Page MenuHomeFreeBSD

www/gitlab security update to 10.8.5
ClosedPublic

Authored by mfechner on Jun 25 2018, 5:37 PM.
Tags
None
Referenced Files
F81663816: D16009.diff
Fri, Apr 19, 3:51 PM
Unknown Object (File)
Fri, Apr 19, 7:19 AM
Unknown Object (File)
Thu, Apr 18, 8:10 PM
Unknown Object (File)
Thu, Apr 18, 8:10 PM
Unknown Object (File)
Thu, Apr 18, 8:10 PM
Unknown Object (File)
Thu, Apr 18, 7:49 PM
Unknown Object (File)
Jan 8 2024, 2:39 AM
Unknown Object (File)
Jan 8 2024, 2:39 AM
Subscribers

Details

Summary

_NOTE_: Version skipped so far, there seems to be a major bug with the new sanitize version, I create a PR for this:
https://gitlab.com/gitlab-org/gitlab-ce/issues/48415

Commit message:
Security update to 10.8.5. For details see here:
https://about.gitlab.com/2018/06/25/security-release-gitlab-11-dot-0-dot-1-released

Test Plan

Please note, build process and tests are currently running, but I want to give it in parallel into approval process.
I will not commit it before I tested it with a new installation and upgrade a 10.8.4.

All patches are build, you can find all build logs:
https://pkg.fechner.net/jail.html?mastername=111amd64-gitlab

The fresh packages are tested against a new installation using:
https://gitlab.fechner.net/mfechner/Gitlab-vagrant

An old version is updated following the manual:
https://gitlab.fechner.net/mfechner/Gitlab-docu

Diff Detail

Repository
rP FreeBSD ports repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

The update itself looks fine so far. Good that you catched this error! Now there are two possibilities:

  • Do the upgrade even with the bug in mind and warn the users
  • Only fix the security issues by porting the fixes as patches (and leave the broken fix)
This revision is now accepted and ready to land.Jun 26 2018, 7:52 AM

The version 10.8.4 should not contain all bugs, as I already fixed some of them and reported them to gitlab with a confidental issue.
You will see that e.g. sanitizer is already fixed in 10.8.4.

I hope I find tomorrow evening some time to test pipeline-html gem.
I already build everything but I can access my test environment only from my local network which I will have access earliest tomorrow evening.

I think the hint from the gitlab developer that html-pipeline 2.7.1 is required fixes it. I added a review to get the new port here: https://reviews.freebsd.org/D16032

I will do later this evening additional tests to make sure gitlab works as expected and will commit it then.

This revision was automatically updated to reflect the committed changes.