Received: by mail.netbsd.org (Postfix, from userid 605)
	id D6B1284EC9; Fri, 27 Aug 2021 09:24:42 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
	by mail.netbsd.org (Postfix) with ESMTP id 1D67A84D8A
	for <pkgsrc-changes@NetBSD.org>; Fri, 27 Aug 2021 09:24:42 +0000 (UTC)
X-Virus-Scanned: amavisd-new at netbsd.org
Received: from mail.netbsd.org ([127.0.0.1])
	by localhost (mail.netbsd.org [127.0.0.1]) (amavisd-new, port 10025)
	with ESMTP id X4dONkUynq53 for <pkgsrc-changes@netbsd.org>;
	Fri, 27 Aug 2021 09:24:41 +0000 (UTC)
Received: from cvs.NetBSD.org (ivanova.NetBSD.org [IPv6:2001:470:a085:999:28c:faff:fe03:5984])
	by mail.netbsd.org (Postfix) with ESMTP id 5E4BE84CDC
	for <pkgsrc-changes@NetBSD.org>; Fri, 27 Aug 2021 09:24:41 +0000 (UTC)
Received: by cvs.NetBSD.org (Postfix, from userid 500)
	id 5B8CFFA97; Fri, 27 Aug 2021 09:24:41 +0000 (UTC)
Content-Transfer-Encoding: 7bit
Content-Type: multipart/mixed; boundary="_----------=_163005628148250"
MIME-Version: 1.0
Date: Fri, 27 Aug 2021 09:24:41 +0000
From: "Havard Eidnes" <he@netbsd.org>
Subject: CVS commit: pkgsrc/security/vault
To: pkgsrc-changes@NetBSD.org
Reply-To: he@netbsd.org
X-Mailer: log_accum
Message-Id: <20210827092441.5B8CFFA97@cvs.NetBSD.org>
Sender: pkgsrc-changes-owner@NetBSD.org
List-Id: <pkgsrc-changes.NetBSD.org>
Precedence: bulk
List-Unsubscribe: <mailto:majordomo@NetBSD.org?subject=Unsubscribe%20pkgsrc-changes&body=unsubscribe%20pkgsrc-changes>

This is a multi-part message in MIME format.

--_----------=_163005628148250
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="US-ASCII"

Module Name:	pkgsrc
Committed By:	he
Date:		Fri Aug 27 09:24:41 UTC 2021

Modified Files:
	pkgsrc/security/vault: Makefile distinfo

Log Message:
Upgrade security/vault to version 1.6.6.

Pkgsrc changes:
 * Note that we need go >= 1.15.15.

Upstream changes:

26 August 2021

SECURITY:

 * UI Secret Caching: The Vault UI erroneously cached and exposed
   user-viewed secrets between authenticated sessions in a single
   shared browser, if the browser window / tab was not refreshed or
   closed between logout and a subsequent login. This vulnerability,
   CVE-2021-38554, was fixed in Vault 1.8.0 and will be addressed in
   pending 1.7.4 / 1.6.6 releases.

CHANGES:

 * go: Update go version to 1.15.15 [GH-12423]

IMPROVEMENTS:

 * db/cassandra: Added tls_server_name to specify server name for
   TLS validation [GH-11820]

BUG FIXES:

 * physical/raft: Fix safeio.Rename error when restoring snapshots
   on windows [GH-12377]
 * secret: fix the bug where transit encrypt batch doesn't work
   with key_version [GH-11628]
 * secrets/database: Fixed an issue that prevented external database
   plugin processes from restarting after a shutdown. [GH-12087]
 * ui: Automatically refresh the page when user logs out [GH-12035]
 * ui: Fixes metrics page when read on counter config not allowed [GH-12348]
 * ui: fix oidc login with Safari [GH-11884]


To generate a diff of this commit:
cvs rdiff -u -r1.68 -r1.69 pkgsrc/security/vault/Makefile
cvs rdiff -u -r1.27 -r1.28 pkgsrc/security/vault/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


--_----------=_163005628148250
Content-Disposition: inline
Content-Length: 2338
Content-Transfer-Encoding: binary
Content-Type: text/x-diff; charset=us-ascii

Modified files:

Index: pkgsrc/security/vault/Makefile
diff -u pkgsrc/security/vault/Makefile:1.68 pkgsrc/security/vault/Makefile:1.69
--- pkgsrc/security/vault/Makefile:1.68	Wed Aug 11 19:35:07 2021
+++ pkgsrc/security/vault/Makefile	Fri Aug 27 09:24:41 2021
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.68 2021/08/11 19:35:07 bsiegert Exp $
+# $NetBSD: Makefile,v 1.69 2021/08/27 09:24:41 he Exp $
 
-DISTNAME=	vault-1.6.5
-PKGREVISION=	3
+DISTNAME=	vault-1.6.6
 CATEGORIES=	security
 MASTER_SITES=	${MASTER_SITE_GITHUB:=hashicorp/}
 
@@ -11,7 +10,6 @@ COMMENT=	Tool for managing secrets
 LICENSE=	mpl-2.0
 
 GITHUB_TAG=	v${PKGVERSION_NOREV}
-WORKSRC=	${PKGNAME}
 
 GO_DIST_BASE=		${DISTNAME}
 GO_SRCPATH=		github.com/hashicorp/vault
@@ -22,6 +20,8 @@ USE_TOOLS+=		bash gmake
 
 INSTALLATION_DIRS+=	bin
 
+DEPENDS+=	go>=1.15.15:../../lang/go
+
 # Clumsy workaround for https://github.com/golang/go/issues/22409
 pre-build:
 	${RM} -rf ${WRKSRC}/vault/external_tests

Index: pkgsrc/security/vault/distinfo
diff -u pkgsrc/security/vault/distinfo:1.27 pkgsrc/security/vault/distinfo:1.28
--- pkgsrc/security/vault/distinfo:1.27	Sun May 30 17:37:53 2021
+++ pkgsrc/security/vault/distinfo	Fri Aug 27 09:24:41 2021
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.27 2021/05/30 17:37:53 he Exp $
+$NetBSD: distinfo,v 1.28 2021/08/27 09:24:41 he Exp $
 
-SHA1 (vault-1.6.5.tar.gz) = e9b47cf76c96deea4b466a9d3cc64a39a5d0959b
-RMD160 (vault-1.6.5.tar.gz) = 1b2a7ed3e6c45e31cd18a3314399a512adba4e88
-SHA512 (vault-1.6.5.tar.gz) = 0f5640d376f21d57bf25db0865b4509ef819dd82e950f8c9192188ab3ef1c2477c369049b69a5194e27051b5d8dc523b9760b01eda6568f7348bb782cf6f97c6
-Size (vault-1.6.5.tar.gz) = 39136426 bytes
+SHA1 (vault-1.6.6.tar.gz) = f627772ec519a2e01b142580e5ed8b17cebfd423
+RMD160 (vault-1.6.6.tar.gz) = 33e9b0f0e9c1f29c7cca9ad56343d0d21450d2d4
+SHA512 (vault-1.6.6.tar.gz) = 820ec2f0b71defe6e6920bb4eefec55536d3d06345b676323d4af0c74c837c886871b0951b54f917e27b61bade9b4a8e9f36e3905a82a134b9e5f887ed744534
+Size (vault-1.6.6.tar.gz) = 39139148 bytes
 SHA1 (patch-scripts_gen__openapi.sh) = 1ad66480ef135adec05f58b088440e0bec6b4ab8
 SHA1 (patch-vendor_github.com_docker_docker_client_client__unix.go) = 86d985a6aac6b0eaaf6bdc3b1e4a7e2d17454a6a
 SHA1 (patch-vendor_github.com_docker_docker_pkg_system_stat__netbsd.go) = 09c2f699b37fcb2ea05ca0df270359426a0629b7


--_----------=_163005628148250--