databases/db5: nuke SQL option and abandon port
Security: CVE-2019-8457 The SQL option is vulnerable, and since this feature was always marked experimental, nuke it, and backport to 2022Q1. If someone needs the SQL interface in spite of its vulnerability, please use: pkg lock -y db5. MFH: 2022Q1 I am marking the port for expiry and abandoning it because I will no longer spend the increasing efforts to play hide and seek with Oracle's patches, or backport sometimes bigger Linux distro patches (Red Hat, Debian, who else?), or otherwise put up with how they have changed availability of patches, documentation, or important information. FOR db5 USERS: One option is to upgrade to db18, but note that db versions 6 and 18 are under the Affero GNU GPL v3 license, with implications for, among others, software-as-a-service, and distributability of packages linking against db. This is in stark contrast with db5's Sleepycat license. POTENTIAL MAINTAINERS: If someone wants to adopt this, review all the various patches in the major other BSD distros and Linux distros, check if their patches can be licensed under a sufficiently liberal license (ideally, MIT-like or Sleepycat) and see what you need to import.
This commit is contained in:
Matthias Andree
parent
ee92f5859d
commit
64fde89d49
2 changed files with 7 additions and 27 deletions
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
PORTNAME= db5
|
||||
PORTVERSION= 5.3.28
|
||||
PORTREVISION= 7
|
||||
PORTREVISION= 8
|
||||
CATEGORIES= databases java
|
||||
MASTER_SITES= https://download.oracle.com/berkeley-db/
|
||||
PKGNAMEPREFIX?=
|
||||
|
|
@ -11,7 +11,10 @@ PKGNAMEPREFIX?=
|
|||
DISTNAME= db-${PORTVERSION}
|
||||
DIST_SUBDIR= bdb
|
||||
|
||||
MAINTAINER= mandree@FreeBSD.org
|
||||
DEPRECATED= EOLd, upstream hiding patches, potential security issues
|
||||
EXPIRATION_DATE=2022-06-30
|
||||
|
||||
MAINTAINER= ports@FreeBSD.org
|
||||
COMMENT= Oracle Berkeley DB, revision ${BDBVER}
|
||||
|
||||
LICENSE= SLEEPYCAT
|
||||
|
|
@ -38,12 +41,11 @@ PLIST_SUB= BDBMAJ=${BDBMAJ} BDBVER=${BDBVER}
|
|||
MAKE_ARGS+= docdir=${DOCSDIR}
|
||||
CFLAGS+= -Wall -Wextra
|
||||
|
||||
OPTIONS_DEFINE= CRYPTO DEBUG L10N SQL JAVA TCL DOCS
|
||||
OPTIONS_DEFINE= CRYPTO DEBUG L10N JAVA TCL DOCS
|
||||
OPTIONS_DEFAULT=CRYPTO
|
||||
OPTIONS_SUB= yes
|
||||
CRYPTO_DESC= Cryptography support
|
||||
L10N_DESC= Localization support (EXPERIMENTAL)
|
||||
SQL_DESC= Enable SQL API (EXPERIMENTAL)
|
||||
|
||||
PORTDOCS= *
|
||||
|
||||
|
|
@ -52,8 +54,6 @@ DBLIBS= libdb libdb_cxx libdb_stl
|
|||
DEBUG_CONFIGURE_ENABLE= debug umrw
|
||||
CRYPTO_CONFIGURE_WITH= cryptography=yes
|
||||
L10N_CONFIGURE_ENABLE= localization
|
||||
SQL_CONFIGURE_ENABLE= sql sql_codegen
|
||||
SQL_VARS= DBLIBS+=libdb_sql
|
||||
JAVA_USE= java
|
||||
# db5 is incompatible with openjdk8 and causes IllegalArgument
|
||||
# exceptions during build
|
||||
|
|
@ -83,6 +83,7 @@ post-patch:
|
|||
|
||||
post-install:
|
||||
${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/db5/db_*
|
||||
${RM} -r ${STAGEDIR}${DOCSDIR}/bdb-sql
|
||||
.for i in ${DBLIBS}
|
||||
${STRIP_CMD} ${STAGEDIR}${PREFIX}/lib/${PORTNAME}/${i}-${BDBVER}.so.0
|
||||
${LN} -s -f ${PORTNAME}/${i}-${BDBVER}.so.0 ${STAGEDIR}${PREFIX}/lib
|
||||
|
|
@ -101,9 +102,6 @@ post-install-JAVA-off:
|
|||
${RM} -r ${STAGEDIR}${DOCSDIR}/${i}/JAVA
|
||||
.endfor
|
||||
|
||||
post-install-SQL-off:
|
||||
${RM} -r ${STAGEDIR}${DOCSDIR}/bdb-sql
|
||||
|
||||
post-install-TCL-on:
|
||||
echo "package ifneeded Db_tcl ${BDBVER} \
|
||||
[list load [file join $$dir libdb_tcl-${BDBVER}.so]] \
|
||||
|
|
|
|||
|
|
@ -9,12 +9,10 @@ bin/db5/db_log_verify
|
|||
bin/db5/db_printlog
|
||||
bin/db5/db_recover
|
||||
bin/db5/db_replicate
|
||||
%%SQL%%bin/db5/db_sql_codegen
|
||||
bin/db5/db_stat
|
||||
bin/db5/db_tuner
|
||||
bin/db5/db_upgrade
|
||||
bin/db5/db_verify
|
||||
%%SQL%%bin/db5/dbsql
|
||||
bin/db_archive-%%BDBMAJ%%
|
||||
bin/db_archive-%%BDBVER%%
|
||||
bin/db_checkpoint-%%BDBMAJ%%
|
||||
|
|
@ -37,8 +35,6 @@ bin/db_recover-%%BDBMAJ%%
|
|||
bin/db_recover-%%BDBVER%%
|
||||
bin/db_replicate-%%BDBMAJ%%
|
||||
bin/db_replicate-%%BDBVER%%
|
||||
%%SQL%%bin/db_sql_codegen-%%BDBMAJ%%
|
||||
%%SQL%%bin/db_sql_codegen-%%BDBVER%%
|
||||
bin/db_stat-%%BDBMAJ%%
|
||||
bin/db_stat-%%BDBVER%%
|
||||
bin/db_tuner-%%BDBMAJ%%
|
||||
|
|
@ -47,12 +43,9 @@ bin/db_upgrade-%%BDBMAJ%%
|
|||
bin/db_upgrade-%%BDBVER%%
|
||||
bin/db_verify-%%BDBMAJ%%
|
||||
bin/db_verify-%%BDBVER%%
|
||||
%%SQL%%bin/dbsql-%%BDBMAJ%%
|
||||
%%SQL%%bin/dbsql-%%BDBVER%%
|
||||
include/db5/db.h
|
||||
include/db5/db_185.h
|
||||
include/db5/db_cxx.h
|
||||
%%SQL%%include/db5/dbsql.h
|
||||
include/db5/dbstl_base_iterator.h
|
||||
include/db5/dbstl_common.h
|
||||
include/db5/dbstl_container.h
|
||||
|
|
@ -89,13 +82,6 @@ lib/db5/libdb_cxx.so
|
|||
%%JAVA%%lib/db5/libdb_java.a
|
||||
%%JAVA%%lib/db5/libdb_java.so
|
||||
%%JAVA%%lib/db5/libdb_java-%%BDBMAJ%%.so
|
||||
%%SQL%%lib/db5/libdb_sql-%%BDBVER%%.a
|
||||
%%SQL%%lib/db5/libdb_sql-%%BDBVER%%.so
|
||||
%%SQL%%lib/db5/libdb_sql-%%BDBVER%%.so.0
|
||||
%%SQL%%lib/db5/libdb_sql-%%BDBVER%%.so.0.0.0
|
||||
%%SQL%%lib/db5/libdb_sql.a
|
||||
%%SQL%%lib/db5/libdb_sql.so
|
||||
%%SQL%%lib/db5/libdb_sql-%%BDBMAJ%%.so
|
||||
lib/db5/libdb_stl-%%BDBVER%%.a
|
||||
lib/db5/libdb_stl-%%BDBVER%%.so
|
||||
lib/db5/libdb_stl-%%BDBVER%%.so.0
|
||||
|
|
@ -115,10 +101,6 @@ lib/libdb_cxx-%%BDBVER%%.so.0
|
|||
%%JAVA%%lib/libdb_java-%%BDBMAJ%%.so.0
|
||||
%%JAVA%%lib/libdb_java-%%BDBVER%%.so
|
||||
%%JAVA%%lib/libdb_java-%%BDBVER%%.so.0
|
||||
%%SQL%%lib/libdb_sql-%%BDBMAJ%%.so
|
||||
%%SQL%%lib/libdb_sql-%%BDBMAJ%%.so.0
|
||||
%%SQL%%lib/libdb_sql-%%BDBVER%%.so
|
||||
%%SQL%%lib/libdb_sql-%%BDBVER%%.so.0
|
||||
lib/libdb_stl-%%BDBMAJ%%.so
|
||||
lib/libdb_stl-%%BDBMAJ%%.so.0
|
||||
lib/libdb_stl-%%BDBVER%%.so
|
||||
|
|
|
|||
Loading…
Reference in a new issue