[PR PATCH] python3-bleach: update to 3.2.1

[PR PATCH] python3-bleach: update to 3.2.1

[ndowens]

[-- Attachment #1: Type: text/plain, Size: 341 bytes --]

There is a new pull request by ndowens against master on the void-packages repository

https://github.com/ndowens/void-packages python-bleach
https://github.com/void-linux/void-packages/pull/26468

python3-bleach: update to 3.2.1
Fixes CVE-2020-6816

A patch file from https://github.com/void-linux/void-packages/pull/26468.patch is attached

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-python-bleach-26468.patch --]
[-- Type: text/x-diff, Size: 1112 bytes --]

From ce253f746c0c1675f2a139709f0eb9d888757533 Mon Sep 17 00:00:00 2001
From: Nathan Owens <ndowens@artixlinux.org>
Date: Tue, 17 Nov 2020 17:16:51 -0600
Subject: [PATCH] python3-bleach: update to 3.2.1

Fixes CVE-2020-6816
---
 srcpkgs/python3-bleach/template | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/srcpkgs/python3-bleach/template b/srcpkgs/python3-bleach/template
index 34ba5371b45..e85c9a35e86 100644
--- a/srcpkgs/python3-bleach/template
+++ b/srcpkgs/python3-bleach/template
@@ -1,7 +1,7 @@
 # Template file for 'python3-bleach'
 pkgname=python3-bleach
-version=3.1.1
-revision=3
+version=3.2.1
+revision=1
 wrksrc="bleach-${version}"
 build_style=python3-module
 hostmakedepends="python3-setuptools"
@@ -12,4 +12,4 @@ license="Apache-2.0"
 homepage="https://github.com/mozilla/bleach"
 changelog="https://raw.githubusercontent.com/mozilla/bleach/master/CHANGES"
 distfiles="${PYPI_SITE}/b/bleach/bleach-${version}.tar.gz"
-checksum=aa8b870d0f46965bac2c073a93444636b0e1ca74e9777e34f03dd494b8a59d48
+checksum=52b5919b81842b1854196eaae5ca29679a2f2e378905c346d3ca8227c2c66080

Re: python3-bleach: update to 3.2.1

[Chocimier]

[-- Attachment #1: Type: text/plain, Size: 184 bytes --]

New comment by Chocimier on void-packages repository

https://github.com/void-linux/void-packages/pull/26468#issuecomment-729897310

Comment:
fails to import without python3-packaging

Re: [PR PATCH] [Updated] python3-bleach: update to 3.2.1

[ndowens]

[-- Attachment #1: Type: text/plain, Size: 493 bytes --]

There is an updated pull request by ndowens against master on the void-packages repository

https://github.com/ndowens/void-packages python-bleach
https://github.com/void-linux/void-packages/pull/26468

python3-bleach: update to 3.2.1
Fixes CVE-2020-6816

Synapse seemed to run fine with this version and also tested against another python package that uses this as a checkdepend and tests ran fine.

A patch file from https://github.com/void-linux/void-packages/pull/26468.patch is attached

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-python-bleach-26468.patch --]
[-- Type: text/x-diff, Size: 1319 bytes --]

From 47439ebbad18db3950e21832d31f95725f0f3143 Mon Sep 17 00:00:00 2001
From: Nathan Owens <ndowens@artixlinux.org>
Date: Tue, 17 Nov 2020 17:16:51 -0600
Subject: [PATCH] python3-bleach: update to 3.2.1

Fixes CVE-2020-6816
---
 srcpkgs/python3-bleach/template | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/srcpkgs/python3-bleach/template b/srcpkgs/python3-bleach/template
index 34ba5371b45..e1951883ea8 100644
--- a/srcpkgs/python3-bleach/template
+++ b/srcpkgs/python3-bleach/template
@@ -1,15 +1,16 @@
 # Template file for 'python3-bleach'
 pkgname=python3-bleach
-version=3.1.1
-revision=3
+version=3.2.1
+revision=1
 wrksrc="bleach-${version}"
 build_style=python3-module
 hostmakedepends="python3-setuptools"
-depends="python3-six python3-webencodings"
+depends="python3-six python3-webencodings
+ python3-packaging"
 short_desc="Easy safelist-based HTML-sanitizing tool (Python3)"
 maintainer="Orphaned <orphan@voidlinux.org>"
 license="Apache-2.0"
 homepage="https://github.com/mozilla/bleach"
 changelog="https://raw.githubusercontent.com/mozilla/bleach/master/CHANGES"
 distfiles="${PYPI_SITE}/b/bleach/bleach-${version}.tar.gz"
-checksum=aa8b870d0f46965bac2c073a93444636b0e1ca74e9777e34f03dd494b8a59d48
+checksum=52b5919b81842b1854196eaae5ca29679a2f2e378905c346d3ca8227c2c66080

Re: [PR PATCH] [Merged]: python3-bleach: update to 3.2.1

[Chocimier]

[-- Attachment #1: Type: text/plain, Size: 331 bytes --]

There's a merged pull request on the void-packages repository

python3-bleach: update to 3.2.1
https://github.com/void-linux/void-packages/pull/26468

Description:
Fixes CVE-2020-6816

Synapse seemed to run fine with this version and also tested against another python package that uses this as a checkdepend and tests ran fine.