From nobody Fri Oct 18 07:11:48 2024 X-Original-To: dev-commits-ports-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4XVG921Vp6z5YqXC; Fri, 18 Oct 2024 07:11:50 +0000 (UTC) (envelope-from ehaupt@FreeBSD.org) Received: from smtp.freebsd.org (smtp.freebsd.org [IPv6:2610:1c1:1:606c::24b:4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R10" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4XVG920y5Hz4dVG; Fri, 18 Oct 2024 07:11:50 +0000 (UTC) (envelope-from ehaupt@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1729235510; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=DGt8lnWGYK+IBBE5A2haE3Bu2TiOPEEKI0K9zfjkOYo=; b=cq5UjtZpval+m2cfRfhnPK1LBrAWiymlrD04KabKQf/UHI+1i9jQxHTkkXjXhxiECNeHgz x1rCbxqxZh5PG7WMTiQxWpFi5BRzh+s8kOb9W0fPWKCgHJeqVZpub1b0fMScFHnntQ56pS tiP5TaLpW497VxmPNmxysv0xoVXgvzMmTIplog1U3JeDNCBTNrYts70FhtuCXkMvFhFBUC EeP5a1ppYmDCQ7A05ddNlr58LJpdhurzS2xzGzwhJQ88pvR1mYhF5VyxewjfOjjem8Qk+R gXgxthtzeLonQCfzIB9jB+eoAmZ4caMbnkJCAfy0wgnmgzXSkxk+6INILwiIgw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1729235510; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=DGt8lnWGYK+IBBE5A2haE3Bu2TiOPEEKI0K9zfjkOYo=; b=pbuSFJbIlsvL7KOADv500BFlTK9gEJt1FCp0GVsYixBHNs+qF15C3GaYZyJtkbMzRs1DSV 5CmQ5rLFlv8E3tIao71n3Xg8Cht0/Qwoz/NO+imTiA+TdIsb4XhckztiCCkTh2wQHp60DL vW67OKLEiprrLS7Tvz23IkfEpYFt7a2DfyIwfOZLhm7uUfYTsSFFNqyE3d9cMpuqgXzP9e sXrb7DnUuy/I9lgJU9ny3lFiW5peRCyNG0gYrL+s5gugKm64WlUBHR3h25x+uZtm+NuHmM fOmAiWdjyt0nmp4PhP8wQZpEWEv2HTWm5CdZDNzTrfkN6RBc9WiN62bC5n0WOw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1729235510; a=rsa-sha256; cv=none; b=XBlo6rS8Dyxj6atYNAcgyCHZRcddennSKtZd4b4rO37GFye2e67rva0+4gy6FVcQpJEj7K m3idwPi60CWuVbP3e6TfWbjCrstK1Lol2cRz8OlZ/fr9g5XXUzisDkrPCaELb3/jfIhoif WEuHO1T3BsK6wdo6RjyeTOBZtMgGwx7cAHAY4zD9BaD7BXKLhMFmPP4KcxQlke5XbFhfq/ zIJCCfWuyq/MW3kiN561cuLX4A3VOCEKod74V1j/MwU8jAkcsPV5F/c3JdGvREPDTXedSq 0P6SIcEOMxtXLlAXButdLGbxc0m6lJmkT2NbnlZjbIe7jjvqs/OfMyFvKmxcew== Received: from beaver (unknown [IPv6:2a02:169:175:0:8023:b0f8:db51:4838]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) (Authenticated sender: ehaupt) by smtp.freebsd.org (Postfix) with ESMTPSA id 4XVG912mqwz1Jkb; Fri, 18 Oct 2024 07:11:49 +0000 (UTC) (envelope-from ehaupt@FreeBSD.org) Date: Fri, 18 Oct 2024 09:11:48 +0200 From: Emanuel Haupt To: Emanuel Haupt Cc: Vladimir Druzenko , ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: Re: git: c1cc8c5f75f6 - main - www/gitea: Update 1.22.2 =?UTF-8?B?4oaS?= 1.22.3 (fixes security vulnerability) Message-Id: <20241018091148.f637b02485dea2014de78725@FreeBSD.org> In-Reply-To: <20241018090617.81ab1bd37a0e6072fde6e809@FreeBSD.org> References: <202410092230.499MUbZb071489@gitrepo.freebsd.org> <20241018090617.81ab1bd37a0e6072fde6e809@FreeBSD.org> X-Mailer: Sylpheed 3.7.0 (GTK+ 2.24.33; amd64-portbld-freebsd14.0) List-Id: Commit messages for all branches of the ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-ports-all@freebsd.org Sender: owner-dev-commits-ports-all@FreeBSD.org Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Emanuel Haupt wrote: > Vladimir Druzenko wrote: > > The branch main has been updated by vvd: > > > > URL: > > https://cgit.FreeBSD.org/ports/commit/?id=c1cc8c5f75f6e85e544498d7dc52e6fe5e2be8e0 > > > > commit c1cc8c5f75f6e85e544498d7dc52e6fe5e2be8e0 > > Author: Stefan Bethke > > AuthorDate: 2024-10-09 22:25:16 +0000 > > Commit: Vladimir Druzenko > > CommitDate: 2024-10-09 22:29:50 +0000 > > > > www/gitea: Update 1.22.2 → 1.22.3 (fixes security vulnerability) > > > > Changelog: > > https://github.com/go-gitea/gitea/releases/tag/v1.22.3 > > > > `su -m` cause checking authorized_keys in wrong place - replace > > it with `su`. > > PR: 281949 281264 > > MFH: 2024Q4 > > After this gitea fails to start: > > # /usr/local/etc/rc.d/gitea start > fatal: unrecognized command '/usr/local/sbin/gitea doctor check > >/dev/null' cannot start gitea because of configuration errors. Run > su -m git -c 'gitea doctor check' > for further details > > Running: su -m git -c 'gitea doctor check' shows no errors. > Patch: --- patch starts here --- diff --git a/www/gitea/Makefile b/www/gitea/Makefile index 9d61421b0223..0ed8bb4eb040 100644 --- a/www/gitea/Makefile +++ b/www/gitea/Makefile @@ -1,6 +1,7 @@ PORTNAME= gitea DISTVERSIONPREFIX= v DISTVERSION= 1.22.3 +PORTREVISION= 1 CATEGORIES= www MASTER_SITES= https://github.com/go-gitea/gitea/releases/download/${DISTVERSIONPREFIX}${DISTVERSION}/ \ https://dl.gitea.io/gitea/${DISTVERSION}/ diff --git a/www/gitea/files/gitea.in b/www/gitea/files/gitea.in index 3b1814b25fb9..566a4b46ef93 100644 --- a/www/gitea/files/gitea.in +++ b/www/gitea/files/gitea.in @@ -52,7 +52,7 @@ gitea_start() { gitea_prestart() { if checkyesno gitea_configcheck_enable; then - if su ${gitea_user} -c "%%PREFIX%%/sbin/${name} doctor check >/dev/null"; then + if su -m ${gitea_user} -c "%%PREFIX%%/sbin/${name} doctor check >/dev/null"; then else echo "cannot start ${name} because of configuration errors. Run" >&2 echo " su -m git -c '${name} doctor check'" >&2 --- patch ends here ---