Received: by mail.netbsd.org (Postfix, from userid 605)
	id 5F403852BD; Fri,  2 Feb 2024 20:17:26 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
	by mail.netbsd.org (Postfix) with ESMTP id 90BF784E5B
	for <pkgsrc-changes@NetBSD.org>; Fri,  2 Feb 2024 20:17:25 +0000 (UTC)
X-Virus-Scanned: amavisd-new at netbsd.org
Received: from mail.netbsd.org ([IPv6:::1])
	by localhost (mail.netbsd.org [IPv6:::1]) (amavisd-new, port 10025)
	with ESMTP id P8l-D4ia2NW5 for <pkgsrc-changes@netbsd.org>;
	Fri,  2 Feb 2024 20:17:25 +0000 (UTC)
Received: from cvs.NetBSD.org (ivanova.NetBSD.org [IPv6:2001:470:a085:999:28c:faff:fe03:5984])
	by mail.netbsd.org (Postfix) with ESMTP id E33E584D14
	for <pkgsrc-changes@NetBSD.org>; Fri,  2 Feb 2024 20:17:24 +0000 (UTC)
Received: by cvs.NetBSD.org (Postfix, from userid 500)
	id DA554FA42; Fri,  2 Feb 2024 20:17:24 +0000 (UTC)
Content-Transfer-Encoding: 7bit
Content-Type: multipart/mixed; boundary="_----------=_1706905044168220"
MIME-Version: 1.0
Date: Fri, 2 Feb 2024 20:17:24 +0000
From: "Adam Ciarcinski" <adam@netbsd.org>
Subject: CVS commit: pkgsrc/sysutils/salt
To: pkgsrc-changes@NetBSD.org
Reply-To: adam@netbsd.org
X-Mailer: log_accum
Message-Id: <20240202201724.DA554FA42@cvs.NetBSD.org>
Sender: pkgsrc-changes-owner@NetBSD.org
List-Id: <pkgsrc-changes.NetBSD.org>
Precedence: bulk
List-Unsubscribe: <mailto:majordomo@NetBSD.org?subject=Unsubscribe%20pkgsrc-changes&body=unsubscribe%20pkgsrc-changes>

This is a multi-part message in MIME format.

--_----------=_1706905044168220
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="US-ASCII"

Module Name:	pkgsrc
Committed By:	adam
Date:		Fri Feb  2 20:17:24 UTC 2024

Modified Files:
	pkgsrc/sysutils/salt: Makefile Makefile.common distinfo

Log Message:
salt: updated to 3006.6

SALT 3006.6 RELEASE NOTES

CHANGED

Salt no longer time bombs user installations on code using salt.utils.versions.warn_until_date

FIXED

Fix un-closed transport in tornado netapi

SECURITY

CVE-2024-22231 Prevent directory traversal when creating syndic cache directory on the master CVE-2024-22232 Prevent directory traversal attacks in the master's serve_file method. These vulerablities were discovered and reported by: Yudi Zhao(Huawei Nebula Security Lab),Chenwei Jiang(Huawei Nebula Security Lab)

Update some requirements which had some security issues:

Bump to pycryptodome==3.19.1 and pycryptodomex==3.19.1 due to https://github.com/advisories/GHSA-j225-cvw7-qrx7

Bump to gitpython==3.1.41 due to https://github.com/advisories/GHSA-2mqj-m65w-jghx

Bump to jinja2==3.1.3 due to https://github.com/advisories/GHSA-h5c8-rqwp-cp95


To generate a diff of this commit:
cvs rdiff -u -r1.83 -r1.84 pkgsrc/sysutils/salt/Makefile
cvs rdiff -u -r1.2 -r1.3 pkgsrc/sysutils/salt/Makefile.common
cvs rdiff -u -r1.48 -r1.49 pkgsrc/sysutils/salt/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


--_----------=_1706905044168220
Content-Disposition: inline
Content-Length: 2649
Content-Transfer-Encoding: binary
Content-Type: text/x-diff; charset=us-ascii

Modified files:

Index: pkgsrc/sysutils/salt/Makefile
diff -u pkgsrc/sysutils/salt/Makefile:1.83 pkgsrc/sysutils/salt/Makefile:1.84
--- pkgsrc/sysutils/salt/Makefile:1.83	Mon Jan 22 16:35:25 2024
+++ pkgsrc/sysutils/salt/Makefile	Fri Feb  2 20:17:24 2024
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.83 2024/01/22 16:35:25 adam Exp $
+# $NetBSD: Makefile,v 1.84 2024/02/02 20:17:24 adam Exp $
 
 .include "Makefile.common"
 
@@ -15,11 +15,11 @@ DEPENDS+=	${PYPKGPREFIX}-packaging>=21.3
 DEPENDS+=	${PYPKGPREFIX}-psutil>=5.0.0:../../sysutils/py-psutil
 DEPENDS+=	${PYPKGPREFIX}-requests>=2.5.0:../../devel/py-requests
 DEPENDS+=	${PYPKGPREFIX}-yaml-[0-9]*:../../textproc/py-yaml
-DEPENDS+=	${PYPKGPREFIX}-zmq>=19.0.2:../../net/py-zmq
+DEPENDS+=	${PYPKGPREFIX}-zmq>=20.0.0:../../net/py-zmq
 
 USE_PKG_RESOURCES=	yes
 
-PYTHON_VERSIONS_INCOMPATIBLE=	27 312
+PYTHON_VERSIONS_INCOMPATIBLE=	27
 
 BUILD_DEFS+=	VARBASE
 

Index: pkgsrc/sysutils/salt/Makefile.common
diff -u pkgsrc/sysutils/salt/Makefile.common:1.2 pkgsrc/sysutils/salt/Makefile.common:1.3
--- pkgsrc/sysutils/salt/Makefile.common:1.2	Mon Jan 22 16:35:25 2024
+++ pkgsrc/sysutils/salt/Makefile.common	Fri Feb  2 20:17:24 2024
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile.common,v 1.2 2024/01/22 16:35:25 adam Exp $
+# $NetBSD: Makefile.common,v 1.3 2024/02/02 20:17:24 adam Exp $
 # used by sysutils/salt/Makefile
 # used by sysutils/salt-docs/Makefile
 
-DISTNAME=	salt-3006.5
+DISTNAME=	salt-3006.6
 CATEGORIES=	sysutils python
 MASTER_SITES=	${MASTER_SITE_PYPI:=s/salt/}
 

Index: pkgsrc/sysutils/salt/distinfo
diff -u pkgsrc/sysutils/salt/distinfo:1.48 pkgsrc/sysutils/salt/distinfo:1.49
--- pkgsrc/sysutils/salt/distinfo:1.48	Mon Jan 22 16:35:25 2024
+++ pkgsrc/sysutils/salt/distinfo	Fri Feb  2 20:17:24 2024
@@ -1,7 +1,7 @@
-$NetBSD: distinfo,v 1.48 2024/01/22 16:35:25 adam Exp $
+$NetBSD: distinfo,v 1.49 2024/02/02 20:17:24 adam Exp $
 
-BLAKE2s (salt-3006.5.tar.gz) = a56c0daf6a1dbe8c15d6cca6550e7a4287adcf47121d2048a3ee0da587dc6cb3
-SHA512 (salt-3006.5.tar.gz) = 8aaf5c5d36d8aa17b3fe867cee470f7b3c5dd1f6abaf5bdb49a3df76d3498d0dc1fa305a069bc95ad057489db229454b38b0ea9c1ade1e46b5d9b57aeef10c23
-Size (salt-3006.5.tar.gz) = 20536455 bytes
+BLAKE2s (salt-3006.6.tar.gz) = 19897a284347b3899c37c4e9b689038a0277406626f9f5b45c3b17ace71645ff
+SHA512 (salt-3006.6.tar.gz) = 05a3d853789cb8a890e3922a86e7336a7b4a1897af5022411907bd80a4d184d3061a658952ffe12b4d774b492f4bd79f218dd335eaa90eba1476638c861185f2
+Size (salt-3006.6.tar.gz) = 20531374 bytes
 SHA1 (patch-salt_utils_rsax931.py) = 3dd9bed9900908999b2c0b8e6347ce01fa4c62d5
 SHA1 (patch-salt_version.py) = 45f9552d286ec03a38efe9e6655ff520334f31db


--_----------=_1706905044168220--