From: Peter Korsgaard <peter@korsgaard.com>
To: buildroot@busybox.net
Subject: [Buildroot] [PATCH 2/2] python-webpy: security bump to version 0.39
Date: Wed, 4 Apr 2018 17:51:32 +0200 [thread overview]
Message-ID: <20180404155132.17500-2-peter@korsgaard.com> (raw)
In-Reply-To: <20180404155132.17500-1-peter@korsgaard.com>
From the changelog:
2018-02-28 0.39
* Fixed a security issue with the form module (tx Orange Tsai)
* Fixed a security issue with the db module (tx Adri?n Brav and Orange Tsai)
2016-07-08 0.38
..
* Fixed a potential remote exeution risk in `reparam` (tx Adri?n Brav)
License files are still not included on pypi, so continue to use the git
repo. Upstream has unfortunately not tagged 0.39, so use the latest commit
on the 0.39 branch. A request to fix this has been submitted:
https://github.com/webpy/webpy/issues/449
0.39 now uses setuptools, so change the _SETUP_TYPE.
Add hashes for the license files.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
package/python-webpy/python-webpy.hash | 4 +++-
package/python-webpy/python-webpy.mk | 5 +++--
2 files changed, 6 insertions(+), 3 deletions(-)
diff --git a/package/python-webpy/python-webpy.hash b/package/python-webpy/python-webpy.hash
index 0e0a8d0fb8..30a14f4705 100644
--- a/package/python-webpy/python-webpy.hash
+++ b/package/python-webpy/python-webpy.hash
@@ -1,2 +1,4 @@
# Locally computed
-sha256 c3cb8930739294103b1ad109e5fd1d0efae67c06d5b6d59fce5b5a2ee6b21624 python-webpy-webpy-0.37.tar.gz
+sha256 e17ac483846fb15629c76c43cf64c0b65eac3c870dca2251801b459b1e4e12b8 python-webpy-6df75fe581e0e838d28334d5c53f52421560d38b.tar.gz
+sha256 3826fd531a9b904841f5e3560fcda7e93f2ab8d11ef124ec65e10625efa26c34 LICENSE.txt
+sha256 7347fd17bfd33c4093c31dc77076733e1e0150ce8c13296c56dc042bbecede84 web/wsgiserver/LICENSE.txt
diff --git a/package/python-webpy/python-webpy.mk b/package/python-webpy/python-webpy.mk
index 8bcc8ec37f..1e67cd6fd8 100644
--- a/package/python-webpy/python-webpy.mk
+++ b/package/python-webpy/python-webpy.mk
@@ -4,9 +4,10 @@
#
################################################################################
-PYTHON_WEBPY_VERSION = webpy-0.37
+# corresponds to 0.39
+PYTHON_WEBPY_VERSION = 6df75fe581e0e838d28334d5c53f52421560d38b
PYTHON_WEBPY_SITE = $(call github,webpy,webpy,$(PYTHON_WEBPY_VERSION))
-PYTHON_WEBPY_SETUP_TYPE = distutils
+PYTHON_WEBPY_SETUP_TYPE = setuptools
PYTHON_WEBPY_LICENSE = Public Domain, CherryPy License
PYTHON_WEBPY_LICENSE_FILES = LICENSE.txt web/wsgiserver/LICENSE.txt
--
2.11.0
next prev parent reply other threads:[~2018-04-04 15:51 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-04-04 15:51 [Buildroot] [PATCH 1/2] python-webpy: needs hashlib support in python Peter Korsgaard
2018-04-04 15:51 ` Peter Korsgaard [this message]
2018-04-08 19:42 ` [Buildroot] [PATCH 2/2] python-webpy: security bump to version 0.39 Peter Korsgaard
2018-04-11 15:47 ` Peter Korsgaard
2018-04-04 20:55 ` [Buildroot] [PATCH 1/2] python-webpy: needs hashlib support in python Thomas Petazzoni
2018-04-04 22:55 ` Arnout Vandecappelle
2018-04-05 6:05 ` Peter Korsgaard
2018-04-08 19:41 ` Peter Korsgaard
2018-04-11 15:46 ` Peter Korsgaard
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180404155132.17500-2-peter@korsgaard.com \
--to=peter@korsgaard.com \
--cc=buildroot@busybox.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.