From: ndowens <ndowens@users.noreply.github.com>
To: ml@inbox.vuxu.org
Subject: Re: [PR PATCH] [Updated] python3-bleach: update to 3.2.1
Date: Wed, 18 Nov 2020 21:57:50 +0100 [thread overview]
Message-ID: <20201118205750.KVata2BpaHaCY6bJIsvkxyvPAiNv3r0QT2OyLGaAzfc@z> (raw)
In-Reply-To: <gh-mailinglist-notifications-41a7ca26-5023-4802-975b-f1789d68868e-void-packages-26468@inbox.vuxu.org>
[-- Attachment #1: Type: text/plain, Size: 493 bytes --]
There is an updated pull request by ndowens against master on the void-packages repository
https://github.com/ndowens/void-packages python-bleach
https://github.com/void-linux/void-packages/pull/26468
python3-bleach: update to 3.2.1
Fixes CVE-2020-6816
Synapse seemed to run fine with this version and also tested against another python package that uses this as a checkdepend and tests ran fine.
A patch file from https://github.com/void-linux/void-packages/pull/26468.patch is attached
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-python-bleach-26468.patch --]
[-- Type: text/x-diff, Size: 1319 bytes --]
From 47439ebbad18db3950e21832d31f95725f0f3143 Mon Sep 17 00:00:00 2001
From: Nathan Owens <ndowens@artixlinux.org>
Date: Tue, 17 Nov 2020 17:16:51 -0600
Subject: [PATCH] python3-bleach: update to 3.2.1
Fixes CVE-2020-6816
---
srcpkgs/python3-bleach/template | 9 +++++----
1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/srcpkgs/python3-bleach/template b/srcpkgs/python3-bleach/template
index 34ba5371b45..e1951883ea8 100644
--- a/srcpkgs/python3-bleach/template
+++ b/srcpkgs/python3-bleach/template
@@ -1,15 +1,16 @@
# Template file for 'python3-bleach'
pkgname=python3-bleach
-version=3.1.1
-revision=3
+version=3.2.1
+revision=1
wrksrc="bleach-${version}"
build_style=python3-module
hostmakedepends="python3-setuptools"
-depends="python3-six python3-webencodings"
+depends="python3-six python3-webencodings
+ python3-packaging"
short_desc="Easy safelist-based HTML-sanitizing tool (Python3)"
maintainer="Orphaned <orphan@voidlinux.org>"
license="Apache-2.0"
homepage="https://github.com/mozilla/bleach"
changelog="https://raw.githubusercontent.com/mozilla/bleach/master/CHANGES"
distfiles="${PYPI_SITE}/b/bleach/bleach-${version}.tar.gz"
-checksum=aa8b870d0f46965bac2c073a93444636b0e1ca74e9777e34f03dd494b8a59d48
+checksum=52b5919b81842b1854196eaae5ca29679a2f2e378905c346d3ca8227c2c66080
next prev parent reply other threads:[~2020-11-18 20:57 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-11-17 23:16 [PR PATCH] " ndowens
2020-11-18 19:17 ` Chocimier
2020-11-18 20:57 ` ndowens [this message]
2020-11-19 17:09 ` [PR PATCH] [Merged]: " Chocimier
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201118205750.KVata2BpaHaCY6bJIsvkxyvPAiNv3r0QT2OyLGaAzfc@z \
--to=ndowens@users.noreply.github.com \
--cc=ml@inbox.vuxu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).