Mr Thomas wrote me regarding mail/horde4-imp and a particular vulnerability. Specifically, he figured that a recent commit (link to mail archives) fixed a bad entry in vuxml. Let’s look into that now. I first compared dev, beta, and production. All three had the port flagged as vulnerable. This situation is indicated by a skull at […]
mail/horde4-imp vulnerability Read More »
As mentioned in the comments of my previous post, some commits have been processed with an incorrect prefix. That is, some pathnames are missing the src/ part of the path. I just went looking… I found interesting stuff. 1233 rows of interesting stuff. For example: SELECT * FROM element_pathname WHERE pathname NOT LIKE ‘/ports/%’ AND
Wrong prefix on some pathnames Read More »
The most recent project on FreshPorts is what ports are dependent upon *this* port. Tonight, two issues came to mind that I need to resolve: Ports in the DEPENDS that do not exist Refreshing other ports when a port depends upon them At present, FreshPorts refuses to process a commit if a port does not
What if the port doesn’t exist? Read More »
The RESTRICTED value on ports has been incorrectly recorded for some time. The code fix: $ cvs di port.pm Index: port.pm =================================================================== RCS file: /home/repositories/freshports-1/scripts/port.pm,v retrieving revision 1.54 diff -r1.54 port.pm 168c168 < $restricted_alt = FreshPorts::Utilities::NULLIfEmpty($dbh, $this->{restricted_alt}); — > $restricted_alt = FreshPorts::Utilities::NULLIfEmpty($dbh, $this->{restricted}); This is clearly a case of insufficient testing. I found this bug
RESTRICTED not correctly reported Read More »
I think I’ve fixed a problem with caching of non-ports. I was looking for something to do tonight after I could not sleep. I found a old post about a this issue and figured I could fix it. The fix is in BETA. I’ll monitor it for a while before pushing it to production. Full
Caching of non-ports fixed Read More »
Vladimir Chukharev wrote in to mention a problem with the ports freeze. FreshPorts usually puts up a notice indicating a Ports Freeze is in effect when the freeze is inacted. This freeze is effected by making a special change to CVSROOT/approvers. FreshPorts looks for this change and sets a flag. The website notices this flag
This morning I encountered more NULL problems. The error in question was: $ cat 2008.08.10.02.17.41.98171.txt.errors DBD::Pg::st execute failed: ERROR: column “enull” does not exist LINE 19: depends_lib = ENULL, ^ Could not execute SQL update ports set short_description = E’A KDE editor/modeler for POV-RayTM scenes’, long_description = E’KPovModeler is a graphical editor / modeler for
More NULL problems Read More »
Cydex mentioned to me today: dvl: /UPDATING and /MOVED don’t seem to be updating on FreshPorts My response, ever so witty: dvl: /UPDATING and /MOVED don’t seem to be updating on FreshPorts I started comparing the production website with the one I run at home. The UPDATING pages differed. So did the MOVED pages. I
One more caching problem Read More »
A few days ago, I noticed portaudit telling me about a few things that needed to be updated: # portaudit Affected package: rubygem-rails-1.2.3 Type of problem: rubygem-rails — session-fixation vulnerability. Reference: <http://www.FreeBSD.org/ports/portaudit/30acb8ae-9d46-11dc-9114-001c2514716c.html> Affected package: rubygem-rails-1.2.3 Type of problem: rubygem-rails — JSON XSS vulnerability. Reference: <http://www.FreeBSD.org/ports/portaudit/44fb0302-9d38-11dc-9114-001c2514716c.html> Affected package: rubygem-activesupport-1.4.2 Type of problem: rubygem-rails — JSON XSS
vuxml issue – vulnx.txt did not contain UTF-8 Read More »
Since FreshPorts started caching the HTML, the watch list count started to lag. At present, it is refreshed only when the port is updated. The BETA website has a patch for this. It should go into production soon. To play with the patch, login at the BETA website, and add/remove a port to/from your watch