Update to 5.3.1

This release contains a security fix for CVE-2020-1747. FullLoader was still exploitable for arbitrary command execution. https://bugzilla.redhat.com/show_bug.cgi?id=1807367 Thanks to Riccardo Schirone (https://github.com/ret2libc) for both reporting this and providing the fixes to resolve it. - https://github.com/yaml/pyyaml/pull/386 PR: 245937 Submitted by: daniel.engberg.lists@pyret.net MFH: 2020Q2 Security: http://vuxml.freebsd.org/freebsd/aae8fecf-888e-11ea-9714-08002718de91.html
svn path=/head/; revision=533167
2025-02-07 11:49:40 +00:00 · 2020-04-27 20:22:42 +00:00 · 2020-04-27 20:22:42 +00:00 · 954d218c29 · 2021-03-31 03:12:20 +00:00
commit 954d218c29
parent 682b57baac
2 changed files with 4 additions and 4 deletions
--- a/devel/py-yaml/Makefile
+++ b/devel/py-yaml/Makefile
@ -2,7 +2,7 @@
 # $FreeBSD$

 PORTNAME=	yaml
-PORTVERSION=	5.2
+PORTVERSION=	5.3.1
 CATEGORIES=	devel python
 MASTER_SITES=	CHEESESHOP
 PKGNAMEPREFIX=	${PYTHON_PKGNAMEPREFIX}
--- a/devel/py-yaml/distinfo
+++ b/devel/py-yaml/distinfo
@ -1,3 +1,3 @@
-TIMESTAMP = 1575414761
-SHA256 (PyYAML-5.2.tar.gz) = c0ee8eca2c582d29c3c2ec6e2c4f703d1b7f1fb10bc72317355a746057e7346c
-SIZE (PyYAML-5.2.tar.gz) = 265687
+TIMESTAMP = 1587917471
+SHA256 (PyYAML-5.3.1.tar.gz) = b8eac752c5e14d3eca0e6dd9199cd627518cb5ec06add0de9d32baeee6fe645d
+SIZE (PyYAML-5.3.1.tar.gz) = 269377