From nobody Sun Feb 25 17:28:27 2024 X-Original-To: freebsd-ports@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TjW1j3zVGz5Bdyj for ; Sun, 25 Feb 2024 17:28:41 +0000 (UTC) (envelope-from bofh@freebsd.org) Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TjW1j394nz40jr; Sun, 25 Feb 2024 17:28:41 +0000 (UTC) (envelope-from bofh@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1708882121; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=y0KFha/e9uzTF4PnRbhgQDNl9vx7DB26QiS+pxptTXk=; b=rpfPs0i7+oaxjqpIyRgIV/9e90fSqW1e7vhABB/npIAejwdhrE7U9NwpVRchYepC9CMDbn eIJaA0qRsts+awwkIDh7LBZs9R10iSp/W++8wEdX9gO7jXDSLUSH7vVA74lHHeDIrGULS9 lz9QiYPLf1osRI2v0h+w5VgTT7OC7kh4lHgWmzJo0JYa49ORuwcKy+3HNHeHbxG2buSACQ q39E8bx5Bl4dM4AhylX7LmiGBSxCRlHDi1a9e4ET7g6qXr2BDIlX9QY3n6PoWD0Md5/uY3 oo6mq9CCpk80dY5YYOE97O55o+6EQShn97ZvUJqiTdyyS+a1Gx/Tb3+/vLYEZA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1708882121; a=rsa-sha256; cv=none; b=rb1AR/1ob72OuWjAB2Tsbt8o9fc1YWze0qF+R7q2ClZkpb055lMIm4EXQKVIkR1CJ4QrD0 ZYZ9twLR6QhuUCi+rju7y8O90JYQ8TmKBbQQl//UqgXi17acXi3UMnOAIGFGXcypu7ZEgU uVDElHJYaTduJoavY5pmFa7RELxO+UnBPDwMHWzzb0xnfOoJQbxil9A6qcTWttAmwqzzZV EldOLE6HHcpsOn5lWHEfx/Dl9tMGZSKGL5HrIpF2ZVPS++R5FX2kPcUe5YPKXrnniZPQEv 0yGjtOsLB8/tCeSaKh6/x4BwRnAGHv2Z2XhP9S/N3eKUrb7gEBWM+EX+Z11Pug== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1708882121; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=y0KFha/e9uzTF4PnRbhgQDNl9vx7DB26QiS+pxptTXk=; b=hi2XMHey7bVD72GzupHMphMftq7Yh3Gmhp+kJw9kTtDWBnC6Qtqx84OAsVpxNfnbXqZ7WD EJbGy8IcLKC/KrrhnQTzLM+hzBep58qJLzLpmcf8xU7bNcU1f+44ak4+EFmUDpEs3pnjxf I0M9x+lweYlpmHg83m1dr1iyWoSQHCnnXi85k9mN06Ma1X6Y6U0SgpAg/Uc02u4opq8O36 9Qv4DNsf06WagnKoEsi3+m3RPCSeK+PCzOLCC0TdUByi7emDZn4BBoE8bj4wyv3VcM2jRa ecON3slMwce6ELKsqR+J1IJYrXimICU5R7vPKewpg94VIU97U+9RPtxAjLCynA== Received: from mx.bofh.network (mx.bofh.network [5.9.249.227]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) (Authenticated sender: bofh/mail) by smtp.freebsd.org (Postfix) with ESMTPSA id 4TjW1h5xbxzVDt; Sun, 25 Feb 2024 17:28:40 +0000 (UTC) (envelope-from bofh@freebsd.org) Received: from smtpclient.apple ( [217.117.226.147]) by mx.bofh.network (OpenSMTPD) with ESMTPSA id 3a3c2a25 (TLSv1.2:ECDHE-ECDSA-AES256-GCM-SHA384:256:NO); Sun, 25 Feb 2024 17:28:38 +0000 (UTC) Content-Type: multipart/signed; boundary="Apple-Mail=_19274ECA-2DCC-4B38-BC8E-34C206DAF21A"; protocol="application/pgp-signature"; micalg=pgp-sha512 List-Id: Porting software to FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-ports List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-ports@freebsd.org X-BeenThere: freebsd-ports@freebsd.org Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.700.6.1.1\)) Subject: Re: dns/knot-resolver security update to 5.7.1 (was: dns/knot3 update to 3.3.4) From: Moin Rahman In-Reply-To: <689E4249-F841-4B39-94E0-F2725518BFA0@ellael.org> Date: Sun, 25 Feb 2024 18:28:27 +0100 Cc: FreeBSD Mailing List , freebsd@dns.company Message-Id: References: <14DA84EE-3CC0-454E-967A-CBFF40C06ABD@ellael.org> <232E3D69-782B-49A7-9B82-AA59765DA98B@freebsd.org> <689E4249-F841-4B39-94E0-F2725518BFA0@ellael.org> To: Michael Grimm X-Mailer: Apple Mail (2.3731.700.6.1.1) --Apple-Mail=_19274ECA-2DCC-4B38-BC8E-34C206DAF21A Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 > On Feb 25, 2024, at 6:15 PM, Michael Grimm = wrote: >=20 > Moin Rahman wrote: >=20 >>> On Feb 25, 2024, at 5:04 PM, Michael Grimm = wrote: >>>=20 >>> a new version of this port has been released two month ago. >>>=20 >>> The maintainer normally updates knot3 shortly after the release of a = new version. He didn't react on a mail of mine. No pun intended, there = are numerous reasons for that. >>>=20 >>> I do have a git-diff patch at hand, successfully compiling with = poudriere, and running well for 1 month now. >>>=20 >>> What can I do to get this patch committed? >>> Shall I create a PR like = https://cgit.freebsd.org/ports/commit/?id=3D11f44f375254e07a262455aaf8311b= fd4bbedb67 >=20 >> It's best to create a PR and awaiting for maintainer-timeout. >=20 > Done, https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D277305 I will let time take it's course of action. >> However on certain cases like security or vulnerability issues the = update >> can be committed without the maintainer-approval. So if this is a = release >> related to the recent dnssec security issue let me know. >=20 > dns/knot3 as an authoritative DNS server isn't affected by = CVE-2023-50868, if I am not mistaken. Ain't no DNS expert =E2=80=A6 >=20 > BUT, dns/knot-resolver is affected: = https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1 >=20 > I do not use that port, yet. > But I opened another PR on that security update to dns/knot-resolver: = https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D277306 >=20 > All I can say is: dns/knot-resolver 5.7.1 compiles with poudriere. I will commit this soonish. > HTH, > Michael >=20 > P.S. Please forgive my lack in experience with PRs ;-) > Please let me know, what to correct if neccessary Well as a starter: 1. You do not need PORTREVISION when you already bumping PORTVERSION or = updating versions. I will fix it while committing. 2. Follow this process: a. Initially create the PR with synopsis and description. b. Create git-formatted patch c. Read this section of the documentation: = https://docs.freebsd.org/en/articles/committers-guide/#git-mini-daily-use d. Specially the git hook part and try to use the hook from here: https://cgit.freebsd.org/ports/tree/.hooks/prepare-commit-msg e. Now make a commit to your local branch with the description, PR = etc whatever is relevant. f. Create a git formatted patch and attach it to the PR. While people think this is difficult workflow it actually makes our life = easier as we also have to do the same and also helps us attributing = external developers more easily. Kind regards, Moin --Apple-Mail=_19274ECA-2DCC-4B38-BC8E-34C206DAF21A Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc Content-Description: Message signed with OpenPGP -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEETfdREoUGjQZKBS+fvbm1phfAvJEFAmXbeLtfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDRE Rjc1MTEyODUwNjhEMDY0QTA1MkY5RkJEQjlCNUE2MTdDMEJDOTEACgkQvbm1phfA vJEIUg//ZIMUPdARv+QR9bR8YwvBFwo9DOLn1fwZ4B9tBJkKEYGnUbb51Tqh+5hE UidBY0Gc0wru8Zz/6cLKjWU9sB+wQcpwsAJOPoeQRlVwJfSNTEqXRUwHwaAa5L7h KWTC5ltbikx5jZJ332y+WdftOewTyAiR7zRCgxF/CbFW0w83ryKVgRIQ+4RAS/ri qM1HKaRs617cso3ZGSxntWGFejSbPP3hCKVOPFBl6mBB+pGrsJjt22CBynmPSvVf PZloJM9QStTtvDLOjy1eJLdxEO9dD1RzKrusYr6SgzfTjrmbOU/U0/H1MOQDX6ye vGYkCwWES6Uzup14RwIMXVCKcoFjcm6Y8HHChvq1N7hZHgmA5C30hI75JttYhl9T oj+0ta6hI8KMrhc/4gRy7Shm6EAMQ+lrf95yZnr2LLquebykVd0LnxsJ2anK+/5/ 6zSwIX735g4fYNyYhCFit3Tk3/jPQnHDsnpmkU+X/Zr5B2mj9i00fsbbWmLPhBzA zO6Xho0LSZzv4TXGhO7Y49KN2VWIFIWQhoIPzUpExfNrhOjADsc4fRtuYEYf6vMs y910E7aBZ/LG0VOdTrXjZOXnHDftewFsV5uTZm+HvD2IdeDBCccU+bTrRhJdf8Wg EMykIgC0u0rqV/jNmesADWMTDZLQGkgyeY242TIYHh0X5ver7fw= =4hJj -----END PGP SIGNATURE----- --Apple-Mail=_19274ECA-2DCC-4B38-BC8E-34C206DAF21A--