Page MenuHomeFreeBSD

www/gitlab security update to 10.8.5

Authored by mfechner on Jun 25 2018, 5:37 PM.



_NOTE_: Version skipped so far, there seems to be a major bug with the new sanitize version, I create a PR for this:

Commit message:
Security update to 10.8.5. For details see here:

Test Plan

Please note, build process and tests are currently running, but I want to give it in parallel into approval process.
I will not commit it before I tested it with a new installation and upgrade a 10.8.4.

All patches are build, you can find all build logs:

The fresh packages are tested against a new installation using:

An old version is updated following the manual:

Diff Detail

rP FreeBSD ports repository
Automatic diff as part of commit; lint not applicable.
Automatic diff as part of commit; unit tests not applicable.

Event Timeline

The update itself looks fine so far. Good that you catched this error! Now there are two possibilities:

  • Do the upgrade even with the bug in mind and warn the users
  • Only fix the security issues by porting the fixes as patches (and leave the broken fix)
This revision is now accepted and ready to land.Jun 26 2018, 7:52 AM

The version 10.8.4 should not contain all bugs, as I already fixed some of them and reported them to gitlab with a confidental issue.
You will see that e.g. sanitizer is already fixed in 10.8.4.

I hope I find tomorrow evening some time to test pipeline-html gem.
I already build everything but I can access my test environment only from my local network which I will have access earliest tomorrow evening.

I think the hint from the gitlab developer that html-pipeline 2.7.1 is required fixes it. I added a review to get the new port here:

I will do later this evening additional tests to make sure gitlab works as expected and will commit it then.

This revision was automatically updated to reflect the committed changes.