Update to 2.6.0 for a security issue. 2.6.0 (2015-03-14) ++++++++++++++++++ **Bugfixes** - Fix handling of cookies on redirect. Previously a cookie without a host value set would use the hostname for the redirected URL exposing requests users to session fixation attacks and potentially cookie stealing. This was disclosed privately by Matthew Daley of `BugFuzz <https://bugfuzz.com>`_. An CVE identifier has not yet been assigned for this. This affects all versions of requests from v2.1.0 to v2.5.3 (inclusive on both ends). - Fix error when requests is an ``install_requires`` dependency and ``python setup.py test`` is run. (#2462) - Fix error when urllib3 is unbundled and requests continues to use the vendored import location. - Include fixes to ``urllib3``'s header handling. - Requests' handling of unvendored dependencies is now more restrictive. **Features and Improvements** - Support bytearrays when passed as parameters in the ``files`` argument. (#2468) - Avoid data duplication when creating a request with ``str``, ``bytes``, or ``bytearray`` input to the ``files`` argument.diff -r1.14 -r1.15 pkgsrc/devel/py-requests/Makefile
(wiz)
@@ -1,18 +1,17 @@ | @@ -1,18 +1,17 @@ | |||
1 | # $NetBSD: Makefile,v 1.14 2015/03/15 21:32:27 wiz Exp $ | 1 | # $NetBSD: Makefile,v 1.15 2015/03/16 13:58:37 wiz Exp $ | |
2 | 2 | |||
3 | DISTNAME= requests-2.5.3 | 3 | DISTNAME= requests-2.6.0 | |
4 | PKGNAME= ${PYPKGPREFIX}-${DISTNAME} | 4 | PKGNAME= ${PYPKGPREFIX}-${DISTNAME} | |
5 | PKGREVISION= 1 | |||
6 | CATEGORIES= devel www | 5 | CATEGORIES= devel www | |
7 | MASTER_SITES= https://pypi.python.org/packages/source/r/requests/ | 6 | MASTER_SITES= https://pypi.python.org/packages/source/r/requests/ | |
8 | 7 | |||
9 | MAINTAINER= imil@NetBSD.org | 8 | MAINTAINER= imil@NetBSD.org | |
10 | HOMEPAGE= http://docs.python-requests.org/en/latest/ | 9 | HOMEPAGE= http://docs.python-requests.org/en/latest/ | |
11 | COMMENT= HTTP library, written in Python, for human beings | 10 | COMMENT= HTTP library, written in Python, for human beings | |
12 | LICENSE= apache-2.0 | 11 | LICENSE= apache-2.0 | |
13 | 12 | |||
14 | USE_LANGUAGES= c | 13 | USE_LANGUAGES= c | |
15 | REPLACE_PYTHON= requests/certs.py requests/packages/chardet/chardetect.py | 14 | REPLACE_PYTHON= requests/certs.py requests/packages/chardet/chardetect.py | |
16 | 15 | |||
17 | .include "../../lang/python/application.mk" | 16 | .include "../../lang/python/application.mk" | |
18 | .include "../../lang/python/egg.mk" | 17 | .include "../../lang/python/egg.mk" |
@@ -1,5 +1,5 @@ | @@ -1,5 +1,5 @@ | |||
1 | $NetBSD: distinfo,v 1.8 2015/03/09 16:57:04 imil Exp $ | 1 | $NetBSD: distinfo,v 1.9 2015/03/16 13:58:37 wiz Exp $ | |
2 | 2 | |||
3 | SHA1 (requests-2.5.3.tar.gz) = 9577e27937ff53f1d417d84da75cda17184e1bd0 | 3 | SHA1 (requests-2.6.0.tar.gz) = ad7327c73e8be8c188ad489d511097202b1fef12 | |
4 | RMD160 (requests-2.5.3.tar.gz) = a1217508f5d9f51a851d41686aced41645e0b702 | 4 | RMD160 (requests-2.6.0.tar.gz) = c48db06c7ec348f55e9238b8f37019d8f2345c56 | |
5 | Size (requests-2.5.3.tar.gz) = 448318 bytes | 5 | Size (requests-2.6.0.tar.gz) = 450389 bytes |