<pre style='margin:0'>
Christopher Nielsen (mascguy) pushed a commit to branch master
in repository macports-ports.

</pre>
<p><a href="https://github.com/macports/macports-ports/commit/1b58ab9bd70e5563eea27438eae5558651a7494e">https://github.com/macports/macports-ports/commit/1b58ab9bd70e5563eea27438eae5558651a7494e</a></p>
<pre style="white-space: pre; background: #F8F8F8">The following commit(s) were added to refs/heads/master by this push:
<span style='display:block; white-space:pre;color:#404040;'>     new 1b58ab9bd70 privoxy: Security fix and bugfix
</span>1b58ab9bd70 is described below

<span style='display:block; white-space:pre;color:#808000;'>commit 1b58ab9bd70e5563eea27438eae5558651a7494e
</span>Author: Steven Thomas Smith <s.t.smith@ieee.org>
AuthorDate: Fri Nov 5 22:10:36 2021 -0400

<span style='display:block; white-space:pre;color:#404040;'>    privoxy: Security fix and bugfix
</span><span style='display:block; white-space:pre;color:#404040;'>    
</span><span style='display:block; white-space:pre;color:#404040;'>    * Fixes: https://github.com/macports/macports-ports/commit/17dbffd4a4878130afd546886e3240bb3bd862be#r59506269
</span><span style='display:block; white-space:pre;color:#404040;'>    * Fixes: https://github.com/openssl/openssl/issues/16968
</span>---
 www/privoxy/Portfile | 17 +++++++++--------
 1 file changed, 9 insertions(+), 8 deletions(-)

<span style='display:block; white-space:pre;color:#808080;'>diff --git a/www/privoxy/Portfile b/www/privoxy/Portfile
</span><span style='display:block; white-space:pre;color:#808080;'>index 24161991c1f..f818bcc7286 100644
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>--- a/www/privoxy/Portfile
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>+++ b/www/privoxy/Portfile
</span><span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -6,7 +6,7 @@ PortGroup           perl5 1.0
</span> 
 name                privoxy
 version             3.0.32
<span style='display:block; white-space:pre;background:#ffe0e0;'>-revision            3
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+revision            4
</span> categories          www security net
 platforms           darwin
 license             GPL-2
<span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -56,7 +56,7 @@ if {[option gpg_verify.use_gpg_verification]} {
</span> worksrcdir          ${name}-${version}-stable
 
 depends_build-append \
<span style='display:block; white-space:pre;background:#ffe0e0;'>-                    port:p5-sgmlspm
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+                    port:p${perl5.major}-sgmlspm
</span> 
 depends_lib-append \
                     port:brotli \
<span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -212,8 +212,8 @@ variant https_inspection \
</span>         # set random passphrase if sf-pwgen's is too short for some reason
         if {[string length ${passphrase}] < 20} {
             set passphrase \
<span style='display:block; white-space:pre;background:#ffe0e0;'>-                [exec sh -c "openssl rand -base64 22 2>/dev/null \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-                    | rev | cut -b 2- | rev || true"]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+                [exec sh -c "openssl rand -base64 23 2>/dev/null \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+                    | sed 's|=*\$||' || true"]
</span>         }
         return ${passphrase}
     }
<span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -288,13 +288,14 @@ variant https_inspection \
</span>             [correct_horse_battery_staple]
         set tls_ca_passphrase_fd \
             [open ${tls_ca_dir}/private/passphrase.txt w 0600]
<span style='display:block; white-space:pre;background:#e0ffe0;'>+        # see `man openssl` for -passin and -passout used together
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+        # -passin or -passout
</span>         puts ${tls_ca_passphrase_fd} \
             ${tls_ca_passphrase}
<span style='display:block; white-space:pre;background:#ffe0e0;'>-        # openssl password file apparently requires newline in
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-        # the context `openssl pkcs12`, or will throw the error:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-        # "Error reading password from BIO"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-        # https://github.com/openssl/openssl/blob/3841d0f6f02e1ad3a54beabf1d5395bd1c383254/apps/lib/apps.c#L330
</span>         puts ${tls_ca_passphrase_fd} "\n"
<span style='display:block; white-space:pre;background:#e0ffe0;'>+        # -passout
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+        puts ${tls_ca_passphrase_fd} \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+            ${tls_ca_passphrase}
</span>         close ${tls_ca_passphrase_fd}
         # create the root CA
         system -W ${tls_ca_dir} \
</pre><pre style='margin:0'>

</pre>