Re: FreeBSD Port: databases/couchdb upgrade to 2.2
On Mon, 10 Sep 2018, at 11:33, Miroslav Lachman wrote:
> Hi,
>
> are there any plans to create port for CouchDB 2.2?
> According to latest vulnerability in 1.7.2 and statement on upstream
> website http://docs.couchdb.org/en/stable/cve/2018-11769.html there are
> no plans to fix it in 1.7, because this version is no longer supported.
Correct; however:
1. the risk is low (rogue admin destroys the things they already have access to
via DB API)
2. update your /_config to exclude this in /usr/local/etc/couchdb/default.ini
*note NOTE local.ini
[httpd_global_handlers]
;_config = {couch_httpd_misc_handlers, handle_config_req}
> I am not able to create / maintain CouchDB 2.2 port by myself but I
> really would like to have not vulnerable version on our server.
I'm focused on getting a thing ready for eurobsdcon and ports stuff has had to
take a back seat for a couple of weeks, but it's so close now. The phab review
patch is already 100% functional https://reviews.freebsd.org/D16819 what
remains is polishing up the port esp round how it handles docs. Feedback is
welcome of course. You can build / install it and send some feedback in.
I'm interested to know how you're using CouchDB on FreeBSD (yay) email me
sometime about it!
A+
Dave
___
freebsd-ports@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
Re: FreeBSD Port: databases/couchdb upgrade to 2.2
Kurt Jaeger wrote on 2018/09/10 12:06: Hi! are there any plans to create port for CouchDB 2.2? Yes, here's the PR about it: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=218844 Dave's a bit busy right now, so progress is slow. Great news. Thank you! Miroslav Lachman ___ freebsd-ports@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
Re: FreeBSD Port: databases/couchdb upgrade to 2.2
Hi! > are there any plans to create port for CouchDB 2.2? Yes, here's the PR about it: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=218844 Dave's a bit busy right now, so progress is slow. -- p...@freebsd.org +49 171 3101372 2 years to go ! ___ freebsd-ports@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
FreeBSD Port: databases/couchdb upgrade to 2.2
Hi, are there any plans to create port for CouchDB 2.2? According to latest vulnerability in 1.7.2 and statement on upstream website http://docs.couchdb.org/en/stable/cve/2018-11769.html there are no plans to fix it in 1.7, because this version is no longer supported. I am not able to create / maintain CouchDB 2.2 port by myself but I really would like to have not vulnerable version on our server. Kind regards Miroslav Lachman ___ freebsd-ports@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
