MFH: r533167

Update to 5.3.1 This release contains a security fix for CVE-2020-1747. FullLoader was still exploitable for arbitrary command execution. https://bugzilla.redhat.com/show_bug.cgi?id=1807367 Thanks to Riccardo Schirone (https://github.com/ret2libc) for both reporting this and providing the fixes to resolve it. - yaml/pyyaml#386 PR: 245937 Submitted by: daniel.engberg.lists@pyret.net Security: http://vuxml.freebsd.org/freebsd/aae8fecf-888e-11ea-9714-08002718de91.html Approved by: portmgr (joneum)
pfsense · Apr 28, 2020 · ed0efb6 · ed0efb6
1 parent de00ad9
commit ed0efb6
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 4 deletions.
diff --git a/devel/py-yaml/Makefile b/devel/py-yaml/Makefile
@@ -2,7 +2,7 @@
 # $FreeBSD$
 
 PORTNAME=	yaml
-PORTVERSION=	5.2
+PORTVERSION=	5.3.1
 CATEGORIES=	devel python
 MASTER_SITES=	CHEESESHOP
 PKGNAMEPREFIX=	${PYTHON_PKGNAMEPREFIX}

diff --git a/devel/py-yaml/distinfo b/devel/py-yaml/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1575414761
-SHA256 (PyYAML-5.2.tar.gz) = c0ee8eca2c582d29c3c2ec6e2c4f703d1b7f1fb10bc72317355a746057e7346c
-SIZE (PyYAML-5.2.tar.gz) = 265687
+TIMESTAMP = 1587917471
+SHA256 (PyYAML-5.3.1.tar.gz) = b8eac752c5e14d3eca0e6dd9199cd627518cb5ec06add0de9d32baeee6fe645d
+SIZE (PyYAML-5.3.1.tar.gz) = 269377