ; retrieving revision 1.17 ; diff -u -p -r1.17 distinfo ; --- distinfo 18 Sep 2017 14:09:53 - 1.17 ; +++ distinfo 22 Nov 2017 14:31:14 - ; @@ -1,2 +1,2 @@ ; -SHA256 (varnish-5.2.0.tgz) = zEgmoEgPSSaNOZYwnkt+RlFR6aUjzPjq1JnsV1FJ9H4= ; -SIZE (varnish-5.2.0.tgz) = 2828867 ; +SHA256 (varnish-5.2.1.tgz) = uEUsnXjBb3jIz9HBoeaWUjv2S3chwzAVDcwIUkWQFLM= ; +SIZE (varnish-5.2.1.tgz) = 2827676 ; > OK gonzalo@ -- Sending from my toaster.
Re: [UPDATE] www/varnish 5.2.0 -> 5.2.1
This is the *only* code change in the upstream code. (The only others are an additional test, and regen for new version number / commit ids in docs). diff -uNp -r varnish-5.2.0/bin/varnishd/cache/cache_fetch.c varnish-5.2.1/bin/varnishd/cache/cache_fetch.c --- varnish-5.2.0/bin/varnishd/cache/cache_fetch.c Fri Sep 15 12:12:41 2017 +++ varnish-5.2.1/bin/varnishd/cache/cache_fetch.c Tue Nov 14 13:39:35 2017 @@ -899,6 +899,8 @@ vbf_stp_error(struct worker *wrk, struct busyobj *bo) l = ll; if (VFP_GetStorage(bo->vfc, , ) != VFP_OK) break; + if (l > ll) + l = ll; memcpy(ptr, VSB_data(synth_body) + o, l); VFP_Extend(bo->vfc, l); ll -= l; diff -uNp -r varnish-5.2.0/bin/varnishd/cache/cache_session.c varnish-5.2.1/bin/varnishd/cache/cache_session.c --- varnish-5.2.0/bin/varnishd/cache/cache_session.cTue Sep 5 15:21:34 2017 +++ varnish-5.2.1/bin/varnishd/cache/cache_session.cTue Nov 14 13:39:35 2017 @@ -289,7 +289,7 @@ HTC_RxStuff(struct http_conn *htc, htc_complete_f *fun WRONG("htc_status_e"); tmo = tn - now; - if (!isnan(ti) && ti < tn) + if (!isnan(ti) && ti < tn && hs == HTC_S_EMPTY) tmo = ti - now; z = maxbytes - (htc->rxbuf_e - htc->rxbuf_b); assert(z >= 0); OK for this simple port update? Index: Makefile === RCS file: /cvs/ports/www/varnish/Makefile,v retrieving revision 1.33 diff -u -p -r1.33 Makefile --- Makefile18 Sep 2017 14:09:53 - 1.33 +++ Makefile22 Nov 2017 14:31:14 - @@ -2,7 +2,7 @@ COMMENT = high-performance HTTP accelerator -DISTNAME = varnish-5.2.0 +DISTNAME = varnish-5.2.1 CATEGORIES = www Index: distinfo === RCS file: /cvs/ports/www/varnish/distinfo,v retrieving revision 1.17 diff -u -p -r1.17 distinfo --- distinfo18 Sep 2017 14:09:53 - 1.17 +++ distinfo22 Nov 2017 14:31:14 - @@ -1,2 +1,2 @@ -SHA256 (varnish-5.2.0.tgz) = zEgmoEgPSSaNOZYwnkt+RlFR6aUjzPjq1JnsV1FJ9H4= -SIZE (varnish-5.2.0.tgz) = 2828867 +SHA256 (varnish-5.2.1.tgz) = uEUsnXjBb3jIz9HBoeaWUjv2S3chwzAVDcwIUkWQFLM= +SIZE (varnish-5.2.1.tgz) = 2827676 >
Re: [UPDATE] www/varnish 5.2.0 -> 5.2.1
On [22/11/17] [11:47P], Klemens Nanni wrote: ; On Wed, Nov 15, 2017 at 05:14:11PM +0100, Klemens Nanni wrote: ; > This is a security update[0] fixing a data leak: ; > ; > A wrong if statement in the varnishd source code means that ; > synthetic objects in stevedores which over-allocate, may leak up ; > to page size of data from a malloc(3) memory allocation. ; > ; > In a unpredictable percentage of the cases where this condition ; > arises, a segmentation fault will happen instead. ; > ; > Tests continue to pass: ; > ; > # TOTAL: 636 ; > # PASS: 630 ; > # SKIP: 5 ; > # XFAIL: 0 ; > # FAIL: 1 ; > # XPASS: 0 ; > # ERROR: 0 ; > ; > FAIL tests/u0.vtc (exit status: 2) ; > ; > Removed TEST_TARGET=check as it's default. I also replaced cp with ; > ${INSTALL_DATA} post-install and pointed users to 5.2 docs. ; > ; > Since Varnish compiles .vsc files to C using python with 2.7 specific ; > code (import StringIO), I added lang/python and explicity set ; > MODPY_VERSION=2.7. ; > ; > Feedback? Does anyone want to commit this? ; > ; > 0: https://varnish-cache.org/releases/rel5.2.1.html#rel5-2-1 ; > ; > diff --git a/www/varnish/Makefile b/www/varnish/Makefile ; > index b0fa5029ab4..5cf58670364 100644 ; > --- a/www/varnish/Makefile ; > +++ b/www/varnish/Makefile ; > @@ -2,7 +2,7 @@ ; > ; > COMMENT = high-performance HTTP accelerator ; > ; > -DISTNAME = varnish-5.2.0 ; > +DISTNAME = varnish-5.2.1 ; > ; > CATEGORIES = www ; > ; > @@ -16,12 +16,16 @@ MAINTAINER =Jim Razmus II\ ; > # BSD ; > PERMIT_PACKAGE_CDROM = Yes ; > ; > -MASTER_SITES = https://varnish-cache.org/_downloads/ ; > +MASTER_SITES = ${HOMEPAGE}_downloads/ ; > ; > EXTRACT_SUFX = .tgz ; > ; > WANTLIB += c execinfo m ncursesw pcre pthread readline termcap ; > ; > +MODULES = lang/python ; > + ; > +MODPY_VERSION =2.7 ; > + ; > BUILD_DEPENDS =${MODGNU_AUTOCONF_DEPENDS} \ ; > ${MODGNU_AUTOMAKE_DEPENDS} \ ; > devel/libtool \ ; > @@ -30,6 +34,8 @@ LIB_DEPENDS = devel/pcre ; > # The internal backtrace implementation fails to build with -Werror on arm/hppa ; > LIB_DEPENDS += devel/libexecinfo ; > ; > +MODPY_RUNDEP = No ; > + ; > WRKDIST = ${WRKDIR}/${DISTNAME} ; > USE_GMAKE =Yes ; > CONFIGURE_STYLE = gnu ; > @@ -38,7 +44,7 @@ AUTOMAKE_VERSION =1.15 ; > CONFIGURE_ENV =CPPFLAGS="-I${LOCALBASE}/include" \ ; > LDFLAGS="-L${LOCALBASE}/lib ${LDFLAGS}" ; > ; > -TEST_TARGET = check ; > +MODPY_ADJ_FILES = lib/lib*/*.py ; > ; > post-patch: ; > cd ${WRKSRC} && env AUTOCONF_VERSION=${AUTOCONF_VERSION} \ ; > @@ -47,7 +53,7 @@ post-patch: ; > post-install: ; > ${INSTALL_DATA_DIR} ${PREFIX}/share/doc/varnish ; > ${INSTALL_DATA_DIR} ${PREFIX}/share/examples/varnish ; > - cp ${WRKDIST}${SYSCONFDIR}/{example,builtin}.vcl \ ; > + ${INSTALL_DATA} ${WRKDIST}${SYSCONFDIR}/{example,builtin}.vcl \ ; > ${PREFIX}/share/examples/varnish ; > rm -f ${PREFIX}/lib/varnish/{vmods,}/*.{a,la} ; > ; > diff --git a/www/varnish/distinfo b/www/varnish/distinfo ; > index f7dc351f783..cdba07a9889 100644 ; > --- a/www/varnish/distinfo ; > +++ b/www/varnish/distinfo ; > @@ -1,2 +1,2 @@ ; > -SHA256 (varnish-5.2.0.tgz) = zEgmoEgPSSaNOZYwnkt+RlFR6aUjzPjq1JnsV1FJ9H4= ; > -SIZE (varnish-5.2.0.tgz) = 2828867 ; > +SHA256 (varnish-5.2.1.tgz) = uEUsnXjBb3jIz9HBoeaWUjv2S3chwzAVDcwIUkWQFLM= ; > +SIZE (varnish-5.2.1.tgz) = 2827676 ; > diff --git a/www/varnish/pkg/MESSAGE b/www/varnish/pkg/MESSAGE ; > index 5f50b1bbf2a..ce02efaef87 100644 ; > --- a/www/varnish/pkg/MESSAGE ; > +++ b/www/varnish/pkg/MESSAGE ; > @@ -5,4 +5,4 @@ or the following link for more information: ; > ; > and for further information: ; > ; > - https://www.varnish-cache.org/docs/5.0/ ; > + https://www.varnish-cache.org/docs/5.2/ ; > ; One week bump, neither of the two maintainers have replied so far. ; ; I can take of the python 2.7 bits in another diff so the next ; revision/release won't depend on 2.7 anymore. ; A little bit busy right now, but I can test the diff in a couple days. Thanks. -- Sending from my toaster.
Re: [UPDATE] www/varnish 5.2.0 -> 5.2.1
On Wed, Nov 22, 2017 at 11:03:51AM +, Stuart Henderson wrote: > On 2017/11/22 11:47, Klemens Nanni wrote: > > On Wed, Nov 15, 2017 at 05:14:11PM +0100, Klemens Nanni wrote: > > > This is a security update[0] fixing a data leak: > > > > > > A wrong if statement in the varnishd source code means that > > > synthetic objects in stevedores which over-allocate, may leak up > > > to page size of data from a malloc(3) memory allocation. > > > > > > In a unpredictable percentage of the cases where this condition > > > arises, a segmentation fault will happen instead. > > > > > > Tests continue to pass: > > > > > > # TOTAL: 636 > > > # PASS: 630 > > > # SKIP: 5 > > > # XFAIL: 0 > > > # FAIL: 1 > > > # XPASS: 0 > > > # ERROR: 0 > > > > > > FAIL tests/u0.vtc (exit status: 2) > > > > > > Removed TEST_TARGET=check as it's default. I also replaced cp with > > > ${INSTALL_DATA} post-install and pointed users to 5.2 docs. > > > > > > Since Varnish compiles .vsc files to C using python with 2.7 specific > > > code (import StringIO), I added lang/python and explicity set > > > MODPY_VERSION=2.7. > > > > > > Feedback? Does anyone want to commit this? > > > > > > 0: https://varnish-cache.org/releases/rel5.2.1.html#rel5-2-1 > > > > > > diff --git a/www/varnish/Makefile b/www/varnish/Makefile > > > index b0fa5029ab4..5cf58670364 100644 > > > --- a/www/varnish/Makefile > > > +++ b/www/varnish/Makefile > > > @@ -2,7 +2,7 @@ > > > > > > COMMENT =high-performance HTTP accelerator > > > > > > -DISTNAME = varnish-5.2.0 > > > +DISTNAME = varnish-5.2.1 > > > > > > CATEGORIES = www > > > > > > @@ -16,12 +16,16 @@ MAINTAINER = Jim Razmus II > > >\ > > > # BSD > > > PERMIT_PACKAGE_CDROM = Yes > > > > > > -MASTER_SITES = https://varnish-cache.org/_downloads/ > > > +MASTER_SITES = ${HOMEPAGE}_downloads/ > > We stopped doing that, it's annoying if you want to copy the URL from > Makefile and open it in a browser. > > > > EXTRACT_SUFX = .tgz > > > > > > WANTLIB += c execinfo m ncursesw pcre pthread readline termcap > > > > > > +MODULES =lang/python > > > + > > > +MODPY_VERSION = 2.7 > > > + > > > BUILD_DEPENDS = ${MODGNU_AUTOCONF_DEPENDS} \ > > > ${MODGNU_AUTOMAKE_DEPENDS} \ > > > devel/libtool \ > > > @@ -30,6 +34,8 @@ LIB_DEPENDS = devel/pcre > > > # The internal backtrace implementation fails to build with -Werror on > > > arm/hppa > > > LIB_DEPENDS += devel/libexecinfo > > > > > > +MODPY_RUNDEP = No > > > + > > > WRKDIST =${WRKDIR}/${DISTNAME} > > > USE_GMAKE = Yes > > > CONFIGURE_STYLE =gnu > > > @@ -38,7 +44,7 @@ AUTOMAKE_VERSION = 1.15 > > > CONFIGURE_ENV = CPPFLAGS="-I${LOCALBASE}/include" \ > > > LDFLAGS="-L${LOCALBASE}/lib ${LDFLAGS}" > > > > > > -TEST_TARGET =check > > > +MODPY_ADJ_FILES =lib/lib*/*.py > > > > > > post-patch: > > > cd ${WRKSRC} && env AUTOCONF_VERSION=${AUTOCONF_VERSION} \ > > > @@ -47,7 +53,7 @@ post-patch: > > > post-install: > > > ${INSTALL_DATA_DIR} ${PREFIX}/share/doc/varnish > > > ${INSTALL_DATA_DIR} ${PREFIX}/share/examples/varnish > > > - cp ${WRKDIST}${SYSCONFDIR}/{example,builtin}.vcl \ > > > + ${INSTALL_DATA} ${WRKDIST}${SYSCONFDIR}/{example,builtin}.vcl \ > > > ${PREFIX}/share/examples/varnish > > > rm -f ${PREFIX}/lib/varnish/{vmods,}/*.{a,la} > > > > > > diff --git a/www/varnish/distinfo b/www/varnish/distinfo > > > index f7dc351f783..cdba07a9889 100644 > > > --- a/www/varnish/distinfo > > > +++ b/www/varnish/distinfo > > > @@ -1,2 +1,2 @@ > > > -SHA256 (varnish-5.2.0.tgz) = zEgmoEgPSSaNOZYwnkt+RlFR6aUjzPjq1JnsV1FJ9H4= > > > -SIZE (varnish-5.2.0.tgz) = 2828867 > > > +SHA256 (varnish-5.2.1.tgz) = uEUsnXjBb3jIz9HBoeaWUjv2S3chwzAVDcwIUkWQFLM= > > > +SIZE (varnish-5.2.1.tgz) = 2827676 > > > diff --git a/www/varnish/pkg/MESSAGE b/www/varnish/pkg/MESSAGE > > > index 5f50b1bbf2a..ce02efaef87 100644 > > > --- a/www/varnish/pkg/MESSAGE > > > +++ b/www/varnish/pkg/MESSAGE > > > @@ -5,4 +5,4 @@ or the following link for more information: > > > > > > and for further information: > > > > > > - https://www.varnish-cache.org/docs/5.0/ > > > + https://www.varnish-cache.org/docs/5.2/ > > > > > MESSAGE doesn't really add anything. Better to just remove it IMHO. > > > One week bump, neither of the two maintainers have replied so far. > > > > I can take of the python 2.7 bits in another diff so the next > > revision/release won't depend on 2.7 anymore. > > A word of advice: if you're trying to get what looks like it might be > a relatively simple security update in quickly, don't make any > unnecessary Makefile changes on top. Noted, cheers. Updated diff below. diff --git a/www/varnish/Makefile
Re: [UPDATE] www/varnish 5.2.0 -> 5.2.1
On 2017/11/22 11:47, Klemens Nanni wrote: > On Wed, Nov 15, 2017 at 05:14:11PM +0100, Klemens Nanni wrote: > > This is a security update[0] fixing a data leak: > > > > A wrong if statement in the varnishd source code means that > > synthetic objects in stevedores which over-allocate, may leak up > > to page size of data from a malloc(3) memory allocation. > > > > In a unpredictable percentage of the cases where this condition > > arises, a segmentation fault will happen instead. > > > > Tests continue to pass: > > > > # TOTAL: 636 > > # PASS: 630 > > # SKIP: 5 > > # XFAIL: 0 > > # FAIL: 1 > > # XPASS: 0 > > # ERROR: 0 > > > > FAIL tests/u0.vtc (exit status: 2) > > > > Removed TEST_TARGET=check as it's default. I also replaced cp with > > ${INSTALL_DATA} post-install and pointed users to 5.2 docs. > > > > Since Varnish compiles .vsc files to C using python with 2.7 specific > > code (import StringIO), I added lang/python and explicity set > > MODPY_VERSION=2.7. > > > > Feedback? Does anyone want to commit this? > > > > 0: https://varnish-cache.org/releases/rel5.2.1.html#rel5-2-1 > > > > diff --git a/www/varnish/Makefile b/www/varnish/Makefile > > index b0fa5029ab4..5cf58670364 100644 > > --- a/www/varnish/Makefile > > +++ b/www/varnish/Makefile > > @@ -2,7 +2,7 @@ > > > > COMMENT = high-performance HTTP accelerator > > > > -DISTNAME = varnish-5.2.0 > > +DISTNAME = varnish-5.2.1 > > > > CATEGORIES = www > > > > @@ -16,12 +16,16 @@ MAINTAINER =Jim Razmus II > >\ > > # BSD > > PERMIT_PACKAGE_CDROM = Yes > > > > -MASTER_SITES = https://varnish-cache.org/_downloads/ > > +MASTER_SITES = ${HOMEPAGE}_downloads/ We stopped doing that, it's annoying if you want to copy the URL from Makefile and open it in a browser. > > EXTRACT_SUFX = .tgz > > > > WANTLIB += c execinfo m ncursesw pcre pthread readline termcap > > > > +MODULES = lang/python > > + > > +MODPY_VERSION =2.7 > > + > > BUILD_DEPENDS =${MODGNU_AUTOCONF_DEPENDS} \ > > ${MODGNU_AUTOMAKE_DEPENDS} \ > > devel/libtool \ > > @@ -30,6 +34,8 @@ LIB_DEPENDS = devel/pcre > > # The internal backtrace implementation fails to build with -Werror on > > arm/hppa > > LIB_DEPENDS += devel/libexecinfo > > > > +MODPY_RUNDEP = No > > + > > WRKDIST = ${WRKDIR}/${DISTNAME} > > USE_GMAKE =Yes > > CONFIGURE_STYLE = gnu > > @@ -38,7 +44,7 @@ AUTOMAKE_VERSION =1.15 > > CONFIGURE_ENV =CPPFLAGS="-I${LOCALBASE}/include" \ > > LDFLAGS="-L${LOCALBASE}/lib ${LDFLAGS}" > > > > -TEST_TARGET = check > > +MODPY_ADJ_FILES = lib/lib*/*.py > > > > post-patch: > > cd ${WRKSRC} && env AUTOCONF_VERSION=${AUTOCONF_VERSION} \ > > @@ -47,7 +53,7 @@ post-patch: > > post-install: > > ${INSTALL_DATA_DIR} ${PREFIX}/share/doc/varnish > > ${INSTALL_DATA_DIR} ${PREFIX}/share/examples/varnish > > - cp ${WRKDIST}${SYSCONFDIR}/{example,builtin}.vcl \ > > + ${INSTALL_DATA} ${WRKDIST}${SYSCONFDIR}/{example,builtin}.vcl \ > > ${PREFIX}/share/examples/varnish > > rm -f ${PREFIX}/lib/varnish/{vmods,}/*.{a,la} > > > > diff --git a/www/varnish/distinfo b/www/varnish/distinfo > > index f7dc351f783..cdba07a9889 100644 > > --- a/www/varnish/distinfo > > +++ b/www/varnish/distinfo > > @@ -1,2 +1,2 @@ > > -SHA256 (varnish-5.2.0.tgz) = zEgmoEgPSSaNOZYwnkt+RlFR6aUjzPjq1JnsV1FJ9H4= > > -SIZE (varnish-5.2.0.tgz) = 2828867 > > +SHA256 (varnish-5.2.1.tgz) = uEUsnXjBb3jIz9HBoeaWUjv2S3chwzAVDcwIUkWQFLM= > > +SIZE (varnish-5.2.1.tgz) = 2827676 > > diff --git a/www/varnish/pkg/MESSAGE b/www/varnish/pkg/MESSAGE > > index 5f50b1bbf2a..ce02efaef87 100644 > > --- a/www/varnish/pkg/MESSAGE > > +++ b/www/varnish/pkg/MESSAGE > > @@ -5,4 +5,4 @@ or the following link for more information: > > > > and for further information: > > > > - https://www.varnish-cache.org/docs/5.0/ > > + https://www.varnish-cache.org/docs/5.2/ > > MESSAGE doesn't really add anything. Better to just remove it IMHO. > One week bump, neither of the two maintainers have replied so far. > > I can take of the python 2.7 bits in another diff so the next > revision/release won't depend on 2.7 anymore. A word of advice: if you're trying to get what looks like it might be a relatively simple security update in quickly, don't make any unnecessary Makefile changes on top.
Re: [UPDATE] www/varnish 5.2.0 -> 5.2.1
On Wed, Nov 15, 2017 at 05:14:11PM +0100, Klemens Nanni wrote: > This is a security update[0] fixing a data leak: > > A wrong if statement in the varnishd source code means that > synthetic objects in stevedores which over-allocate, may leak up > to page size of data from a malloc(3) memory allocation. > > In a unpredictable percentage of the cases where this condition > arises, a segmentation fault will happen instead. > > Tests continue to pass: > > # TOTAL: 636 > # PASS: 630 > # SKIP: 5 > # XFAIL: 0 > # FAIL: 1 > # XPASS: 0 > # ERROR: 0 > > FAIL tests/u0.vtc (exit status: 2) > > Removed TEST_TARGET=check as it's default. I also replaced cp with > ${INSTALL_DATA} post-install and pointed users to 5.2 docs. > > Since Varnish compiles .vsc files to C using python with 2.7 specific > code (import StringIO), I added lang/python and explicity set > MODPY_VERSION=2.7. > > Feedback? Does anyone want to commit this? > > 0: https://varnish-cache.org/releases/rel5.2.1.html#rel5-2-1 > > diff --git a/www/varnish/Makefile b/www/varnish/Makefile > index b0fa5029ab4..5cf58670364 100644 > --- a/www/varnish/Makefile > +++ b/www/varnish/Makefile > @@ -2,7 +2,7 @@ > > COMMENT =high-performance HTTP accelerator > > -DISTNAME = varnish-5.2.0 > +DISTNAME = varnish-5.2.1 > > CATEGORIES = www > > @@ -16,12 +16,16 @@ MAINTAINER = Jim Razmus II >\ > # BSD > PERMIT_PACKAGE_CDROM = Yes > > -MASTER_SITES = https://varnish-cache.org/_downloads/ > +MASTER_SITES = ${HOMEPAGE}_downloads/ > > EXTRACT_SUFX = .tgz > > WANTLIB += c execinfo m ncursesw pcre pthread readline termcap > > +MODULES =lang/python > + > +MODPY_VERSION = 2.7 > + > BUILD_DEPENDS = ${MODGNU_AUTOCONF_DEPENDS} \ > ${MODGNU_AUTOMAKE_DEPENDS} \ > devel/libtool \ > @@ -30,6 +34,8 @@ LIB_DEPENDS = devel/pcre > # The internal backtrace implementation fails to build with -Werror on > arm/hppa > LIB_DEPENDS += devel/libexecinfo > > +MODPY_RUNDEP = No > + > WRKDIST =${WRKDIR}/${DISTNAME} > USE_GMAKE = Yes > CONFIGURE_STYLE =gnu > @@ -38,7 +44,7 @@ AUTOMAKE_VERSION = 1.15 > CONFIGURE_ENV = CPPFLAGS="-I${LOCALBASE}/include" \ > LDFLAGS="-L${LOCALBASE}/lib ${LDFLAGS}" > > -TEST_TARGET =check > +MODPY_ADJ_FILES =lib/lib*/*.py > > post-patch: > cd ${WRKSRC} && env AUTOCONF_VERSION=${AUTOCONF_VERSION} \ > @@ -47,7 +53,7 @@ post-patch: > post-install: > ${INSTALL_DATA_DIR} ${PREFIX}/share/doc/varnish > ${INSTALL_DATA_DIR} ${PREFIX}/share/examples/varnish > - cp ${WRKDIST}${SYSCONFDIR}/{example,builtin}.vcl \ > + ${INSTALL_DATA} ${WRKDIST}${SYSCONFDIR}/{example,builtin}.vcl \ > ${PREFIX}/share/examples/varnish > rm -f ${PREFIX}/lib/varnish/{vmods,}/*.{a,la} > > diff --git a/www/varnish/distinfo b/www/varnish/distinfo > index f7dc351f783..cdba07a9889 100644 > --- a/www/varnish/distinfo > +++ b/www/varnish/distinfo > @@ -1,2 +1,2 @@ > -SHA256 (varnish-5.2.0.tgz) = zEgmoEgPSSaNOZYwnkt+RlFR6aUjzPjq1JnsV1FJ9H4= > -SIZE (varnish-5.2.0.tgz) = 2828867 > +SHA256 (varnish-5.2.1.tgz) = uEUsnXjBb3jIz9HBoeaWUjv2S3chwzAVDcwIUkWQFLM= > +SIZE (varnish-5.2.1.tgz) = 2827676 > diff --git a/www/varnish/pkg/MESSAGE b/www/varnish/pkg/MESSAGE > index 5f50b1bbf2a..ce02efaef87 100644 > --- a/www/varnish/pkg/MESSAGE > +++ b/www/varnish/pkg/MESSAGE > @@ -5,4 +5,4 @@ or the following link for more information: > > and for further information: > > - https://www.varnish-cache.org/docs/5.0/ > + https://www.varnish-cache.org/docs/5.2/ > One week bump, neither of the two maintainers have replied so far. I can take of the python 2.7 bits in another diff so the next revision/release won't depend on 2.7 anymore.
[UPDATE] www/varnish 5.2.0 -> 5.2.1
This is a security update[0] fixing a data leak: A wrong if statement in the varnishd source code means that synthetic objects in stevedores which over-allocate, may leak up to page size of data from a malloc(3) memory allocation. In a unpredictable percentage of the cases where this condition arises, a segmentation fault will happen instead. Tests continue to pass: # TOTAL: 636 # PASS: 630 # SKIP: 5 # XFAIL: 0 # FAIL: 1 # XPASS: 0 # ERROR: 0 FAIL tests/u0.vtc (exit status: 2) Removed TEST_TARGET=check as it's default. I also replaced cp with ${INSTALL_DATA} post-install and pointed users to 5.2 docs. Since Varnish compiles .vsc files to C using python with 2.7 specific code (import StringIO), I added lang/python and explicity set MODPY_VERSION=2.7. Feedback? Does anyone want to commit this? 0: https://varnish-cache.org/releases/rel5.2.1.html#rel5-2-1 diff --git a/www/varnish/Makefile b/www/varnish/Makefile index b0fa5029ab4..5cf58670364 100644 --- a/www/varnish/Makefile +++ b/www/varnish/Makefile @@ -2,7 +2,7 @@ COMMENT = high-performance HTTP accelerator -DISTNAME = varnish-5.2.0 +DISTNAME = varnish-5.2.1 CATEGORIES = www @@ -16,12 +16,16 @@ MAINTAINER =Jim Razmus II\ # BSD PERMIT_PACKAGE_CDROM = Yes -MASTER_SITES = https://varnish-cache.org/_downloads/ +MASTER_SITES = ${HOMEPAGE}_downloads/ EXTRACT_SUFX = .tgz WANTLIB += c execinfo m ncursesw pcre pthread readline termcap +MODULES = lang/python + +MODPY_VERSION =2.7 + BUILD_DEPENDS =${MODGNU_AUTOCONF_DEPENDS} \ ${MODGNU_AUTOMAKE_DEPENDS} \ devel/libtool \ @@ -30,6 +34,8 @@ LIB_DEPENDS = devel/pcre # The internal backtrace implementation fails to build with -Werror on arm/hppa LIB_DEPENDS += devel/libexecinfo +MODPY_RUNDEP = No + WRKDIST = ${WRKDIR}/${DISTNAME} USE_GMAKE =Yes CONFIGURE_STYLE = gnu @@ -38,7 +44,7 @@ AUTOMAKE_VERSION =1.15 CONFIGURE_ENV =CPPFLAGS="-I${LOCALBASE}/include" \ LDFLAGS="-L${LOCALBASE}/lib ${LDFLAGS}" -TEST_TARGET = check +MODPY_ADJ_FILES = lib/lib*/*.py post-patch: cd ${WRKSRC} && env AUTOCONF_VERSION=${AUTOCONF_VERSION} \ @@ -47,7 +53,7 @@ post-patch: post-install: ${INSTALL_DATA_DIR} ${PREFIX}/share/doc/varnish ${INSTALL_DATA_DIR} ${PREFIX}/share/examples/varnish - cp ${WRKDIST}${SYSCONFDIR}/{example,builtin}.vcl \ + ${INSTALL_DATA} ${WRKDIST}${SYSCONFDIR}/{example,builtin}.vcl \ ${PREFIX}/share/examples/varnish rm -f ${PREFIX}/lib/varnish/{vmods,}/*.{a,la} diff --git a/www/varnish/distinfo b/www/varnish/distinfo index f7dc351f783..cdba07a9889 100644 --- a/www/varnish/distinfo +++ b/www/varnish/distinfo @@ -1,2 +1,2 @@ -SHA256 (varnish-5.2.0.tgz) = zEgmoEgPSSaNOZYwnkt+RlFR6aUjzPjq1JnsV1FJ9H4= -SIZE (varnish-5.2.0.tgz) = 2828867 +SHA256 (varnish-5.2.1.tgz) = uEUsnXjBb3jIz9HBoeaWUjv2S3chwzAVDcwIUkWQFLM= +SIZE (varnish-5.2.1.tgz) = 2827676 diff --git a/www/varnish/pkg/MESSAGE b/www/varnish/pkg/MESSAGE index 5f50b1bbf2a..ce02efaef87 100644 --- a/www/varnish/pkg/MESSAGE +++ b/www/varnish/pkg/MESSAGE @@ -5,4 +5,4 @@ or the following link for more information: and for further information: - https://www.varnish-cache.org/docs/5.0/ + https://www.varnish-cache.org/docs/5.2/