Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id AE76484D52 for ; Wed, 7 Jun 2023 13:25:54 +0000 (UTC) X-Virus-Scanned: amavisd-new at netbsd.org Received: from mail.netbsd.org ([IPv6:::1]) by localhost (mail.netbsd.org [IPv6:::1]) (amavisd-new, port 10025) with ESMTP id CAfHlfBNbJM8 for ; Wed, 7 Jun 2023 13:25:53 +0000 (UTC) Received: from cvs.NetBSD.org (ivanova.NetBSD.org [IPv6:2001:470:a085:999:28c:faff:fe03:5984]) by mail.netbsd.org (Postfix) with ESMTP id 56B3A84D3D for ; Wed, 7 Jun 2023 13:25:53 +0000 (UTC) Received: by cvs.NetBSD.org (Postfix, from userid 500) id 547EBFA89; Wed, 7 Jun 2023 13:25:53 +0000 (UTC) Content-Transfer-Encoding: 7bit Content-Type: multipart/mixed; boundary="_----------=_1686144353214170" MIME-Version: 1.0 Date: Wed, 7 Jun 2023 13:25:53 +0000 From: "Adam Ciarcinski" Subject: CVS commit: pkgsrc/lang To: pkgsrc-changes@NetBSD.org Approved: commit_and_comment Reply-To: adam@netbsd.org X-Mailer: log_accum Message-Id: <20230607132553.547EBFA89@cvs.NetBSD.org> This is a multi-part message in MIME format. --_----------=_1686144353214170 Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII" Module Name: pkgsrc Committed By: adam Date: Wed Jun 7 13:25:53 UTC 2023 Modified Files: pkgsrc/lang/py39-html-docs: Makefile PLIST distinfo pkgsrc/lang/python39: PLIST dist.mk distinfo Log Message: python39 py39-html-docs: updated to 3.9.17 Python 3.9.17 Security gh-103142: The version of OpenSSL used in our binary builds has been upgraded to 1.1.1u to address several CVEs. gh-99889: Fixed a security in flaw in uu.decode() that could allow for directory traversal based on the input if no out_file was specified. gh-104049: Do not expose the local on-disk location in directory indexes produced by http.client.SimpleHTTPRequestHandler. gh-102153: urllib.parse.urlsplit() now strips leading C0 control and space characters following the specification for URLs defined by WHATWG in response to CVE-2023-24329. Patch by Illia Volochii. gh-101727: Updated the OpenSSL version used in Windows and macOS binary release builds to 1.1.1t to address CVE-2023-0286, CVE-2022-4303, and CVE-2022-4303 per the OpenSSL 2023-02-07 security advisory. gh-101283: subprocess.Popen now uses a safer approach to find cmd.exe when launching with shell=True. Patch by Eryk Sun, based on a patch by Oleg Iarygin. Core and Builtins gh-102126: Fix deadlock at shutdown when clearing thread states if any finalizer tries to acquire the runtime head lock. Patch by Kumar Aditya. gh-100892: Fix race while iterating over thread states in clearing threading.local. Patch by Kumar Aditya. Library gh-103935: Use io.open_code() for files to be executed instead of raw open() gh-102953: The extraction methods in tarfile, and shutil.unpack_archive(), have a new a filter argument that allows limiting tar features than may be surprising or dangerous, such as creating files outside the destination directory. See Extraction filters for details. gh-101997: Upgrade pip wheel bundled with ensurepip (pip 23.0.1) Windows gh-100180: Update Windows installer to OpenSSL 1.1.1s macOS gh-103142: Update macOS installer to use OpenSSL 1.1.1u. To generate a diff of this commit: cvs rdiff -u -r1.17 -r1.18 pkgsrc/lang/py39-html-docs/Makefile cvs rdiff -u -r1.5 -r1.6 pkgsrc/lang/py39-html-docs/PLIST cvs rdiff -u -r1.19 -r1.20 pkgsrc/lang/py39-html-docs/distinfo cvs rdiff -u -r1.12 -r1.13 pkgsrc/lang/python39/PLIST cvs rdiff -u -r1.17 -r1.18 pkgsrc/lang/python39/dist.mk cvs rdiff -u -r1.33 -r1.34 pkgsrc/lang/python39/distinfo Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. --_----------=_1686144353214170 Content-Disposition: inline Content-Length: 6065 Content-Transfer-Encoding: binary Content-Type: text/x-diff; charset=us-ascii Modified files: Index: pkgsrc/lang/py39-html-docs/Makefile diff -u pkgsrc/lang/py39-html-docs/Makefile:1.17 pkgsrc/lang/py39-html-docs/Makefile:1.18 --- pkgsrc/lang/py39-html-docs/Makefile:1.17 Wed Dec 7 11:52:43 2022 +++ pkgsrc/lang/py39-html-docs/Makefile Wed Jun 7 13:25:53 2023 @@ -1,6 +1,6 @@ -# $NetBSD: Makefile,v 1.17 2022/12/07 11:52:43 adam Exp $ +# $NetBSD: Makefile,v 1.18 2023/06/07 13:25:53 adam Exp $ -VERS= 3.9.16 +VERS= 3.9.17 DISTNAME= python-${VERS}-docs-html PKGNAME= py39-html-docs-${VERS} CATEGORIES= lang python Index: pkgsrc/lang/py39-html-docs/PLIST diff -u pkgsrc/lang/py39-html-docs/PLIST:1.5 pkgsrc/lang/py39-html-docs/PLIST:1.6 --- pkgsrc/lang/py39-html-docs/PLIST:1.5 Wed May 18 08:07:32 2022 +++ pkgsrc/lang/py39-html-docs/PLIST Wed Jun 7 13:25:53 2023 @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.5 2022/05/18 08:07:32 adam Exp $ +@comment $NetBSD: PLIST,v 1.6 2023/06/07 13:25:53 adam Exp $ share/doc/python3.9/.buildinfo share/doc/python3.9/_downloads/6b45dc135219d1404be49d606589a11d/tzinfo_examples.py share/doc/python3.9/_images/hashlib-blake2-tree.png @@ -496,7 +496,6 @@ share/doc/python3.9/_sources/whatsnew/3. share/doc/python3.9/_sources/whatsnew/changelog.rst.txt share/doc/python3.9/_sources/whatsnew/index.rst.txt share/doc/python3.9/_static/basic.css -share/doc/python3.9/_static/caret-down.svg share/doc/python3.9/_static/changelog_search.js share/doc/python3.9/_static/classic.css share/doc/python3.9/_static/copybutton.js @@ -514,9 +513,11 @@ share/doc/python3.9/_static/plus.png share/doc/python3.9/_static/py.png share/doc/python3.9/_static/py.svg share/doc/python3.9/_static/pydoctheme.css +share/doc/python3.9/_static/pydoctheme_dark.css share/doc/python3.9/_static/pygments.css share/doc/python3.9/_static/searchtools.js share/doc/python3.9/_static/sidebar.js +share/doc/python3.9/_static/themetoggle.js share/doc/python3.9/_static/underscore-1.3.1.js share/doc/python3.9/_static/underscore.js share/doc/python3.9/about.html Index: pkgsrc/lang/py39-html-docs/distinfo diff -u pkgsrc/lang/py39-html-docs/distinfo:1.19 pkgsrc/lang/py39-html-docs/distinfo:1.20 --- pkgsrc/lang/py39-html-docs/distinfo:1.19 Wed Dec 7 11:52:43 2022 +++ pkgsrc/lang/py39-html-docs/distinfo Wed Jun 7 13:25:53 2023 @@ -1,5 +1,5 @@ -$NetBSD: distinfo,v 1.19 2022/12/07 11:52:43 adam Exp $ +$NetBSD: distinfo,v 1.20 2023/06/07 13:25:53 adam Exp $ -BLAKE2s (python-3.9.16-docs-html.tar.bz2) = f85c7e45082bd0bb328ff537bc066b72652f10aebca75efcebb6287b0601ceea -SHA512 (python-3.9.16-docs-html.tar.bz2) = 38828ca880e3ed84a705dba465430f1b9623fec830662805008847c5d44ce04225ea7c2173d3eb138fd98e134fa2bb9ed84788e2b1d045bf9cf20e78e12d4472 -Size (python-3.9.16-docs-html.tar.bz2) = 6965048 bytes +BLAKE2s (python-3.9.17-docs-html.tar.bz2) = 314134ad0c69e6d7bfde8dd71c66a2bfb211dbac440a896b37084bb0946e66fa +SHA512 (python-3.9.17-docs-html.tar.bz2) = 900b82f558b08058390d52b18aa2bcee4a8e74fa9555e36fc924c822506c80f002e90d51b1e6263c0dde612937b6d419e76952288ad923ffcca8562c927a8e76 +Size (python-3.9.17-docs-html.tar.bz2) = 7021842 bytes Index: pkgsrc/lang/python39/PLIST diff -u pkgsrc/lang/python39/PLIST:1.12 pkgsrc/lang/python39/PLIST:1.13 --- pkgsrc/lang/python39/PLIST:1.12 Wed Sep 7 15:33:19 2022 +++ pkgsrc/lang/python39/PLIST Wed Jun 7 13:25:52 2023 @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.12 2022/09/07 15:33:19 adam Exp $ +@comment $NetBSD: PLIST,v 1.13 2023/06/07 13:25:52 adam Exp $ bin/2to3-${PY_VER_SUFFIX} bin/pydoc${PY_VER_SUFFIX} bin/python${PY_VER_SUFFIX} @@ -1420,7 +1420,7 @@ lib/python${PY_VER_SUFFIX}/ensurepip/__m lib/python${PY_VER_SUFFIX}/ensurepip/_bundled/__init__.py lib/python${PY_VER_SUFFIX}/ensurepip/_bundled/__init__.pyc lib/python${PY_VER_SUFFIX}/ensurepip/_bundled/__init__.pyo -lib/python${PY_VER_SUFFIX}/ensurepip/_bundled/pip-22.0.4-py3-none-any.whl +lib/python${PY_VER_SUFFIX}/ensurepip/_bundled/pip-23.0.1-py3-none-any.whl lib/python${PY_VER_SUFFIX}/ensurepip/_bundled/setuptools-58.1.0-py3-none-any.whl lib/python${PY_VER_SUFFIX}/ensurepip/_uninstall.py lib/python${PY_VER_SUFFIX}/ensurepip/_uninstall.pyc Index: pkgsrc/lang/python39/dist.mk diff -u pkgsrc/lang/python39/dist.mk:1.17 pkgsrc/lang/python39/dist.mk:1.18 --- pkgsrc/lang/python39/dist.mk:1.17 Wed Dec 7 11:52:43 2022 +++ pkgsrc/lang/python39/dist.mk Wed Jun 7 13:25:52 2023 @@ -1,8 +1,8 @@ -# $NetBSD: dist.mk,v 1.17 2022/12/07 11:52:43 adam Exp $ +# $NetBSD: dist.mk,v 1.18 2023/06/07 13:25:52 adam Exp $ -PY_DISTVERSION= 3.9.16 +PY_DISTVERSION= 3.9.17 DISTNAME= Python-${PY_DISTVERSION} EXTRACT_SUFX= .tar.xz DISTINFO_FILE= ${.CURDIR}/../../lang/python39/distinfo PATCHDIR= ${.CURDIR}/../../lang/python39/patches -MASTER_SITES= http://www.python.org/ftp/python/${PY_DISTVERSION}/ +MASTER_SITES= https://www.python.org/ftp/python/${PY_DISTVERSION}/ Index: pkgsrc/lang/python39/distinfo diff -u pkgsrc/lang/python39/distinfo:1.33 pkgsrc/lang/python39/distinfo:1.34 --- pkgsrc/lang/python39/distinfo:1.33 Wed Dec 7 11:52:43 2022 +++ pkgsrc/lang/python39/distinfo Wed Jun 7 13:25:52 2023 @@ -1,8 +1,8 @@ -$NetBSD: distinfo,v 1.33 2022/12/07 11:52:43 adam Exp $ +$NetBSD: distinfo,v 1.34 2023/06/07 13:25:52 adam Exp $ -BLAKE2s (Python-3.9.16.tar.xz) = 3d8279b0e86ea0e1a991cc1bb55758f17affd814db57a76729a40896e9fddaea -SHA512 (Python-3.9.16.tar.xz) = b5fd0afe131c82bbce6ddf887c59eef6945910d6a9a2bc87c0927f4e4a096bf9ca4d25bcb729c40f6ebb8a65fbe8bf7b0b97a7c4a8c9e551240eb4f34b878653 -Size (Python-3.9.16.tar.xz) = 19738796 bytes +BLAKE2s (Python-3.9.17.tar.xz) = 673e9344380a7d7bb9de760d7d7e768e6f0cd6c3f3e8eda32f330a8c7ae78433 +SHA512 (Python-3.9.17.tar.xz) = 994d92346e563a4635411808744eac8207c68e6fc9c1db1c2eb4103dad8553aaad4a8116e38c61f28cb17905a12cc46dccdde985e1c45882bf1815081b88b6be +Size (Python-3.9.17.tar.xz) = 19647312 bytes SHA1 (patch-Lib_ctypes_util.py) = 032cc99ebad93ddddfd89073c60424a952e3faa3 SHA1 (patch-Lib_distutils_sysconfig.py) = 6822eafb4dfded86d7f7353831816aeb8119e6cf SHA1 (patch-Lib_distutils_unixccompiler.py) = 2e65a8dd5dd3fe25957206c062106fa7a6fc4e69 --_----------=_1686144353214170--