Date: Mon, 25 Nov 2019 17:57:21 +0000 From: bugzilla-noreply@freebsd.org To: elastic@FreeBSD.org Subject: [Bug 229322] net/py-urllib3: Update to 1.25.6 Message-ID: <bug-229322-37421-iogMlGcfvE@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-229322-37421@https.bugs.freebsd.org/bugzilla/> References: <bug-229322-37421@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D229322 Kai Knoblich <kai@FreeBSD.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |kai@FreeBSD.org --- Comment #30 from Kai Knoblich <kai@FreeBSD.org> --- With ports r518410 all preparations from my side are now done for the /head branch to get net/py-urllib3 updated to 1.25.6. When my assumptions are correct there are two exp-runs running which are related to urllib3 at the moment (the label PR241621 is a somewhat confusin= g in that case): http://package23.nyi.freebsd.org/build.html?mastername=3D113i386-default-PR= 241624&build=3D2019-11-25_06h54m48s http://package22.nyi.freebsd.org/build.html?mastername=3D113amd64-default-P= R241624&build=3D2019-11-25_10h11m45s I have one question/note regarding the "merge-quartely" flag that was set to "-" recently:=20 I'm afraid that a MFH is required because the 1.25.6 release of urllib3 includes fixes for three CVEs (CVE-2018-20060, CVE-2019-11236 and CVE-2019-11324). I plan to commit a related VuXML entry in a few hours. At the moment I'm doing preparations and test-runs for the 2019Q4 branch but that still takes a little while. Maybe another exp-run for the 2019Q4 branch makes sense once urllib 1.25.6 lands in /head? --=20 You are receiving this mail because: You are on the CC list for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-229322-37421-iogMlGcfvE>