Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 27 Apr 2020 20:22:43 +0000 (UTC)
From:      Josh Paetzel <jpaetzel@FreeBSD.org>
To:        ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org
Subject:   svn commit: r533167 - head/devel/py-yaml
Message-ID:  <202004272022.03RKMhm7046267@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
Author: jpaetzel
Date: Mon Apr 27 20:22:42 2020
New Revision: 533167
URL: https://svnweb.freebsd.org/changeset/ports/533167

Log:
  Update to 5.3.1
  
  This release contains a security fix for CVE-2020-1747. FullLoader was still
  exploitable for arbitrary command execution.
  https://bugzilla.redhat.com/show_bug.cgi?id=1807367
  
  Thanks to Riccardo Schirone (https://github.com/ret2libc) for both reporting
  this and providing the fixes to resolve it.
  
    - https://github.com/yaml/pyyaml/pull/386
  
  PR:	245937
  Submitted by:	daniel.engberg.lists@pyret.net
  MFH:	2020Q2
  Security:	http://vuxml.freebsd.org/freebsd/aae8fecf-888e-11ea-9714-08002718de91.html

Modified:
  head/devel/py-yaml/Makefile
  head/devel/py-yaml/distinfo

Modified: head/devel/py-yaml/Makefile
==============================================================================
--- head/devel/py-yaml/Makefile	Mon Apr 27 20:20:39 2020	(r533166)
+++ head/devel/py-yaml/Makefile	Mon Apr 27 20:22:42 2020	(r533167)
@@ -2,7 +2,7 @@
 # $FreeBSD$
 
 PORTNAME=	yaml
-PORTVERSION=	5.2
+PORTVERSION=	5.3.1
 CATEGORIES=	devel python
 MASTER_SITES=	CHEESESHOP
 PKGNAMEPREFIX=	${PYTHON_PKGNAMEPREFIX}

Modified: head/devel/py-yaml/distinfo
==============================================================================
--- head/devel/py-yaml/distinfo	Mon Apr 27 20:20:39 2020	(r533166)
+++ head/devel/py-yaml/distinfo	Mon Apr 27 20:22:42 2020	(r533167)
@@ -1,3 +1,3 @@
-TIMESTAMP = 1575414761
-SHA256 (PyYAML-5.2.tar.gz) = c0ee8eca2c582d29c3c2ec6e2c4f703d1b7f1fb10bc72317355a746057e7346c
-SIZE (PyYAML-5.2.tar.gz) = 265687
+TIMESTAMP = 1587917471
+SHA256 (PyYAML-5.3.1.tar.gz) = b8eac752c5e14d3eca0e6dd9199cd627518cb5ec06add0de9d32baeee6fe645d
+SIZE (PyYAML-5.3.1.tar.gz) = 269377

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202004272022.03RKMhm7046267>