summaryrefslogtreecommitdiff
path: root/lang/py36-html-docs
diff options
context:
space:
mode:
authoradam <adam@pkgsrc.org>2021-06-29 12:37:47 +0000
committeradam <adam@pkgsrc.org>2021-06-29 12:37:47 +0000
commit1d22a1b8ca1be65a5af38845fcc4f69ee0cfd87e (patch)
treef719f615b17b5dff8d224411baca5f197ac80eb1 /lang/py36-html-docs
parent4c2a732a606a6f8e69712ccd610a2cf38f01d027 (diff)
downloadpkgsrc-1d22a1b8ca1be65a5af38845fcc4f69ee0cfd87e.tar.gz
python36: updated to 3.6.14
Python 3.6.14 final Security bpo-44022: mod:http.client now avoids infinitely reading potential HTTP headers after a 100 Continue status response from the server. bpo-43882: The presence of newline or tab characters in parts of a URL could allow some forms of attacks. Following the controlling specification for URLs defined by WHATWG urllib.parse() now removes ASCII newlines and tabs from URLs, preventing such attacks. bpo-42988: CVE-2021-3426: Remove the getfile feature of the pydoc module which could be abused to read arbitrary files on the disk (directory traversal vulnerability). Moreover, even source code of Python modules can contain sensitive data like passwords. Vulnerability reported by David Schwörer. bpo-43285: ftplib no longer trusts the IP address value returned from the server in response to the PASV command by default. This prevents a malicious FTP server from using the response to probe IPv4 address and port combinations on the client network. Code that requires the former vulnerable behavior may set a trust_server_pasv_ipv4_address attribute on their ftplib.FTP instances to True to re-enable it. bpo-43075: Fix Regular Expression Denial of Service (ReDoS) vulnerability in urllib.request.AbstractBasicAuthHandler. The ReDoS-vulnerable regex has quadratic worst-case complexity and it allows cause a denial of service when identifying crafted invalid RFCs. This ReDoS issue is on the client side and needs remote attackers to control the HTTP server.
Diffstat (limited to 'lang/py36-html-docs')
-rw-r--r--lang/py36-html-docs/Makefile4
-rw-r--r--lang/py36-html-docs/distinfo10
2 files changed, 7 insertions, 7 deletions
diff --git a/lang/py36-html-docs/Makefile b/lang/py36-html-docs/Makefile
index 734c4f941e9..d777ef3babd 100644
--- a/lang/py36-html-docs/Makefile
+++ b/lang/py36-html-docs/Makefile
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.14 2021/02/16 19:39:53 adam Exp $
+# $NetBSD: Makefile,v 1.15 2021/06/29 12:37:47 adam Exp $
-VERS= 3.6.13
+VERS= 3.6.14
DISTNAME= python-${VERS}-docs-html
PKGNAME= py36-html-docs-${VERS}
CATEGORIES= lang python
diff --git a/lang/py36-html-docs/distinfo b/lang/py36-html-docs/distinfo
index 25b040a9827..bb0942074f4 100644
--- a/lang/py36-html-docs/distinfo
+++ b/lang/py36-html-docs/distinfo
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.13 2021/02/16 19:39:53 adam Exp $
+$NetBSD: distinfo,v 1.14 2021/06/29 12:37:47 adam Exp $
-SHA1 (python-3.6.13-docs-html.tar.bz2) = 6c751bb1fe1a2aa10cdac1572609c367026efb3f
-RMD160 (python-3.6.13-docs-html.tar.bz2) = 62c854d18f22805194a85e0d0c954bd341370015
-SHA512 (python-3.6.13-docs-html.tar.bz2) = 7bdc77767211a652dbbe654cf9675e325a959d1d90eb751fa2f86abd04ddc41301d1035c8cf1a4968a8f23c97f95cf87b06763fd97f7844ac13c365b39dfcd8b
-Size (python-3.6.13-docs-html.tar.bz2) = 6016532 bytes
+SHA1 (python-3.6.14-docs-html.tar.bz2) = 0588aea479ace5c56cbdde1206fe24b1eb71094a
+RMD160 (python-3.6.14-docs-html.tar.bz2) = 4a52d55d10d9db86f220316ad6fd654dcb22c0e2
+SHA512 (python-3.6.14-docs-html.tar.bz2) = a35525fd934e7e95a4e242fb7cfaa770ee42acdb4db40cbe8e40d77d73e98bf72ab02554f3733c884a73f7afaf28e079e0b37ba300134814cf9a08bb61dfee45
+Size (python-3.6.14-docs-html.tar.bz2) = 6022374 bytes