From nobody Sun Oct 30 23:05:26 2022 X-Original-To: dev-commits-ports-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4N0sMC1F5Dz4gs4c; Sun, 30 Oct 2022 23:05:27 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4N0sMC0FJ3z3Bvr; Sun, 30 Oct 2022 23:05:27 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1667171127; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=rEPP0kViyIW9hZ6qR72soSV1mxH7Nqg1jMMAcpVaJvM=; b=ohtJawAxraLrkdgJuXxpBKFvABH764XYel9w/jAsi+UY8oy21aEzHJ6DnT47eVcybtskHH QkrSs/a0cfCU4SFplYqj/bst4NPAO4Y7Bq3HC3YaRkDu/rp8xkzOal8oqudsI5yrBWCHoa odMvMnAlGmOXvd+FgV7sFpwzbZHQNx0RN95TIwSJTOs7boJyzYZPGIdUbp/U98WEiQBy4A 3y32ygMOVHtTbqhew1r07DGOqIhoBuU6okU0r9VRIv2h1PLta7IA8gQwuxwW1fBljSHeXz 9KLjLMrM9kd84etAwcwwdR06260MvRHpVkt9H1D5TQgJg7+svsam9nopGX18Nw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4N0sMB68WNzFHG; Sun, 30 Oct 2022 23:05:26 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 29UN5QRn065467; Sun, 30 Oct 2022 23:05:26 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 29UN5QDq065466; Sun, 30 Oct 2022 23:05:26 GMT (envelope-from git) Date: Sun, 30 Oct 2022 23:05:26 GMT Message-Id: <202210302305.29UN5QDq065466@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org From: Jose Alonso Cardenas Marquez Subject: git: db1cf95d315f - main - security/gvm: Fix issues with newer version of glib2/pcre2 List-Id: Commit messages for all branches of the ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-ports-all@freebsd.org X-BeenThere: dev-commits-ports-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: acm X-Git-Repository: ports X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: db1cf95d315f7052f7fe73e224723df88f266586 Auto-Submitted: auto-generated ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1667171127; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=rEPP0kViyIW9hZ6qR72soSV1mxH7Nqg1jMMAcpVaJvM=; b=RdsEuC0cejXKrZmTAvvy9/dJD5qquVrcGNk/2q+9a3b+vs4jz+5mAS2/PaBLyfTZqRPf/p nH23bUO1jYcj6/at4OLiA8mTPhoEel4E92TV/mmHTeqbNv+WqTY/PNOSS0EnVvHiCep+5F 33oVIFsTzSw3qY9AqBndeGMQk+Kjd2YQByjqC2rS2QMt67OcCOZP31IWvHomo2qNuPFzIX vFisOGWnE6saPMDA5yv3/TmD5bNCZ3mTzsPnivCX0MHDyE/iIcgK6C15LbUhvGJefoNw1j Hg17irnjbykh/Ul8StPtUVBmiPC+3WITQ9khI763cem/uT/XQ1Y3E4f+6bqElg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1667171127; a=rsa-sha256; cv=none; b=GBwfsvfbSgw74UzHKu9SCIPX5Jj4yq8J1cWdj2froONBj8nAeA0Iujfult3qA5u+CTWlmq oqBnhbL4NqbtpeA1P8QLDkWNqBTi4KtbvzYqgGMQmxTmHzRpCbMHVO0m7anguIoc3Y6jgt pH3ARmsb0x68r+LYwqJZv13tPhQXocorwfydc6ylom/glgLlvmUjIZn8fytHn3ox1qDLix 5f0Wq9inatTaV+ywcipojKUW/ZcIK3lYEhAB8NwFB5Y7eykkyAmzCdNWGY7QrTTyXLiUzt uFW5jBVoLaejQH/cp8wPnbrQIp0EraN+Dvy18yG7sqG4XLq+JYqlcmTaoq1o/g== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by acm: URL: https://cgit.FreeBSD.org/ports/commit/?id=db1cf95d315f7052f7fe73e224723df88f266586 commit db1cf95d315f7052f7fe73e224723df88f266586 Author: Jose Alonso Cardenas Marquez AuthorDate: 2022-10-30 23:01:31 +0000 Commit: Jose Alonso Cardenas Marquez CommitDate: 2022-10-30 23:05:16 +0000 security/gvm: Fix issues with newer version of glib2/pcre2 PR: 267429 Reported by: freebsd _at_ ny-central.org, andrew _at_ tekrealm.net Obtained from: https://github.com/greenbone/gvmd/pull/1867/files --- security/gsad/Makefile | 1 + security/gsad/files/patch-src_gsad.c | 51 ++++++++++++++++++++++ security/gvm/Makefile | 2 +- security/gvmd/Makefile | 5 +-- security/gvmd/files/patch-src_manage.c | 15 +++++-- security/gvmd/files/patch-src_manage_configs.c | 11 +++++ security/gvmd/files/patch-src_manage_port_lists.c | 11 +++++ .../gvmd/files/patch-src_manage_report_formats.c | 11 +++++ security/gvmd/files/patch-src_manage_sql.c | 47 +++++++++++++++++--- .../files/patch-src_manage_sql_report_formats.c | 19 ++++++++ security/gvmd/files/patch-src_utils.c | 13 +++++- 11 files changed, 172 insertions(+), 14 deletions(-) diff --git a/security/gsad/Makefile b/security/gsad/Makefile index c6dd153735ef..544f509f724e 100644 --- a/security/gsad/Makefile +++ b/security/gsad/Makefile @@ -1,6 +1,7 @@ PORTNAME= gsad DISTVERSIONPREFIX= v DISTVERSION= 22.4.0 +PORTREVISION= 1 CATEGORIES= security MAINTAINER= acm@FreeBSD.org diff --git a/security/gsad/files/patch-src_gsad.c b/security/gsad/files/patch-src_gsad.c new file mode 100644 index 000000000000..ac66b56ca8b4 --- /dev/null +++ b/security/gsad/files/patch-src_gsad.c @@ -0,0 +1,51 @@ +--- src/gsad.c 2022-10-30 17:54:07.766381000 -0500 ++++ src/gsad.c 2022-10-30 17:57:38.383048000 -0500 +@@ -480,7 +480,7 @@ + gvm_validator_add (validator, "asset_name", "(?s)^.*$"); + gvm_validator_add (validator, "asset_type", "^(host|os)$"); + gvm_validator_add (validator, "asset_id", +- "^([[:alnum:]-_.:\\/~()']|&)+$"); ++ "^([[:alnum:]\\-_.:\\/~()']|&)+$"); + gvm_validator_add (validator, "auth_algorithm", "^(md5|sha1)$"); + gvm_validator_add (validator, "auth_method", "^(0|1|2)$"); + /* Defined in RFC 2253. */ +@@ -595,7 +595,7 @@ + gvm_validator_add (validator, "list_fname", + "^([[:alnum:]_-]|%[%CcDFMmNTtUu])+$"); + /* Used for users, credentials, and scanner login name. */ +- gvm_validator_add (validator, "login", "^[[:alnum:]-_@.]+$"); ++ gvm_validator_add (validator, "login", "^[[:alnum:]\\-_@.]+$"); + gvm_validator_add (validator, "lsc_password", "^.*$"); + gvm_validator_add (validator, "max_result", "^[0-9]+$"); + gvm_validator_add (validator, "max_groups", "^-?[0-9]+$"); +@@ -605,10 +605,10 @@ + gvm_validator_add (validator, "note_required", "(?s)^(.)+$"); + gvm_validator_add (validator, "note_id", "^[a-z0-9\\-]+$"); + gvm_validator_add (validator, "override_id", "^[a-z0-9\\-]+$"); +- gvm_validator_add (validator, "name", "^[#-_[:alnum:], \\./]*$"); ++ gvm_validator_add (validator, "name", "^[#\\-_[:alnum:], \\./]*$"); + gvm_validator_add (validator, "info_name", "(?s)^.*$"); + gvm_validator_add (validator, "info_type", "(?s)^.*$"); +- gvm_validator_add (validator, "info_id", "^([[:alnum:]-_.:\\/~()']|&)+$"); ++ gvm_validator_add (validator, "info_id", "^([[:alnum:]\\-_.:\\/~()']|&)+$"); + gvm_validator_add (validator, "details", "^[0-1]$"); + /* Number is special cased in params_mhd_validate to remove the space. */ + gvm_validator_add (validator, "number", "^ *[0-9]+ *$"); +@@ -660,7 +660,7 @@ + "filter|group|host|info|nvt|note|os|ovaldef|override|permission|port_list|" + "report|report_format|result|role|scanner|schedule|tag|target|task|ticket|" + "tls_certificate|user|vuln|)$"); +- gvm_validator_add (validator, "resource_id", "^[[:alnum:]-_.:\\/~]*$"); ++ gvm_validator_add (validator, "resource_id", "^[[:alnum:]\\-_.:\\/~]*$"); + gvm_validator_add (validator, "resources_action", "^(|add|set|remove)$"); + gvm_validator_add ( + validator, "optional_resource_type", +@@ -719,7 +719,7 @@ + gvm_validator_add (validator, "uuid", "^[0-9abcdefABCDEF\\-]{1,40}$"); + gvm_validator_add (validator, "usage_type", "^(audit|policy|scan|)$"); + /* This must be "login" with space and comma. */ +- gvm_validator_add (validator, "users", "^[[:alnum:]-_@., ]*$"); ++ gvm_validator_add (validator, "users", "^[[:alnum:]\\-_@., ]*$"); + gvm_validator_add (validator, "x_field", "^[\\[\\]_[:alnum:]]+$"); + gvm_validator_add (validator, "y_fields:name", "^[0-9]+$"); + gvm_validator_add (validator, "y_fields:value", "^[\\[\\]_[:alnum:]]+$"); diff --git a/security/gvm/Makefile b/security/gvm/Makefile index 15291eb26c67..d208a4dce920 100644 --- a/security/gvm/Makefile +++ b/security/gvm/Makefile @@ -1,6 +1,6 @@ PORTNAME= gvm PORTVERSION= 22.4.0 -PORTREVISION= 3 +PORTREVISION= 4 CATEGORIES= security MAINTAINER= acm@FreeBSD.org diff --git a/security/gvmd/Makefile b/security/gvmd/Makefile index 1bbc884129a6..6e2822bab6fa 100644 --- a/security/gvmd/Makefile +++ b/security/gvmd/Makefile @@ -1,6 +1,6 @@ PORTNAME= gvmd DISTVERSION= 22.4.0 -PORTREVISION= 1 +PORTREVISION= 2 DISTVERSIONPREFIX= v CATEGORIES= security @@ -50,8 +50,7 @@ post-patch: ${REINPLACE_CMD} -e 's|%%LOCALBASE%%|${LOCALBASE}|g' ${WRKSRC}/src/manage_sql.c ${REINPLACE_CMD} -e 's|+660|660|g' ${WRKSRC}/tools/greenbone-feed-sync.in ${REINPLACE_CMD} -e 's|#include ||g' ${WRKSRC}/src/manage.c \ - ${WRKSRC}/src/gvmd.c ${WRKSRC}/src/manage_sql_secinfo.c \ - ${WRKSRC}/src/manage_sql.c ${WRKSRC}/src/manage_sql_report_formats.c + ${WRKSRC}/src/gvmd.c ${WRKSRC}/src/manage_sql_secinfo.c post-install: @${MKDIR} ${STAGEDIR}/var/lib/gvm/gvmd/gnupg diff --git a/security/gvmd/files/patch-src_manage.c b/security/gvmd/files/patch-src_manage.c index 85f58ef903cf..32cfdbfb5264 100644 --- a/security/gvmd/files/patch-src_manage.c +++ b/security/gvmd/files/patch-src_manage.c @@ -1,6 +1,6 @@ ---- src/manage.c 2020-12-31 17:01:32.913198000 -0500 -+++ src/manage.c 2020-12-31 17:01:47.001860000 -0500 -@@ -75,6 +75,7 @@ +--- src/manage.c 2022-07-21 02:20:24.000000000 -0500 ++++ src/manage.c 2022-10-30 17:41:24.914386000 -0500 +@@ -76,6 +76,7 @@ #include #include #include @@ -8,3 +8,12 @@ #include #include #include +@@ -5952,7 +5953,7 @@ + int + validate_username (const gchar * name) + { +- if (g_regex_match_simple ("^[[:alnum:]-_.]+$", name, 0, 0)) ++ if (g_regex_match_simple ("^[[:alnum:]_.-]+$", name, 0, 0)) + return 0; + else + return 1; diff --git a/security/gvmd/files/patch-src_manage_configs.c b/security/gvmd/files/patch-src_manage_configs.c new file mode 100644 index 000000000000..f60828fbdff3 --- /dev/null +++ b/security/gvmd/files/patch-src_manage_configs.c @@ -0,0 +1,11 @@ +--- src/manage_configs.c 2022-10-30 17:15:56.559846000 -0500 ++++ src/manage_configs.c 2022-10-30 17:17:03.298223000 -0500 +@@ -316,7 +316,7 @@ + + split = g_regex_split_simple + (/* Full-and-Fast--daba56c8-73ec-11df-a475-002264764cea.xml */ +- "^.*([0-9a-f]{8})-([0-9a-f]{4})-([0-9a-f]{4})-([0-9a-f]{4})-([0-9a-f]{12}).xml$", ++ "^.*([0-9a-f]{8})\\-([0-9a-f]{4})\\-([0-9a-f]{4})\\-([0-9a-f]{4})\\-([0-9a-f]{12}).xml$", + path, 0, 0); + + if (split == NULL || g_strv_length (split) != 7) diff --git a/security/gvmd/files/patch-src_manage_port_lists.c b/security/gvmd/files/patch-src_manage_port_lists.c new file mode 100644 index 000000000000..574d008a842d --- /dev/null +++ b/security/gvmd/files/patch-src_manage_port_lists.c @@ -0,0 +1,11 @@ +--- src/manage_port_lists.c 2022-10-30 17:18:04.068398000 -0500 ++++ src/manage_port_lists.c 2022-10-30 17:18:35.850793000 -0500 +@@ -252,7 +252,7 @@ + + split = g_regex_split_simple + (/* Full-and-Fast--daba56c8-73ec-11df-a475-002264764cea.xml */ +- "^.*([0-9a-f]{8})-([0-9a-f]{4})-([0-9a-f]{4})-([0-9a-f]{4})-([0-9a-f]{12}).xml$", ++ "^.*([0-9a-f]{8})\\-([0-9a-f]{4})\\-([0-9a-f]{4})\\-([0-9a-f]{4})\\-([0-9a-f]{12}).xml$", + path, 0, 0); + + if (split == NULL || g_strv_length (split) != 7) diff --git a/security/gvmd/files/patch-src_manage_report_formats.c b/security/gvmd/files/patch-src_manage_report_formats.c new file mode 100644 index 000000000000..9e8fb0af0756 --- /dev/null +++ b/security/gvmd/files/patch-src_manage_report_formats.c @@ -0,0 +1,11 @@ +--- src/manage_report_formats.c 2022-10-30 17:19:27.476854000 -0500 ++++ src/manage_report_formats.c 2022-10-30 17:19:55.531658000 -0500 +@@ -612,7 +612,7 @@ + + split = g_regex_split_simple + (/* Full-and-Fast--daba56c8-73ec-11df-a475-002264764cea.xml */ +- "^.*([0-9a-f]{8})-([0-9a-f]{4})-([0-9a-f]{4})-([0-9a-f]{4})-([0-9a-f]{12}).xml$", ++ "^.*([0-9a-f]{8})\\-([0-9a-f]{4})\\-([0-9a-f]{4})\\-([0-9a-f]{4})\\-([0-9a-f]{12}).xml$", + path, 0, 0); + + if (split == NULL || g_strv_length (split) != 7) diff --git a/security/gvmd/files/patch-src_manage_sql.c b/security/gvmd/files/patch-src_manage_sql.c index fe750e08bd2b..343c997fa208 100644 --- a/security/gvmd/files/patch-src_manage_sql.c +++ b/security/gvmd/files/patch-src_manage_sql.c @@ -1,6 +1,6 @@ ---- src/manage_sql.c 2021-04-16 02:27:18.000000000 -0500 -+++ src/manage_sql.c 2021-06-14 19:33:56.599632000 -0500 -@@ -52,7 +52,6 @@ +--- src/manage_sql.c 2022-07-21 02:20:24.000000000 -0500 ++++ src/manage_sql.c 2022-10-30 17:32:08.342879000 -0500 +@@ -54,7 +54,6 @@ #include #include #include @@ -8,7 +8,24 @@ #include #include #include -@@ -9075,7 +9074,7 @@ +@@ -71,7 +70,6 @@ + #include + #include + #include +-#include + #include + #include + #include +@@ -6997,7 +6995,7 @@ + + if (strcmp (name, "tp_sms_hostname") == 0) + { +- if (g_regex_match_simple ("^[0-9A-Za-z][0-9A-Za-z.-]*$", ++ if (g_regex_match_simple ("^[0-9A-Za-z][0-9A-Za-z.\\-]*$", + *data, 0, 0) + == FALSE) + { +@@ -9122,7 +9120,7 @@ g_debug (" HTTP_GET %s", url); cmd = (gchar **) g_malloc (5 * sizeof (gchar *)); @@ -17,7 +34,7 @@ cmd[1] = g_strdup ("-O"); cmd[2] = g_strdup ("-"); cmd[3] = g_strdup (url); -@@ -15262,8 +15261,6 @@ +@@ -15349,8 +15347,6 @@ } cleanup_iterator (&nvts); @@ -26,3 +43,23 @@ } /** +@@ -49740,8 +49736,8 @@ + */ + languages_regex + = g_regex_new ("^(Browser Language|" +- "([a-z]{2,3})(_[A-Z]{2})?(@[[:alnum:]_-]+)?" +- "(:([a-z]{2,3})(_[A-Z]{2})?(@[[:alnum:]_-]+)?)*)$", ++ "([a-z]{2,3})(_[A-Z]{2})?(@[[:alnum:]_\\-]+)?" ++ "(:([a-z]{2,3})(_[A-Z]{2})?(@[[:alnum:]_\\-]+)?)*)$", + 0, 0, NULL); + match = g_regex_match (languages_regex, value, 0, NULL); + g_regex_unref (languages_regex); +@@ -50309,7 +50305,7 @@ + if (strcmp (uuid, SETTING_UUID_LSC_DEB_MAINTAINER) == 0) + { + if (g_regex_match_simple +- ("^([[:alnum:]-_]*@[[:alnum:]-_][[:alnum:]-_.]*)?$", ++ ("^([[:alnum:]\\-_]*@[[:alnum:]\\-_][[:alnum:]\\-_.]*)?$", + value, 0, 0) == FALSE) + return 1; + } diff --git a/security/gvmd/files/patch-src_manage_sql_report_formats.c b/security/gvmd/files/patch-src_manage_sql_report_formats.c new file mode 100644 index 000000000000..fe1784255a13 --- /dev/null +++ b/security/gvmd/files/patch-src_manage_sql_report_formats.c @@ -0,0 +1,19 @@ +--- src/manage_sql_report_formats.c 2022-07-21 02:20:24.000000000 -0500 ++++ src/manage_sql_report_formats.c 2022-10-30 17:34:50.896890000 -0500 +@@ -45,7 +45,6 @@ + #include + + #include +-#include + #include + #include + +@@ -2472,7 +2471,7 @@ + case REPORT_FORMAT_PARAM_TYPE_REPORT_FORMAT_LIST: + { + if (g_regex_match_simple +- ("^(?:[[:alnum:]-_]+)?(?:,(?:[[:alnum:]-_])+)*$", value, 0, 0) ++ ("^(?:[[:alnum:]\\-_]+)?(?:,(?:[[:alnum:]\\-_])+)*$", value, 0, 0) + == FALSE) + return 1; + else diff --git a/security/gvmd/files/patch-src_utils.c b/security/gvmd/files/patch-src_utils.c index 00bcbffaace2..f70964cbd5ce 100644 --- a/security/gvmd/files/patch-src_utils.c +++ b/security/gvmd/files/patch-src_utils.c @@ -1,5 +1,5 @@ ---- src/utils.c 2020-12-31 16:52:50.534962000 -0500 -+++ src/utils.c 2020-12-31 16:52:59.759527000 -0500 +--- src/utils.c 2022-07-21 02:20:24.000000000 -0500 ++++ src/utils.c 2022-10-30 17:36:49.935808000 -0500 @@ -34,7 +34,7 @@ /** * @brief Needed for nanosleep. @@ -9,3 +9,12 @@ #include "utils.h" +@@ -339,7 +339,7 @@ + epoch_time = 0; + + if (regex == NULL) +- regex = g_regex_new ("^([0-9]{4}-[0-9]{2}-[0-9]{2})" ++ regex = g_regex_new ("^([0-9]{4}\\-[0-9]{2}\\-[0-9]{2})" + "[T ]([0-9]{2}:[0-9]{2})" + "(:[0-9]{2})?(?:\\.[0-9]+)?" + "(Z|[+-][0-9]{2}:?[0-9]{2})?$",