[Bug 237501] devel/py-yaml: Update to 5.1
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Wed May 29 15:12:06 UTC 2019
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=237501
--- Comment #9 from commit-hook at freebsd.org ---
A commit references this bug:
Author: jpaetzel
Date: Wed May 29 15:11:11 UTC 2019
New revision: 502966
URL: https://svnweb.freebsd.org/changeset/ports/502966
Log:
MFH: r499857
Update to 5.1
https://github.com/yaml/pyyaml/blob/5.1/announcement.msg
=======================
Announcing PyYAML-5.1
=======================
A new MAJOR RELEASE of PyYAML is now available:
https://pypi.org/project/PyYAML/
This is the first major release of PyYAML under the new maintenance team.
Among the many changes listed below, this release specifically addresses the
arbitrary code execution issue raised by:
https://nvd.nist.gov/vuln/detail/CVE-2017-18342
(See https://github.com/yaml/pyyaml/wiki/PyYAML-yaml.load(input)-Deprecation
for complete details).
...
PR: 237501
Reported by: sergey at akhmatov.ru
Approved by: ports-secteam (joneum)
Security: f6ea18bb-65b9-11e9-8b31-002590045d9c
Changes:
_U branches/2019Q2/
branches/2019Q2/devel/py-yaml/Makefile
branches/2019Q2/devel/py-yaml/distinfo
--
You are receiving this mail because:
You are on the CC list for the bug.
More information about the freebsd-python
mailing list