Date: Thu, 22 Jun 2023 20:49:07 +0700 From: Eugene Grosbein <eugen@freebsd.org> To: Charlie Li <vishwin@freebsd.org>, ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: Re: git: 3dda704910d4 - main - devel/py-setuptools: fix CVE-2022-40897 backporting a patch Message-ID: <7d4eb924-9da9-5fc6-4549-1743c9a5166f@freebsd.org> In-Reply-To: <c040bc4f-ca84-d60c-0b27-4a000479a3cf@freebsd.org> References: <202306221324.35MDOJJO099564@gitrepo.freebsd.org> <c040bc4f-ca84-d60c-0b27-4a000479a3cf@freebsd.org>
index | next in thread | previous in thread | raw e-mail
22.06.2023 20:28, Charlie Li wrote: > Eugene Grosbein wrote: >> The branch main has been updated by eugen: >> >> URL: https://cgit.FreeBSD.org/ports/commit/?id=3dda704910d48411e072f7c58b8530dcd56bc5a9 >> >> commit 3dda704910d48411e072f7c58b8530dcd56bc5a9 >> Author: Eugene Grosbein <eugen@FreeBSD.org> >> AuthorDate: 2023-06-22 13:13:03 +0000 >> Commit: Eugene Grosbein <eugen@FreeBSD.org> >> CommitDate: 2023-06-22 13:24:12 +0000 >> >> devel/py-setuptools: fix CVE-2022-40897 backporting a patch >> This commit integrates one-line upstream fix for the problem: >> https://github.com/pypa/setuptools/commit/43a9c9bfa6aa626ec2a22540bea28d2ca77964be.diff >> Our port has not been fixed for several months making users unhappy. >> It's upto the maintainer to update the port, this commit does not update it. >> Bump PORTREVISION and adjust VuXML entry. >> Due to the nature of the problem and fix there is no need in updating consumers. > Thanks for beating me to it. Both setuptools{58,44} will also need the backport given that they apply. They do. Committed.home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?7d4eb924-9da9-5fc6-4549-1743c9a5166f>