Hi, I'm adding the quirks info as well. Can someone check this out please?
Charlène. Index: devel/quirks/Makefile =================================================================== RCS file: /cvs/ports/devel/quirks/Makefile,v retrieving revision 1.670 diff -u -p -r1.670 Makefile --- devel/quirks/Makefile 17 Dec 2018 01:10:00 -0000 1.670 +++ devel/quirks/Makefile 17 Dec 2018 02:19:49 -0000 @@ -5,7 +5,7 @@ CATEGORIES = devel databases DISTFILES = # API.rev -PKGNAME = quirks-3.63 +PKGNAME = quirks-3.64 PKG_ARCH = * MAINTAINER = Marc Espie <[email protected]> Index: devel/quirks/files/Quirks.pm =================================================================== RCS file: /cvs/ports/devel/quirks/files/Quirks.pm,v retrieving revision 1.684 diff -u -p -r1.684 Quirks.pm --- devel/quirks/files/Quirks.pm 17 Dec 2018 01:10:00 -0000 1.684 +++ devel/quirks/files/Quirks.pm 17 Dec 2018 02:19:49 -0000 @@ -1282,6 +1282,7 @@ my $cve = { 'www/iridium' => 'iridium-<2018.5.67', 'www/mozilla-firefox' => 'firefox-<62.0.2p0', 'www/nginx' => 'nginx-<1.4.1', + 'www/p5-Catalyst-Plugin-Static-Simple' => 'p5-Catalyst-Plugin-Static-Simple-<0.36', 'www/p5-CGI-Application' => 'p5-CGI-Application-<4.50p0', 'www/py-requests' => 'py-requests-<2.20.0', 'www/py-requests,python3' => 'py3-requests-<2.20.0', Index: www/p5-Catalyst-Plugin-Static-Simple/Makefile =================================================================== RCS file: /cvs/ports/www/p5-Catalyst-Plugin-Static-Simple/Makefile,v retrieving revision 1.15 diff -u -p -r1.15 Makefile --- www/p5-Catalyst-Plugin-Static-Simple/Makefile 20 Mar 2016 19:57:16 -0000 1.15 +++ www/p5-Catalyst-Plugin-Static-Simple/Makefile 17 Dec 2018 02:19:49 -0000 @@ -4,8 +4,7 @@ COMMENT= serving static pages with cata MODULES= cpan PKG_ARCH= * -DISTNAME= Catalyst-Plugin-Static-Simple-0.29 -REVISION= 1 +DISTNAME= Catalyst-Plugin-Static-Simple-0.36 CATEGORIES= www # Perl @@ -15,9 +14,9 @@ RUN_DEPENDS= devel/p5-Moose \ devel/p5-MooseX-Types \ devel/p5-namespace-autoclean \ www/p5-Catalyst-Runtime>=5.80008 \ - mail/p5-MIME-Types>=1.25 + mail/p5-MIME-Types>=2.03 BUILD_DEPENDS= ${RUN_DEPENDS} -TEST_DEPENDS=www/p5-Catalyst-Plugin-SubRequest>=0.15 +TEST_DEPENDS= www/p5-Catalyst-Plugin-SubRequest>=0.15 MAKE_ENV= TEST_POD=Yes Index: www/p5-Catalyst-Plugin-Static-Simple/distinfo =================================================================== RCS file: /cvs/ports/www/p5-Catalyst-Plugin-Static-Simple/distinfo,v retrieving revision 1.7 diff -u -p -r1.7 distinfo --- www/p5-Catalyst-Plugin-Static-Simple/distinfo 18 Jan 2015 03:15:43 -0000 1.7 +++ www/p5-Catalyst-Plugin-Static-Simple/distinfo 17 Dec 2018 02:19:49 -0000 @@ -1,2 +1,2 @@ -SHA256 (Catalyst-Plugin-Static-Simple-0.29.tar.gz) = JLCNF2upuiQM6rLZiUalW76SlVp08UT/71LPR4QKUPI= -SIZE (Catalyst-Plugin-Static-Simple-0.29.tar.gz) = 36471 +SHA256 (Catalyst-Plugin-Static-Simple-0.36.tar.gz) = Nrczj5a+9PJoX3pFVbFRl5Oud4O9PW0iyX87cY8wlFQ= +SIZE (Catalyst-Plugin-Static-Simple-0.36.tar.gz) = 44538 On Fri, 7 Dec 2018 20:11:14 +0100 Charlene Wendling wrote: > Hi ports, > > I'm proposing here an update for www/p5-Catalyst-Plugin-Static-Simple, > from 0.29 to 0.36, that also fixes CVE-2017-16248 [1] (directory > traversal) by the way. > > What's new upstream (full changelog there [2]): > > - Fix installation for Perl 5.26+ > - Relax/fix some tests > - Change configuration key to 'Plugin::Static::Simple', using the old > 'static' will issue a warning > > What's new in the port: > > - mail/p5-MIME-Types version requirement bumped > - Tiny spacing fix as well > > Testing: > > - 'make test' passes > - There are 2 consumers, that i've tested [3]: > - www/p5-Catalyst-Devel is fine. > - devel/catalyst-tutorial has one error, caused by (a probably > way too old) www/p5-HTML-FormFu > > Any comments/feedback is welcome! > > Charlène. > > [1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16248 > [2] > https://metacpan.org/changes/release/ILMARI/Catalyst-Plugin-Static-Simple-0.36 > [3] https://transfer.sh/5aESu/p5-Catalyst-Plugin-Static-Simple.tgz
