Tuesday, April 14, 2026

Re: [UPDATE] net/p5-Net-CIDR-Lite to 0.23

ok.

pretty low impact I think but 7.8-stable makes sense to me. we don't do -stable ports commits for older releases.

-- 
  Sent from a phone, apologies for poor formatting.


On 11 April 2026 17:53:25 Andrew Hewus Fresh <andrew@afresh1.com> wrote:

Two CVE fixes:

- Security: (CVE-2026-40198) Reject invalid uncompressed IPv6.
  https://lists.security.metacpan.org/cve-announce/msg/38785616/

Net::CIDR::Lite versions before 0.23 for Perl mishandles IPv4 mapped
IPv6 addresses, which may allow IP ACL bypass

- Security: (CVE-2026-40199) Fix IPv4 mapped IPv6 packed length. 
  https://lists.security.metacpan.org/cve-announce/msg/38785618/

Net::CIDR::Lite versions before 0.23 for Perl does not validate IPv6
group count, which may allow IP ACL bypass

OK?  Commit to OPENBSD_7_8? OPENBSD_7_7?

Index: Makefile
===================================================================
RCS file: /cvs/ports/net/p5-Net-CIDR-Lite/Makefile,v
diff -u -p -r1.15 Makefile
--- Makefile 11 Mar 2022 19:46:39 -0000 1.15
+++ Makefile 11 Apr 2026 16:48:37 -0000
@@ -2,7 +2,8 @@ COMMENT= Perl extension for merging IPv4
 
 MODULES= cpan
 PKG_ARCH= *
-DISTNAME= Net-CIDR-Lite-0.22
+DISTNAME= Net-CIDR-Lite-0.23
+CPAN_AUTHOR= STIGTSP
 CATEGORIES= net
 
 # GPL/Artistic
Index: distinfo
===================================================================
RCS file: /cvs/ports/net/p5-Net-CIDR-Lite/distinfo,v
diff -u -p -r1.8 distinfo
--- distinfo 5 Apr 2021 13:21:48 -0000 1.8
+++ distinfo 11 Apr 2026 16:48:37 -0000
@@ -1,2 +1,2 @@
-SHA256 (Net-CIDR-Lite-0.22.tar.gz) = QxfYyzQaYXueCIjaQ8Cc3//8sMnt97jJko10KlY7hRc=
-SIZE (Net-CIDR-Lite-0.22.tar.gz) = 10823
+SHA256 (Net-CIDR-Lite-0.23.tar.gz) = mlgnjkmgjN65vsAc7N06lb5zbQ59TQXRP5COOj/hDTI=
+SIZE (Net-CIDR-Lite-0.23.tar.gz) = 11089

No comments:

Re: [NEW] devel/superhtml

On 2026/04/13 18:43, Volker Schlecht wrote: > SuperHTML offers validation and autoformatting features for HTML files. > It can be used either directly or through its LSP client implementation. > > WWW: https://github.com/kristoff-it/superhtml > > Remark: > > It's a zig-based port with external dependencies which introduces significant > awkwardness - happy to take suggestions about how to reduce that. > > Once built, it works perfectly however. only slightly better, but we can mv rather than cp, a little faster: post-extract: mkdir -p ${ZIG_CACHE}/p mv ${WRKDIR}/tracy-* ${ZIG_CACHE}/p/${HASH_TRACY} mv ${WRKDIR}/scripty-* ${ZIG_CACHE}/p/${HASH_SCRIPTY} mv ${WRKDIR}/known-folders-* ${ZIG_CACHE}/p/${HASH_KNOWN_FOLDERS} mv ${WRKDIR}/lsp-kit-* ${ZIG_CACHE}/p/${HASH_LSP_KIT} not CATEGORIES=www? would seem more intuitive than devel. clues in a comment about how to generate the hashes would be handy.

No comments:
Subscribe to: Comments (Atom)