[Bug 237501] devel/py-yaml: Update to 5.1
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Wed Apr 24 15:34:47 UTC 2019
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=237501
--- Comment #4 from commit-hook at freebsd.org ---
A commit references this bug:
Author: jpaetzel
Date: Wed Apr 24 15:33:51 UTC 2019
New revision: 499857
URL: https://svnweb.freebsd.org/changeset/ports/499857
Log:
Update to 5.1
https://github.com/yaml/pyyaml/blob/5.1/announcement.msg
=======================
Announcing PyYAML-5.1
=======================
A new MAJOR RELEASE of PyYAML is now available:
https://pypi.org/project/PyYAML/
This is the first major release of PyYAML under the new maintenance team.
Among the many changes listed below, this release specifically addresses the
arbitrary code execution issue raised by:
https://nvd.nist.gov/vuln/detail/CVE-2017-18342
(See https://github.com/yaml/pyyaml/wiki/PyYAML-yaml.load(input)-Deprecation
for complete details).
...
PR: 237501
Reported by: sergey at akhmatov.ru
Changes:
head/devel/py-yaml/Makefile
head/devel/py-yaml/distinfo
--
You are receiving this mail because:
You are on the CC list for the bug.
More information about the freebsd-python
mailing list