[PR PATCH] python-reportlab: update to 3.5.42 (CVE-2019-17626)

Github messages for voidlinux
 help / color / mirror / Atom feed

* [PR PATCH] python-reportlab: update to 3.5.42 (CVE-2019-17626)
@ 2020-04-25 11:46 pullmoll
  2020-04-25 11:50 ` [PR PATCH] [Updated] " pullmoll
                   ` (3 more replies)
  0 siblings, 4 replies; 5+ messages in thread
From: pullmoll @ 2020-04-25 11:46 UTC (permalink / raw)
  To: ml

[-- Attachment #1: Type: text/plain, Size: 340 bytes --]

There is a new pull request by pullmoll against master on the void-packages repository

https://github.com/pullmoll/void-packages reportlab
https://github.com/void-linux/void-packages/pull/21326

python-reportlab: update to 3.5.42 (CVE-2019-17626)


A patch file from https://github.com/void-linux/void-packages/pull/21326.patch is attached

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-reportlab-21326.patch --]
[-- Type: text/x-diff, Size: 1163 bytes --]

From ea0e8a1d2aa57ac43d8951d5aee6305e067b4c6f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=BCrgen=20Buchm=C3=BCller?= <pullmoll@t-online.de>
Date: Sat, 25 Apr 2020 13:45:27 +0200
Subject: [PATCH] python-reportlab: update to 3.5.42 (CVE-2019-17626)

---
 srcpkgs/python-reportlab/template | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/srcpkgs/python-reportlab/template b/srcpkgs/python-reportlab/template
index 3915767b6d3..75d01c0b6e8 100644
--- a/srcpkgs/python-reportlab/template
+++ b/srcpkgs/python-reportlab/template
@@ -1,7 +1,7 @@
 # Template file for 'python-reportlab'
 pkgname=python-reportlab
-version=3.5.23
-revision=2
+version=3.5.42
+revision=1
 wrksrc="reportlab-${version}"
 build_style=python-module
 pycompile_module="reportlab"
@@ -13,7 +13,7 @@ maintainer="Alessio Sergi <al3hex@gmail.com>"
 license="BSD-3-Clause"
 homepage="https://www.reportlab.com/"
 distfiles="${PYPI_SITE}/r/reportlab/reportlab-${version}.tar.gz"
-checksum=6c81ee26753fa09062d8404f6340eefb02849608b619e3843e0d17a7cda8798f
+checksum=9c21f202697a6cea57b9d716288fc919d99cbabeb30222eebfc7ff77eac32744
 
 post_install() {
 	vlicense LICENSE.txt

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PR PATCH] [Updated] python-reportlab: update to 3.5.42 (CVE-2019-17626)
  2020-04-25 11:46 [PR PATCH] python-reportlab: update to 3.5.42 (CVE-2019-17626) pullmoll
@ 2020-04-25 11:50 ` pullmoll
  2020-04-26  3:57 ` sgn
                   ` (2 subsequent siblings)
  3 siblings, 0 replies; 5+ messages in thread
From: pullmoll @ 2020-04-25 11:50 UTC (permalink / raw)
  To: ml

[-- Attachment #1: Type: text/plain, Size: 345 bytes --]

There is an updated pull request by pullmoll against master on the void-packages repository

https://github.com/pullmoll/void-packages reportlab
https://github.com/void-linux/void-packages/pull/21326

python-reportlab: update to 3.5.42 (CVE-2019-17626)


A patch file from https://github.com/void-linux/void-packages/pull/21326.patch is attached

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-reportlab-21326.patch --]
[-- Type: text/x-diff, Size: 1547 bytes --]

From 19563ee1112b5c0a6d14c34ca41d533fd7d459e6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=BCrgen=20Buchm=C3=BCller?= <pullmoll@t-online.de>
Date: Sat, 25 Apr 2020 13:45:27 +0200
Subject: [PATCH] python-reportlab: update to 3.5.42 (CVE-2019-17626)

---
 srcpkgs/python-reportlab/template | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/srcpkgs/python-reportlab/template b/srcpkgs/python-reportlab/template
index 3915767b6d3..5ba341aed29 100644
--- a/srcpkgs/python-reportlab/template
+++ b/srcpkgs/python-reportlab/template
@@ -1,10 +1,9 @@
 # Template file for 'python-reportlab'
 pkgname=python-reportlab
-version=3.5.23
-revision=2
+version=3.5.42
+revision=1
 wrksrc="reportlab-${version}"
 build_style=python-module
-pycompile_module="reportlab"
 hostmakedepends="python-setuptools python3-setuptools freetype-devel"
 makedepends="python-devel python3-devel freetype-devel libart-devel"
 depends="python-Pillow"
@@ -13,7 +12,7 @@ maintainer="Alessio Sergi <al3hex@gmail.com>"
 license="BSD-3-Clause"
 homepage="https://www.reportlab.com/"
 distfiles="${PYPI_SITE}/r/reportlab/reportlab-${version}.tar.gz"
-checksum=6c81ee26753fa09062d8404f6340eefb02849608b619e3843e0d17a7cda8798f
+checksum=9c21f202697a6cea57b9d716288fc919d99cbabeb30222eebfc7ff77eac32744
 
 post_install() {
 	vlicense LICENSE.txt
@@ -21,7 +20,6 @@ post_install() {
 
 python3-reportlab_package() {
 	depends="python3-Pillow"
-	pycompile_module="reportlab"
 	short_desc="${short_desc/Python2/Python3}"
 	pkg_install() {
 		vmove usr/lib/python3*

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: python-reportlab: update to 3.5.42 (CVE-2019-17626)
  2020-04-25 11:46 [PR PATCH] python-reportlab: update to 3.5.42 (CVE-2019-17626) pullmoll
  2020-04-25 11:50 ` [PR PATCH] [Updated] " pullmoll
@ 2020-04-26  3:57 ` sgn
  2020-04-26  4:13 ` sgn
  2020-04-26 13:52 ` [PR PATCH] [Merged]: " pullmoll
  3 siblings, 0 replies; 5+ messages in thread
From: sgn @ 2020-04-26  3:57 UTC (permalink / raw)
  To: ml

[-- Attachment #1: Type: text/plain, Size: 310 bytes --]

New comment by sgn on void-packages repository

https://github.com/void-linux/void-packages/pull/21326#issuecomment-619477348

Comment:
I've never used this package before.
Change looks fine.

But, the dist files make it impossible to run check.

The vulnerability lies in `colors.py` and is disappeared.

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: python-reportlab: update to 3.5.42 (CVE-2019-17626)
  2020-04-25 11:46 [PR PATCH] python-reportlab: update to 3.5.42 (CVE-2019-17626) pullmoll
  2020-04-25 11:50 ` [PR PATCH] [Updated] " pullmoll
  2020-04-26  3:57 ` sgn
@ 2020-04-26  4:13 ` sgn
  2020-04-26 13:52 ` [PR PATCH] [Merged]: " pullmoll
  3 siblings, 0 replies; 5+ messages in thread
From: sgn @ 2020-04-26  4:13 UTC (permalink / raw)
  To: ml

[-- Attachment #1: Type: text/plain, Size: 162 bytes --]

New comment by sgn on void-packages repository

https://github.com/void-linux/void-packages/pull/21326#issuecomment-619478544

Comment:
So, I think this is fine.

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PR PATCH] [Merged]: python-reportlab: update to 3.5.42 (CVE-2019-17626)
  2020-04-25 11:46 [PR PATCH] python-reportlab: update to 3.5.42 (CVE-2019-17626) pullmoll
                   ` (2 preceding siblings ...)
  2020-04-26  4:13 ` sgn
@ 2020-04-26 13:52 ` pullmoll
  3 siblings, 0 replies; 5+ messages in thread
From: pullmoll @ 2020-04-26 13:52 UTC (permalink / raw)
  To: ml

[-- Attachment #1: Type: text/plain, Size: 185 bytes --]

There's a merged pull request on the void-packages repository

python-reportlab: update to 3.5.42 (CVE-2019-17626)
https://github.com/void-linux/void-packages/pull/21326

Description:


^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2020-04-26 13:52 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-04-25 11:46 [PR PATCH] python-reportlab: update to 3.5.42 (CVE-2019-17626) pullmoll
2020-04-25 11:50 ` [PR PATCH] [Updated] " pullmoll
2020-04-26  3:57 ` sgn
2020-04-26  4:13 ` sgn
2020-04-26 13:52 ` [PR PATCH] [Merged]: " pullmoll

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).