aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorfeld <feld@FreeBSD.org>2017-02-03 01:50:46 +0800
committerfeld <feld@FreeBSD.org>2017-02-03 01:50:46 +0800
commitffcf428474298f3d1b31d610a2da7ddb35557f51 (patch)
tree25b51eb31384909f7ed54e9f18998a69ec68a501
parenteda1991f05ff45ea92b4c9a5c0222c98322111b5 (diff)
downloadfreebsd-ports-gnome-ffcf428474298f3d1b31d610a2da7ddb35557f51.tar.gz
freebsd-ports-gnome-ffcf428474298f3d1b31d610a2da7ddb35557f51.tar.zst
freebsd-ports-gnome-ffcf428474298f3d1b31d610a2da7ddb35557f51.zip
Add new UPDATING entry with details on newest changes to uwsgi
-rw-r--r--UPDATING13
1 files changed, 13 insertions, 0 deletions
diff --git a/UPDATING b/UPDATING
index 271726d2f430..ad05ee7b5a49 100644
--- a/UPDATING
+++ b/UPDATING
@@ -5,6 +5,19 @@ they are unavoidable.
You should get into the habit of checking this file for changes each time
you update your ports collection, before attempting any port upgrades.
+20170202:
+ AFFECTS: users of www/uwsgi
+ AUTHOR: feld@FreeBSD.org
+
+ The previous disruptive changes to uwsgi for security have been remediated
+ through creation of a dedicated uwsgi user/group and utilizing the
+ uwsgi feature to set socket ownership. The uwsgi daemon by default now
+ has the following properties:
+
+ * Process runs as uwsgi user and group (UID/GID 165)
+ * Socket mode is 660, still protecting unauthorized access from "other"
+ * Socket ownership is www:www, restoring compatibility
+
20170130:
AFFECTS: users of devel/ice, devel/py-ice, devel/php5-ice
AUTHOR: grembo@FreeBSD.org