svn commit: r432604 - head
Mark Felder
feld at FreeBSD.org
Fri Jan 27 23:37:49 UTC 2017
Author: feld
Date: Fri Jan 27 23:37:47 2017
New Revision: 432604
URL: https://svnweb.freebsd.org/changeset/ports/432604
Log:
Add UPDATING entry to notify about uwsgi default socket mode change
Modified:
head/UPDATING
Modified: head/UPDATING
==============================================================================
--- head/UPDATING Fri Jan 27 23:21:58 2017 (r432603)
+++ head/UPDATING Fri Jan 27 23:37:47 2017 (r432604)
@@ -5,6 +5,15 @@ they are unavoidable.
You should get into the habit of checking this file for changes each time
you update your ports collection, before attempting any port upgrades.
+20170127:
+ AFFECTS: users of www/uwsgi
+ AUTHOR: feld at FreeBSD.org
+
+ The default socket mode for uwsgi as 777 is a severe security concern.
+ This has been remediated by changing the rc script to default to 600.
+ The mode is configurable with rc.conf values: uwsgi_socket_mode="600"
+ or for a profile named "www", uwsgi_www_socket_mode="600".
+
20170121:
AFFECTS: users of security/tinc
AUTHOR: dinoex at FreeBSD.org
More information about the svn-ports-all
mailing list