Update to 5.3.1

This release contains a security fix for CVE-2020-1747. FullLoader was still exploitable for arbitrary command execution. https://bugzilla.redhat.com/show_bug.cgi?id=1807367 Thanks to Riccardo Schirone (https://github.com/ret2libc) for both reporting this and providing the fixes to resolve it. - yaml/pyyaml#386 PR: 245937 Submitted by: [email protected] MFH: 2020Q2 Security: http://vuxml.freebsd.org/freebsd/aae8fecf-888e-11ea-9714-08002718de91.html
truenas · Aug 10, 2020 · dfa7209 · dfa7209
1 parent bd3ff24
commit dfa7209
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 4 deletions.
diff --git a/devel/py-yaml/Makefile b/devel/py-yaml/Makefile
@@ -2,7 +2,7 @@
 # $FreeBSD$
 
 PORTNAME=	yaml
-PORTVERSION=	5.2
+PORTVERSION=	5.3.1
 CATEGORIES=	devel python
 MASTER_SITES=	CHEESESHOP
 PKGNAMEPREFIX=	${PYTHON_PKGNAMEPREFIX}

diff --git a/devel/py-yaml/distinfo b/devel/py-yaml/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1575414761
-SHA256 (PyYAML-5.2.tar.gz) = c0ee8eca2c582d29c3c2ec6e2c4f703d1b7f1fb10bc72317355a746057e7346c
-SIZE (PyYAML-5.2.tar.gz) = 265687
+TIMESTAMP = 1587917471
+SHA256 (PyYAML-5.3.1.tar.gz) = b8eac752c5e14d3eca0e6dd9199cd627518cb5ec06add0de9d32baeee6fe645d
+SIZE (PyYAML-5.3.1.tar.gz) = 269377