From dec4e2d0e8416533343284366e816fa418b33d94 Mon Sep 17 00:00:00 2001 From: Peter Korsgaard Date: Wed, 4 Apr 2018 17:51:32 +0200 Subject: python-webpy: security bump to version 0.39 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit >From the changelog: 2018-02-28 0.39 * Fixed a security issue with the form module (tx Orange Tsai) * Fixed a security issue with the db module (tx Adrián Brav and Orange Tsai) 2016-07-08 0.38 .. * Fixed a potential remote exeution risk in `reparam` (tx Adrián Brav) License files are still not included on pypi, so continue to use the git repo. Upstream has unfortunately not tagged 0.39, so use the latest commit on the 0.39 branch. A request to fix this has been submitted: https://github.com/webpy/webpy/issues/449 0.39 now uses setuptools, so change the _SETUP_TYPE. Add hashes for the license files. Signed-off-by: Peter Korsgaard Signed-off-by: Thomas Petazzoni (cherry picked from commit ce559162fca39c273583bea0dbed643229769d8c) Signed-off-by: Peter Korsgaard --- package/python-webpy/python-webpy.mk | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'package/python-webpy/python-webpy.mk') diff --git a/package/python-webpy/python-webpy.mk b/package/python-webpy/python-webpy.mk index 8bcc8ec37f..1e67cd6fd8 100644 --- a/package/python-webpy/python-webpy.mk +++ b/package/python-webpy/python-webpy.mk @@ -4,9 +4,10 @@ # ################################################################################ -PYTHON_WEBPY_VERSION = webpy-0.37 +# corresponds to 0.39 +PYTHON_WEBPY_VERSION = 6df75fe581e0e838d28334d5c53f52421560d38b PYTHON_WEBPY_SITE = $(call github,webpy,webpy,$(PYTHON_WEBPY_VERSION)) -PYTHON_WEBPY_SETUP_TYPE = distutils +PYTHON_WEBPY_SETUP_TYPE = setuptools PYTHON_WEBPY_LICENSE = Public Domain, CherryPy License PYTHON_WEBPY_LICENSE_FILES = LICENSE.txt web/wsgiserver/LICENSE.txt -- cgit v1.2.3 From 9a095026c17a10e3e474d94674f6501afd54c5eb Mon Sep 17 00:00:00 2001 From: Peter Korsgaard Date: Thu, 5 Apr 2018 08:42:15 +0200 Subject: python-webpy: use webpy-0.39 tag No functional change, but upstream has now tagged the release, so use the tag instead of the sha1. https://github.com/webpy/webpy/issues/449 Signed-off-by: Peter Korsgaard (cherry picked from commit 01320bb9ff297bac38a4c9bc32ae505ac79d600f) Signed-off-by: Peter Korsgaard --- package/python-webpy/python-webpy.hash | 2 +- package/python-webpy/python-webpy.mk | 3 +-- 2 files changed, 2 insertions(+), 3 deletions(-) (limited to 'package/python-webpy/python-webpy.mk') diff --git a/package/python-webpy/python-webpy.hash b/package/python-webpy/python-webpy.hash index 30a14f4705..70981e0cb4 100644 --- a/package/python-webpy/python-webpy.hash +++ b/package/python-webpy/python-webpy.hash @@ -1,4 +1,4 @@ # Locally computed -sha256 e17ac483846fb15629c76c43cf64c0b65eac3c870dca2251801b459b1e4e12b8 python-webpy-6df75fe581e0e838d28334d5c53f52421560d38b.tar.gz +sha256 f074241a0b839408a0b9840ade1198e16fbd6aa6393a48a0e84f73b545baab9a python-webpy-webpy-0.39.tar.gz sha256 3826fd531a9b904841f5e3560fcda7e93f2ab8d11ef124ec65e10625efa26c34 LICENSE.txt sha256 7347fd17bfd33c4093c31dc77076733e1e0150ce8c13296c56dc042bbecede84 web/wsgiserver/LICENSE.txt diff --git a/package/python-webpy/python-webpy.mk b/package/python-webpy/python-webpy.mk index 1e67cd6fd8..192ba5727f 100644 --- a/package/python-webpy/python-webpy.mk +++ b/package/python-webpy/python-webpy.mk @@ -4,8 +4,7 @@ # ################################################################################ -# corresponds to 0.39 -PYTHON_WEBPY_VERSION = 6df75fe581e0e838d28334d5c53f52421560d38b +PYTHON_WEBPY_VERSION = webpy-0.39 PYTHON_WEBPY_SITE = $(call github,webpy,webpy,$(PYTHON_WEBPY_VERSION)) PYTHON_WEBPY_SETUP_TYPE = setuptools PYTHON_WEBPY_LICENSE = Public Domain, CherryPy License -- cgit v1.2.3