Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 28 Apr 2020 14:52:41 +0000 (UTC)
From:      Josh Paetzel <jpaetzel@FreeBSD.org>
To:        ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org
Subject:   svn commit: r533252 - branches/2020Q2/devel/py-yaml
Message-ID:  <202004281452.03SEqf2o068673@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: jpaetzel
Date: Tue Apr 28 14:52:41 2020
New Revision: 533252
URL: https://svnweb.freebsd.org/changeset/ports/533252

Log:
  MFH: r533167
  
  Update to 5.3.1
  
  This release contains a security fix for CVE-2020-1747. FullLoader was still
  exploitable for arbitrary command execution.
  https://bugzilla.redhat.com/show_bug.cgi?id=1807367
  
  Thanks to Riccardo Schirone (https://github.com/ret2libc) for both reporting
  this and providing the fixes to resolve it.
  
    - https://github.com/yaml/pyyaml/pull/386
  
  PR:	245937
  Submitted by:	daniel.engberg.lists@pyret.net
  Security:	http://vuxml.freebsd.org/freebsd/aae8fecf-888e-11ea-9714-08002718de91.html
  
  Approved by:	portmgr (joneum)

Modified:
  branches/2020Q2/devel/py-yaml/Makefile
  branches/2020Q2/devel/py-yaml/distinfo
Directory Properties:
  branches/2020Q2/   (props changed)

Modified: branches/2020Q2/devel/py-yaml/Makefile
==============================================================================
--- branches/2020Q2/devel/py-yaml/Makefile	Tue Apr 28 14:35:22 2020	(r533251)
+++ branches/2020Q2/devel/py-yaml/Makefile	Tue Apr 28 14:52:41 2020	(r533252)
@@ -2,7 +2,7 @@
 # $FreeBSD$
 
 PORTNAME=	yaml
-PORTVERSION=	5.2
+PORTVERSION=	5.3.1
 CATEGORIES=	devel python
 MASTER_SITES=	CHEESESHOP
 PKGNAMEPREFIX=	${PYTHON_PKGNAMEPREFIX}

Modified: branches/2020Q2/devel/py-yaml/distinfo
==============================================================================
--- branches/2020Q2/devel/py-yaml/distinfo	Tue Apr 28 14:35:22 2020	(r533251)
+++ branches/2020Q2/devel/py-yaml/distinfo	Tue Apr 28 14:52:41 2020	(r533252)
@@ -1,3 +1,3 @@
-TIMESTAMP = 1575414761
-SHA256 (PyYAML-5.2.tar.gz) = c0ee8eca2c582d29c3c2ec6e2c4f703d1b7f1fb10bc72317355a746057e7346c
-SIZE (PyYAML-5.2.tar.gz) = 265687
+TIMESTAMP = 1587917471
+SHA256 (PyYAML-5.3.1.tar.gz) = b8eac752c5e14d3eca0e6dd9199cd627518cb5ec06add0de9d32baeee6fe645d
+SIZE (PyYAML-5.3.1.tar.gz) = 269377



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202004281452.03SEqf2o068673>