Page MenuHomeFreeBSD

Summary: databases/couchdb: update to 1.7.0 incl critical vulnerability fixes

Authored by dch on Nov 8 2017, 3:22 AM.



Misc port tidyup while we are here.


The Apache CouchDB development community is proud to announce the immediate
availability of versions 2.1.1 and 1.7.0.

Both releases are security releases and fix multiple CRITICAL issues. Updates
are mandatory.

Due to the severity of the issues and the limited options for workarounds, we
will delay the release of detailed descriptions by seven (7) days and publish a
full report on Tuesday, November 14th. We expect all CouchDB users to update
their installations before then.

We are working with various package managers to ensure a smooth update path,
but we can not make any promises. We advise all users to prepare to update from
source, instructions can be found in the CouchDB documentation: (2.1.1) and (1.7.0).

Test Plan

poudriere fine amd64/i386 for 11.1R/10.4R, 12.0-CURRENT amd64 only

Diff Detail

rP FreeBSD ports repository
Automatic diff as part of commit; lint not applicable.
Automatic diff as part of commit; unit tests not applicable.

Event Timeline

CVE details are still embargoed until next week, I'll pick up those up for security/vuxml when they are released.

This revision is now accepted and ready to land.Nov 8 2017, 4:01 AM
This revision was automatically updated to reflect the committed changes.

While moving both ETCDIR directories was fine, the /var should stay at the end.