[Bug 221539] sysutils/py-supervisor: Update to 3.3.3, Fixes security vulnerability

[bugzilla-noreply]

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=221539

Kubilay Kocak  changed:

   What|Removed |Added

 Resolution|--- |FIXED
   Keywords|needs-qa|
  Flags|maintainer-feedback?(ports- |maintainer-feedback+,
   |sect...@freebsd.org),   |merge-quarterly+
   |merge-quarterly?|
 Status|In Progress |Closed

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
freebsd-python@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-python
To unsubscribe, send any mail to "freebsd-python-unsubscr...@freebsd.org"

[Bug 221539] sysutils/py-supervisor: Update to 3.3.3, Fixes security vulnerability

[bugzilla-noreply]

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=221539

--- Comment #18 from commit-h...@freebsd.org ---
A commit references this bug:

Author: feld
Date: Tue Sep 19 01:21:56 UTC 2017
New revision: 450093
URL: https://svnweb.freebsd.org/changeset/ports/450093

Log:
  MFH: r449941

  sysutils/py-supervisor: Update to 3.3.3

  Update to 3.3.3, which fixes a security vulnerability (CVE-2017-11610).

  While I'm here, level up port compliance, limiting changes to
  a minimum.

  Still TODO:

   - Regenerate/verify patches
   - Clarify/Add LICENSE ('BSD-derived')
   - Fix/verify use of @[un]exec in pkg-plist

  Changelog:

http://supervisord.org/changes.html

  PR:   221539
  Submitted by: Dani 
  Approved by:  portmgr (maintainer timeout, 1 month)
  Security: c9460380-81e3-11e7-93af-005056925db4

  Approved by:  ports-secteam (with hat)

Changes:
_U  branches/2017Q3/
  branches/2017Q3/sysutils/py-supervisor/Makefile
  branches/2017Q3/sysutils/py-supervisor/distinfo

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
freebsd-python@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-python
To unsubscribe, send any mail to "freebsd-python-unsubscr...@freebsd.org"

[Bug 221539] sysutils/py-supervisor: Update to 3.3.3, Fixes security vulnerability

[bugzilla-noreply]

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=221539

--- Comment #16 from Kubilay Kocak  ---
Shebangfix will need to land with the update (secfix), stage-qa is currently a
fatal error

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
freebsd-python@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-python
To unsubscribe, send any mail to "freebsd-python-unsubscr...@freebsd.org"

[Bug 221539] sysutils/py-supervisor: Update to 3.3.3, Fixes security vulnerability

[bugzilla-noreply]

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=221539

Kubilay Kocak  changed:

   What|Removed |Added

 Attachment #186419|Update py-supervisor to |3.3.3 (secfix)
description|v3.3.3 - only for SecFix|

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
freebsd-python@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-python
To unsubscribe, send any mail to "freebsd-python-unsubscr...@freebsd.org"

[Bug 221539] sysutils/py-supervisor: Update to 3.3.3, Fixes security vulnerability

[bugzilla-noreply]

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=221539

Kubilay Kocak  changed:

   What|Removed |Added

 Attachment #186417|Update py-supervisor to |3.3.3 (secfix) + shebangfix
description|v3.3.3 - only for SecFix|
 Attachment #186417||maintainer-approval+
  Flags||
 Attachment #186417|1   |0
is obsolete||

--- Comment #15 from Kubilay Kocak  ---
Comment on attachment 186417
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=186417
3.3.3 (secfix) + shebangfix

Approved by: portmgr (maintainer timeout, 1+ month)

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
freebsd-python@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-python
To unsubscribe, send any mail to "freebsd-python-unsubscr...@freebsd.org"

[Bug 221539] sysutils/py-supervisor: Update to 3.3.3, Fixes security vulnerability

[bugzilla-noreply]

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=221539

Kubilay Kocak  changed:

   What|Removed |Added

 Status|Open|In Progress
   Assignee|freebsd-ports-bugs@FreeBSD. |ko...@freebsd.org
   |org |

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
freebsd-python@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-python
To unsubscribe, send any mail to "freebsd-python-unsubscr...@freebsd.org"

[Bug 221539] sysutils/py-supervisor: Update to 3.3.3, Fixes security vulnerability

[bugzilla-noreply]

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=221539

Kubilay Kocak  changed:

   What|Removed |Added

 Attachment #186419|maintainer-approval?(koobs@ |maintainer-approval+
  Flags|FreeBSD.org)|

--- Comment #14 from Kubilay Kocak  ---
Comment on attachment 186419
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=186419
Update py-supervisor to v3.3.3 - only for SecFix

Reviewed by: koobs (python)
Approved by: portmgr (maintainer timeout, 1+ month)

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
freebsd-python@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-python
To unsubscribe, send any mail to "freebsd-python-unsubscr...@freebsd.org"

[Bug 221539] sysutils/py-supervisor: Update to 3.3.3, Fixes security vulnerability

[bugzilla-noreply]

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=221539

Kubilay Kocak  changed:

   What|Removed |Added

 Attachment #185638|0   |1
is obsolete||

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
freebsd-python@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-python
To unsubscribe, send any mail to "freebsd-python-unsubscr...@freebsd.org"

[Bug 221539] sysutils/py-supervisor: Update to 3.3.3, Fixes security vulnerability

[bugzilla-noreply]

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=221539

Kubilay Kocak  changed:

   What|Removed |Added

 Attachment #185433|0   |1
is obsolete||

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
freebsd-python@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-python
To unsubscribe, send any mail to "freebsd-python-unsubscr...@freebsd.org"

[Bug 221539] sysutils/py-supervisor: Update to 3.3.3, Fixes security vulnerability

[bugzilla-noreply]

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=221539

Dani  changed:

   What|Removed |Added

 Attachment #186417|0   |1
is obsolete||
 Attachment #186417|maintainer-approval?(koobs@ |
  Flags|FreeBSD.org),   |
   |maintainer-approval?(ports- |
   |sect...@freebsd.org)|
 Attachment #186419||maintainer-approval?(koobs@
  Flags||FreeBSD.org)

--- Comment #13 from Dani  ---
Created attachment 186419
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=186419=edit
Update py-supervisor to v3.3.3 - only for SecFix

- Update to v3.3.3, fixes Security Vulnerability

(Does not include shebangfix and license. This will follow in a second step.)

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
freebsd-python@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-python
To unsubscribe, send any mail to "freebsd-python-unsubscr...@freebsd.org"

[Bug 221539] sysutils/py-supervisor: Update to 3.3.3, Fixes security vulnerability

[bugzilla-noreply]

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=221539

Dani  changed:

   What|Removed |Added

 Attachment #186416|maintainer-approval?(koobs@ |
  Flags|FreeBSD.org)|
 Attachment #186416|0   |1
is obsolete||
 Attachment #186417||maintainer-approval?(koobs@
  Flags||FreeBSD.org),
   ||maintainer-approval?(ports-
   ||sect...@freebsd.org)

--- Comment #12 from Dani  ---
Created attachment 186417
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=186417=edit
Update py-supervisor to v3.3.3 - only for SecFix

Fix empty-line typo..

Update py-supervisor to v3.3.3 - only for SecFix

- Update to v3.3.3, fixes Security Vulnerability
- Add shebangfix


===
> Running Q/A tests (stage-qa)
> Checking for pkg-plist issues (check-plist)
===> Parsing plist
===> Checking for items in STAGEDIR missing from pkg-plist
===> Checking for items in pkg-plist which are not in STAGEDIR
===> No pkg-plist issues found (check-plist)
>> Checking for staging violations... done
===
===>  Building package for py27-supervisor-3.3.3,1


-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
freebsd-python@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-python
To unsubscribe, send any mail to "freebsd-python-unsubscr...@freebsd.org"

[Bug 221539] sysutils/py-supervisor: Update to 3.3.3, Fixes security vulnerability

[bugzilla-noreply]

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=221539

Dani  changed:

   What|Removed |Added

 Attachment #186416||maintainer-approval?(koobs@
  Flags||FreeBSD.org)

--- Comment #11 from Dani  ---
Created attachment 186416
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=186416=edit
Update py-supervisor to v3.3.3 - only for SecFix

- Update to v3.3.3, fixes Security Vulnerability
- Add shebangfix


===
> Running Q/A tests (stage-qa)
> Checking for pkg-plist issues (check-plist)
===> Parsing plist
===> Checking for items in STAGEDIR missing from pkg-plist
===> Checking for items in pkg-plist which are not in STAGEDIR
===> No pkg-plist issues found (check-plist)
>> Checking for staging violations... done
===
===>  Building package for py27-supervisor-3.3.3,1


-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
freebsd-python@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-python
To unsubscribe, send any mail to "freebsd-python-unsubscr...@freebsd.org"

[Bug 221539] sysutils/py-supervisor: Update to 3.3.3, Fixes security vulnerability

[bugzilla-noreply]

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=221539

Kubilay Kocak  changed:

   What|Removed |Added

URL||https://github.com/Supervis
   ||or/supervisor/issues/964

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
freebsd-python@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-python
To unsubscribe, send any mail to "freebsd-python-unsubscr...@freebsd.org"

[Bug 221539] sysutils/py-supervisor: Update to 3.3.3, Fixes security vulnerability

[bugzilla-noreply]

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=221539

--- Comment #10 from Kubilay Kocak  ---
There appear to be unrelated and likely incorrect changes in the patches,
including but not limited to path changes:

-+searchpaths = [ '%%PREFIX%%/etc/supervisord.conf' ]
++searchpaths = [ '/usr/local/etc/supervisord.conf' ]

-file=/var/run/supervisor/supervisor.sock   ; (the path to the socket file)
+file=/tmp/supervisor.sock   ; the path to the socket file

among others

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
freebsd-python@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-python
To unsubscribe, send any mail to "freebsd-python-unsubscr...@freebsd.org"

[Bug 221539] sysutils/py-supervisor: Update to 3.3.3, Fixes security vulnerability

[bugzilla-noreply]

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=221539

Kubilay Kocak  changed:

   What|Removed |Added

 Attachment #185638||maintainer-approval+
  Flags||

--- Comment #9 from Kubilay Kocak  ---
Comment on attachment 185638
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=185638
2nd (revised) patch that does only the upgrade to 3.3.3

Approved by: portmgr (maintainer timeout, 1 month)

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
freebsd-python@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-python
To unsubscribe, send any mail to "freebsd-python-unsubscr...@freebsd.org"

[Bug 221539] sysutils/py-supervisor: Update to 3.3.3, Fixes security vulnerability

[bugzilla-noreply]

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=221539

--- Comment #8 from Dani  ---
... maintainer-timeout?

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
freebsd-python@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-python
To unsubscribe, send any mail to "freebsd-python-unsubscr...@freebsd.org"

[Bug 221539] sysutils/py-supervisor: Update to 3.3.3, Fixes security vulnerability

[bugzilla-noreply]

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=221539

--- Comment #7 from Dani  ---
*bump* (again).. Since there is now a patch containing just the security
related stuff - can this be commited by the secteam asap? Thanks!

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
freebsd-python@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-python
To unsubscribe, send any mail to "freebsd-python-unsubscr...@freebsd.org"

[Bug 221539] sysutils/py-supervisor: Update to 3.3.3, Fixes security vulnerability

[bugzilla-noreply]

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=221539

--- Comment #6 from Kubilay Kocak  ---
Much appreciated Franz

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
freebsd-python@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-python
To unsubscribe, send any mail to "freebsd-python-unsubscr...@freebsd.org"

[Bug 221539] sysutils/py-supervisor: Update to 3.3.3, Fixes security vulnerability

[bugzilla-noreply]

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=221539

--- Comment #5 from Franz Glasner  ---
Created attachment 185638
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=185638=edit
2nd (revised) patch that does only the upgrade to 3.3.3

Here is a new patch that only updates to supervisor 3.3.3 and fixes the CVE.
Non security-related changes from the first patch are omitted.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
freebsd-python@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-python
To unsubscribe, send any mail to "freebsd-python-unsubscr...@freebsd.org"

[Bug 221539] sysutils/py-supervisor: Update to 3.3.3, Fixes security vulnerability

[bugzilla-noreply]

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=221539

Kubilay Kocak  changed:

   What|Removed |Added

   Keywords||security
  Flags||maintainer-feedback?(ports-
   ||sect...@freebsd.org),
   ||merge-quarterly?
 CC||ports-sect...@freebsd.org,
   ||pyt...@freebsd.org
   Priority|--- |Normal

--- Comment #4 from Kubilay Kocak  ---
I would omit any non-security related changes (if there are any) in the
attached patch, to reduce complexity and isolate unrelated changes

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
freebsd-python@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-python
To unsubscribe, send any mail to "freebsd-python-unsubscr...@freebsd.org"