Re: git: 3dda704910d4 - main - devel/py-setuptools: fix CVE-2022-40897 backporting a patch

Reply: Eugene Grosbein : "Re: git: 3dda704910d4 - main - devel/py-setuptools: fix CVE-2022-40897 backporting a patch"
In reply to: Eugene Grosbein : "git: 3dda704910d4 - main - devel/py-setuptools: fix CVE-2022-40897 backporting a patch"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Charlie Li <vishwin_at_freebsd.org>
Date: Thu, 22 Jun 2023 13:28:07 UTC

Eugene Grosbein wrote:
> The branch main has been updated by eugen:
> 
> URL: https://cgit.FreeBSD.org/ports/commit/?id=3dda704910d48411e072f7c58b8530dcd56bc5a9
> 
> commit 3dda704910d48411e072f7c58b8530dcd56bc5a9
> Author:     Eugene Grosbein <eugen@FreeBSD.org>
> AuthorDate: 2023-06-22 13:13:03 +0000
> Commit:     Eugene Grosbein <eugen@FreeBSD.org>
> CommitDate: 2023-06-22 13:24:12 +0000
> 
>      devel/py-setuptools: fix CVE-2022-40897 backporting a patch
>      
>      This commit integrates one-line upstream fix for the problem:
>      https://github.com/pypa/setuptools/commit/43a9c9bfa6aa626ec2a22540bea28d2ca77964be.diff
>      
>      Our port has not been fixed for several months making users unhappy.
>      It's upto the maintainer to update the port, this commit does not update it.
>      
>      Bump PORTREVISION and adjust VuXML entry.
>      Due to the nature of the problem and fix there is no need in updating consumers.
Thanks for beating me to it. Both setuptools{58,44} will also need the 
backport given that they apply.

-- 
Charlie Li
…nope, still don't have an exit line.