On Wed, Nov 15, 2017 at 05:14:11PM +0100, Klemens Nanni wrote: > This is a security update[0] fixing a data leak: > > A wrong if statement in the varnishd source code means that > synthetic objects in stevedores which over-allocate, may leak up > to page size of data from a malloc(3) memory allocation. > > In a unpredictable percentage of the cases where this condition > arises, a segmentation fault will happen instead. > > Tests continue to pass: > > # TOTAL: 636 > # PASS: 630 > # SKIP: 5 > # XFAIL: 0 > # FAIL: 1 > # XPASS: 0 > # ERROR: 0 > > FAIL tests/u00000.vtc (exit status: 2) > > Removed TEST_TARGET=check as it's default. I also replaced cp with > ${INSTALL_DATA} post-install and pointed users to 5.2 docs. > > Since Varnish compiles .vsc files to C using python with 2.7 specific > code (import StringIO), I added lang/python and explicity set > MODPY_VERSION=2.7. > > Feedback? Does anyone want to commit this? > > 0: https://varnish-cache.org/releases/rel5.2.1.html#rel5-2-1 > > diff --git a/www/varnish/Makefile b/www/varnish/Makefile > index b0fa5029ab4..5cf58670364 100644 > --- a/www/varnish/Makefile > +++ b/www/varnish/Makefile > @@ -2,7 +2,7 @@ > > COMMENT = high-performance HTTP accelerator > > -DISTNAME = varnish-5.2.0 > +DISTNAME = varnish-5.2.1 > > CATEGORIES = www > > @@ -16,12 +16,16 @@ MAINTAINER = Jim Razmus II > <j...@openbsd.org> \ > # BSD > PERMIT_PACKAGE_CDROM = Yes > > -MASTER_SITES = https://varnish-cache.org/_downloads/ > +MASTER_SITES = ${HOMEPAGE}_downloads/ > > EXTRACT_SUFX = .tgz > > WANTLIB += c execinfo m ncursesw pcre pthread readline termcap > > +MODULES = lang/python > + > +MODPY_VERSION = 2.7 > + > BUILD_DEPENDS = ${MODGNU_AUTOCONF_DEPENDS} \ > ${MODGNU_AUTOMAKE_DEPENDS} \ > devel/libtool \ > @@ -30,6 +34,8 @@ LIB_DEPENDS = devel/pcre > # The internal backtrace implementation fails to build with -Werror on > arm/hppa > LIB_DEPENDS += devel/libexecinfo > > +MODPY_RUNDEP = No > + > WRKDIST = ${WRKDIR}/${DISTNAME} > USE_GMAKE = Yes > CONFIGURE_STYLE = gnu > @@ -38,7 +44,7 @@ AUTOMAKE_VERSION = 1.15 > CONFIGURE_ENV = CPPFLAGS="-I${LOCALBASE}/include" \ > LDFLAGS="-L${LOCALBASE}/lib ${LDFLAGS}" > > -TEST_TARGET = check > +MODPY_ADJ_FILES = lib/lib*/*.py > > post-patch: > cd ${WRKSRC} && env AUTOCONF_VERSION=${AUTOCONF_VERSION} \ > @@ -47,7 +53,7 @@ post-patch: > post-install: > ${INSTALL_DATA_DIR} ${PREFIX}/share/doc/varnish > ${INSTALL_DATA_DIR} ${PREFIX}/share/examples/varnish > - cp ${WRKDIST}${SYSCONFDIR}/{example,builtin}.vcl \ > + ${INSTALL_DATA} ${WRKDIST}${SYSCONFDIR}/{example,builtin}.vcl \ > ${PREFIX}/share/examples/varnish > rm -f ${PREFIX}/lib/varnish/{vmods,}/*.{a,la} > > diff --git a/www/varnish/distinfo b/www/varnish/distinfo > index f7dc351f783..cdba07a9889 100644 > --- a/www/varnish/distinfo > +++ b/www/varnish/distinfo > @@ -1,2 +1,2 @@ > -SHA256 (varnish-5.2.0.tgz) = zEgmoEgPSSaNOZYwnkt+RlFR6aUjzPjq1JnsV1FJ9H4= > -SIZE (varnish-5.2.0.tgz) = 2828867 > +SHA256 (varnish-5.2.1.tgz) = uEUsnXjBb3jIz9HBoeaWUjv2S3chwzAVDcwIUkWQFLM= > +SIZE (varnish-5.2.1.tgz) = 2827676 > diff --git a/www/varnish/pkg/MESSAGE b/www/varnish/pkg/MESSAGE > index 5f50b1bbf2a..ce02efaef87 100644 > --- a/www/varnish/pkg/MESSAGE > +++ b/www/varnish/pkg/MESSAGE > @@ -5,4 +5,4 @@ or the following link for more information: > > and for further information: > > - https://www.varnish-cache.org/docs/5.0/ > + https://www.varnish-cache.org/docs/5.2/ > One week bump, neither of the two maintainers have replied so far.
I can take of the python 2.7 bits in another diff so the next revision/release won't depend on 2.7 anymore.