---
- branch: MAIN
  date: Tue Jul 25 08:17:08 UTC 2017
  files:
  - new: '1.3'
    old: '1.2'
    path: pkgsrc/sysutils/py-supervisor/Makefile
    pathrev: pkgsrc/sysutils/py-supervisor/Makefile@1.3
    type: modified
  - new: '1.3'
    old: '1.2'
    path: pkgsrc/sysutils/py-supervisor/distinfo
    pathrev: pkgsrc/sysutils/py-supervisor/distinfo@1.3
    type: modified
  id: 20170725T081708Z.b0decb86647bf46efbf8907896f31bbd805be426
  log: |
    3.3.3:
    - Fixed CVE-2017-11610.  A vulnerability was found where an authenticated
      client can send a malicious XML-RPC request to ``supervisord`` that will
      run arbitrary shell commands on the server.  The commands will be run as
      the same user as ``supervisord``.  Depending on how ``supervisord`` has been
      configured, this may be root.  See
      https://github.com/Supervisor/supervisor/issues/964 for details.
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/sysutils/py-supervisor'
  unixtime: '1500970628'
  user: adam