diff options
| author | adam <adam@pkgsrc.org> | 2020-06-30 05:59:40 +0000 |
|---|---|---|
| committer | adam <adam@pkgsrc.org> | 2020-06-30 05:59:40 +0000 |
| commit | d49ecf51f17ff9814e571b1aa6cdbfd9fe36ab98 (patch) | |
| tree | 5b7274482ed1aa66e14ab13eeffa3ed2cd8e80cf /lang/python36 | |
| parent | d02030a2303f7c3c3e7762d64e0f97c6b1ec3d78 (diff) | |
| download | pkgsrc-d49ecf51f17ff9814e571b1aa6cdbfd9fe36ab98.tar.gz | |
python36: updated to 3.6.11
Python 3.6.11 final
There were no new changes in version 3.6.11.
Python 3.6.11 release candidate 1
Security
bpo-39073: Disallow CR or LF in email.headerregistry.Address arguments to guard against header injection attacks.
bpo-38576: Disallow control characters in hostnames in http.client, addressing CVE-2019-18348. Such potentially malicious header injection URLs now cause a InvalidURL to be raised.
bpo-39503: CVE-2020-8492: The AbstractBasicAuthHandler class of the urllib.request module uses an inefficient regular expression which can be exploited by an attacker to cause a denial of service. Fix the regex to prevent the catastrophic backtracking. Vulnerability reported by Ben Caller and Matt Schwager.
bpo-39401: Avoid unsafe load of api-ms-win-core-path-l1-1-0.dll at startup on Windows 7.
Core and Builtins
bpo-39510: Fix segfault in readinto() method on closed BufferedReader.
bpo-39421: Fix possible crashes when operating with the functions in the heapq module and custom comparison operators.
Library
bpo-39503: AbstractBasicAuthHandler of urllib.request now parses all WWW-Authenticate HTTP headers and accepts multiple challenges per header: use the realm of the first Basic challenge.
Diffstat (limited to 'lang/python36')
| -rw-r--r-- | lang/python36/Makefile | 3 | ||||
| -rw-r--r-- | lang/python36/dist.mk | 4 | ||||
| -rw-r--r-- | lang/python36/distinfo | 10 |
3 files changed, 8 insertions, 9 deletions
diff --git a/lang/python36/Makefile b/lang/python36/Makefile index 00728f51015..f68b850ab9a 100644 --- a/lang/python36/Makefile +++ b/lang/python36/Makefile @@ -1,6 +1,5 @@ -# $NetBSD: Makefile,v 1.24 2020/05/21 17:25:13 leot Exp $ +# $NetBSD: Makefile,v 1.25 2020/06/30 05:59:40 adam Exp $ -PKGREVISION= 2 .include "dist.mk" PKGNAME= python36-${PY_DISTVERSION} diff --git a/lang/python36/dist.mk b/lang/python36/dist.mk index 34d16fb9128..76456e78737 100644 --- a/lang/python36/dist.mk +++ b/lang/python36/dist.mk @@ -1,6 +1,6 @@ -# $NetBSD: dist.mk,v 1.11 2019/12/28 22:24:01 adam Exp $ +# $NetBSD: dist.mk,v 1.12 2020/06/30 05:59:40 adam Exp $ -PY_DISTVERSION= 3.6.10 +PY_DISTVERSION= 3.6.11 DISTNAME= Python-${PY_DISTVERSION} EXTRACT_SUFX= .tar.xz DISTINFO_FILE= ${.CURDIR}/../../lang/python36/distinfo diff --git a/lang/python36/distinfo b/lang/python36/distinfo index 41718ba080e..ac325ec2145 100644 --- a/lang/python36/distinfo +++ b/lang/python36/distinfo @@ -1,9 +1,9 @@ -$NetBSD: distinfo,v 1.29 2019/12/28 22:24:01 adam Exp $ +$NetBSD: distinfo,v 1.30 2020/06/30 05:59:40 adam Exp $ -SHA1 (Python-3.6.10.tar.xz) = 781072e4726ff0c6dc9370dbfb9dd781d87987dc -RMD160 (Python-3.6.10.tar.xz) = cf326d5d0fa468da181c537cbd6b91723e686b64 -SHA512 (Python-3.6.10.tar.xz) = 26147099e1f1a0ffc85febad26e18e991f019599a150887ea0b925e34663fad8e03b3c2a941e2770c1a63960695e173ef32709572c9361e7f2cb862ccf75b28a -Size (Python-3.6.10.tar.xz) = 17212220 bytes +SHA1 (Python-3.6.11.tar.xz) = 0840e6b726446fccaef483dad84cce8fdc683077 +RMD160 (Python-3.6.11.tar.xz) = d1577bbfb4fb6b9c47389383e2b5ff9abb7db9e3 +SHA512 (Python-3.6.11.tar.xz) = c76969a6602e095641ba5fd0999a47cf0187eb26559ba9a6e80fe401b8928f6cd9eabd963f615f7c667e48f56603f2508d2b5692c83ea8da1e21292131fb11d6 +Size (Python-3.6.11.tar.xz) = 17213036 bytes SHA1 (patch-Lib_ctypes_util.py) = 3b7aecb2879cce70c76bd4bc60f2ec577a5bed61 SHA1 (patch-Lib_distutils_command_install.py) = 29204f34296f36ab2b21c745f915ba73caf2b71c SHA1 (patch-Lib_distutils_sysconfig.py) = 6822eafb4dfded86d7f7353831816aeb8119e6cf |