diff options
| author | adam <adam@pkgsrc.org> | 2017-07-28 07:04:36 +0000 |
|---|---|---|
| committer | adam <adam@pkgsrc.org> | 2017-07-28 07:04:36 +0000 |
| commit | 47ed8441e13d1e67832815345ff64fd3eb2b8247 (patch) | |
| tree | c8467ca3544499cefe7a9377314dd9f45d498d57 /www/py-cfscrape | |
| parent | 31ead86e3acd8a60f28166250a89f4a0498bff50 (diff) | |
| download | pkgsrc-47ed8441e13d1e67832815345ff64fd3eb2b8247.tar.gz | |
1.8.0:
Remove insecure Js2Py library (code execution risk)
Please upgrade to 1.8.0 immediately.
Versions 1.6.6 to 1.7.1 are vulnerable to code execution. If you are running a vulnerable version, a malicious website owner could craft a page which executes arbitrary Python code on the machine that runs this script. This can only occur if the website that the user attempts to scrape has specifically prepared a page to exploit vulnerable versions of cfscrape.
Diffstat (limited to 'www/py-cfscrape')
| -rw-r--r-- | www/py-cfscrape/Makefile | 12 | ||||
| -rw-r--r-- | www/py-cfscrape/distinfo | 10 |
2 files changed, 12 insertions, 10 deletions
diff --git a/www/py-cfscrape/Makefile b/www/py-cfscrape/Makefile index a04d4eace5f..c648194f4aa 100644 --- a/www/py-cfscrape/Makefile +++ b/www/py-cfscrape/Makefile @@ -1,8 +1,8 @@ -# $NetBSD: Makefile,v 1.1 2017/02/07 23:52:16 joerg Exp $ +# $NetBSD: Makefile,v 1.2 2017/07/28 07:04:36 adam Exp $ -DISTNAME= cfscrape-1.6.8 +DISTNAME= cfscrape-1.8.0 PKGNAME= ${PYPKGPREFIX}-${DISTNAME} -CATEGORIES= python www net +CATEGORIES= www net python MASTER_SITES= ${MASTER_SITE_PYPI:=c/cfscrape/} MAINTAINER= pkgsrc-users@NetBSD.org @@ -10,8 +10,10 @@ HOMEPAGE= http://pypi.python.org/pypi/cfscrape/ COMMENT= Python module for dealing with Cloudfare protection LICENSE= mit -DEPENDS+= ${PYPKGPREFIX}-requests-[0-9]*:../../devel/py-requests -DEPENDS+= ${PYPKGPREFIX}-js2py-[0-9]*:../../lang/py-js2py +DEPENDS+= ${PYPKGPREFIX}-execjs>=1.4.0:../../lang/py-execjs +DEPENDS+= ${PYPKGPREFIX}-requests>=2.0.0:../../devel/py-requests + +USE_LANGUAGES= # none .include "../../lang/python/egg.mk" .include "../../mk/bsd.pkg.mk" diff --git a/www/py-cfscrape/distinfo b/www/py-cfscrape/distinfo index c2656f0df84..03f05123e09 100644 --- a/www/py-cfscrape/distinfo +++ b/www/py-cfscrape/distinfo @@ -1,6 +1,6 @@ -$NetBSD: distinfo,v 1.1 2017/02/07 23:52:16 joerg Exp $ +$NetBSD: distinfo,v 1.2 2017/07/28 07:04:36 adam Exp $ -SHA1 (cfscrape-1.6.8.tar.gz) = dd4d9d3754bfbb10e5ce92b7d14733d2f6436036 -RMD160 (cfscrape-1.6.8.tar.gz) = e74493116b2432b53a5862b27bd4a59af5359f3b -SHA512 (cfscrape-1.6.8.tar.gz) = 9531403e941d3f7d3149012594ebadc0b6570d8419eb61bf2b53864fc467cc475f9601673fded545a195abf78d74ff1c9f715ac4504e391e82ba55589780832f -Size (cfscrape-1.6.8.tar.gz) = 3202 bytes +SHA1 (cfscrape-1.8.0.tar.gz) = 96d213cb2d576bd91ddb6d115ca03eadf2b3d8a7 +RMD160 (cfscrape-1.8.0.tar.gz) = ee4ea6853ec02dd53c613d4b73111386facf8acb +SHA512 (cfscrape-1.8.0.tar.gz) = 1305eac9b61658d8625cbadcdf0f780d72e9504b01b1269a5beebe7d1958f7d0b114f0cd7654cf569781ddca660bbc397199d9ab377a86bb182f95674bec3077 +Size (cfscrape-1.8.0.tar.gz) = 3495 bytes |