Add UPDATING entry to notify about uwsgi default socket mode change

author: Mark Felder <feld@FreeBSD.org> 2017-01-27 23:37:47 +0000
committer: Mark Felder <feld@FreeBSD.org> 2017-01-27 23:37:47 +0000
commit: 2d260424858ddf84406dd62ad8dc950b530f2e36 (patch)
tree: 7971be715d28bafd74d4d8e7d3cbd89030f1097a /UPDATING
parent: cd736896577ff9dd25740bfe252aa5f7827f35e4 (diff)
download: ports-2d260424858ddf84406dd62ad8dc950b530f2e36.tar.gz
ports-2d260424858ddf84406dd62ad8dc950b530f2e36.zip
1 files changed, 9 insertions, 0 deletions
diff --git a/UPDATING b/UPDATING
index 881c6e33b4af..d93b5cbe9e06 100644
--- a/UPDATING
+++ b/UPDATING
@@ -5,6 +5,15 @@ they are unavoidable.
 You should get into the habit of checking this file for changes each time
 you update your ports collection, before attempting any port upgrades.
 
+20170127:
+  AFFECTS: users of www/uwsgi
+  AUTHOR: feld@FreeBSD.org
+
+  The default socket mode for uwsgi as 777 is a severe security concern.
+  This has been remediated by changing the rc script to default to 600.
+  The mode is configurable with rc.conf values: uwsgi_socket_mode="600"
+  or for a profile named "www", uwsgi_www_socket_mode="600".
+
 20170121:
   AFFECTS: users of security/tinc
   AUTHOR: dinoex@FreeBSD.org
author	Mark Felder <feld@FreeBSD.org>	2017-01-27 23:37:47 +0000
committer	Mark Felder <feld@FreeBSD.org>	2017-01-27 23:37:47 +0000
commit	2d260424858ddf84406dd62ad8dc950b530f2e36 (patch)
tree	7971be715d28bafd74d4d8e7d3cbd89030f1097a /UPDATING
parent	cd736896577ff9dd25740bfe252aa5f7827f35e4 (diff)
download	ports-2d260424858ddf84406dd62ad8dc950b530f2e36.tar.gz ports-2d260424858ddf84406dd62ad8dc950b530f2e36.zip