[Buildroot] [PATCH 1/1] python-autobahn: bump to version 19.1.1

Buildroot Archive on lore.kernel.org
 help / color / mirror / Atom feed

* [Buildroot] [PATCH 1/1] python-autobahn: bump to version 19.1.1
@ 2019-01-12 17:42 Asaf Kahlon
  2019-01-12 17:42 ` [Buildroot] [PATCH 1/1] python-crossbar: " Asaf Kahlon
                   ` (3 more replies)
  0 siblings, 4 replies; 8+ messages in thread
From: Asaf Kahlon @ 2019-01-12 17:42 UTC (permalink / raw)
  To: buildroot

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
---
 package/python-autobahn/python-autobahn.hash | 4 ++--
 package/python-autobahn/python-autobahn.mk   | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/package/python-autobahn/python-autobahn.hash b/package/python-autobahn/python-autobahn.hash
index f6023ab2ee..dce40f160e 100644
--- a/package/python-autobahn/python-autobahn.hash
+++ b/package/python-autobahn/python-autobahn.hash
@@ -1,5 +1,5 @@
 # md5, sha256 from https://pypi.org/pypi/autobahn/json
-md5	51b416c5503127911d9d8f1254967d44  autobahn-18.12.1.tar.gz
-sha256	bec9e04c97536a6c0044965db4a478672a01c4adee0aa84d9c4a0945b2adc879  autobahn-18.12.1.tar.gz
+md5	b296b8ae0f42e7df8052b28d574ede82  autobahn-19.1.1.tar.gz
+sha256	aebbadb700c13792a2967c79002855d1153b9ec8f2949d169e908388699596ff  autobahn-19.1.1.tar.gz
 # Locally computed sha256 checksums
 sha256	0387eefce570453daaa60633f28676003731eeca28b2d0a0071c628e3a0004ef  LICENSE
diff --git a/package/python-autobahn/python-autobahn.mk b/package/python-autobahn/python-autobahn.mk
index 6d51ede723..213e0314c9 100644
--- a/package/python-autobahn/python-autobahn.mk
+++ b/package/python-autobahn/python-autobahn.mk
@@ -4,9 +4,9 @@
 #
 ################################################################################
 
-PYTHON_AUTOBAHN_VERSION = 18.12.1
+PYTHON_AUTOBAHN_VERSION = 19.1.1
 PYTHON_AUTOBAHN_SOURCE = autobahn-$(PYTHON_AUTOBAHN_VERSION).tar.gz
-PYTHON_AUTOBAHN_SITE = https://files.pythonhosted.org/packages/76/5b/ab59e271a11a08d02b1a3a3b777f7dde442cf89b169bbc67219016a84e7e
+PYTHON_AUTOBAHN_SITE = https://files.pythonhosted.org/packages/66/cc/1e2b20dc6654d9a87fc30da36bfae687ec65428814378c44257a26fe5f2f
 PYTHON_AUTOBAHN_LICENSE = MIT
 PYTHON_AUTOBAHN_LICENSE_FILES = LICENSE
 PYTHON_AUTOBAHN_SETUP_TYPE = setuptools
-- 
2.19.1

^ permalink raw reply related	[flat|nested] 8+ messages in thread

* [Buildroot] [PATCH 1/1] python-crossbar: bump to version 19.1.1
  2019-01-12 17:42 [Buildroot] [PATCH 1/1] python-autobahn: bump to version 19.1.1 Asaf Kahlon
@ 2019-01-12 17:42 ` Asaf Kahlon
  2019-01-13 13:15   ` Thomas Petazzoni
  2019-01-12 17:42 ` [Buildroot] [PATCH 1/1] python-engineio: bump to version 3.2.3 Asaf Kahlon
                   ` (2 subsequent siblings)
  3 siblings, 1 reply; 8+ messages in thread
From: Asaf Kahlon @ 2019-01-12 17:42 UTC (permalink / raw)
  To: buildroot

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
---
 package/python-crossbar/python-crossbar.hash | 4 ++--
 package/python-crossbar/python-crossbar.mk   | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/package/python-crossbar/python-crossbar.hash b/package/python-crossbar/python-crossbar.hash
index 4b73f81338..665cc25d1f 100644
--- a/package/python-crossbar/python-crossbar.hash
+++ b/package/python-crossbar/python-crossbar.hash
@@ -1,5 +1,5 @@
 # md5, sha256 from https://pypi.org/pypi/crossbar/json
-md5	2f48f40f7a43eced7cb74353a303c3db  crossbar-18.11.2.tar.gz
-sha256	8236f207222167747de006784a431cfa546f98b51f47e82cd71e7008f5a09690  crossbar-18.11.2.tar.gz
+md5	83c025eb8f1406642503aa590edabaf2  crossbar-19.1.1.tar.gz
+sha256	6b30970f8cbd6962581790444b19a0743f0c589bd441e727623e8a7004a8679b  crossbar-19.1.1.tar.gz
 # Locally computed
 sha256  57c8ff33c9c0cfc3ef00e650a1cc910d7ee479a8bc509f6c9209a7c2a11399d6  LICENSE
diff --git a/package/python-crossbar/python-crossbar.mk b/package/python-crossbar/python-crossbar.mk
index 2a796f201f..787d0f9441 100644
--- a/package/python-crossbar/python-crossbar.mk
+++ b/package/python-crossbar/python-crossbar.mk
@@ -4,9 +4,9 @@
 #
 ################################################################################
 
-PYTHON_CROSSBAR_VERSION = 18.11.2
+PYTHON_CROSSBAR_VERSION = 19.1.1
 PYTHON_CROSSBAR_SOURCE = crossbar-$(PYTHON_CROSSBAR_VERSION).tar.gz
-PYTHON_CROSSBAR_SITE = https://files.pythonhosted.org/packages/f8/c7/1388883cb64db073c4878e0c83afedf785fd22e4cebc96523e105a000088
+PYTHON_CROSSBAR_SITE = https://files.pythonhosted.org/packages/38/55/54ac74ca6b4a3b0fe5919fd7ee787c444ce79d8dca58d561ea3f8e185782
 PYTHON_CROSSBAR_LICENSE = AGPL-3.0
 PYTHON_CROSSBAR_LICENSE_FILES = LICENSE
 PYTHON_CROSSBAR_SETUP_TYPE = setuptools
-- 
2.19.1

^ permalink raw reply related	[flat|nested] 8+ messages in thread

* [Buildroot] [PATCH 1/1] python-engineio: bump to version 3.2.3
  2019-01-12 17:42 [Buildroot] [PATCH 1/1] python-autobahn: bump to version 19.1.1 Asaf Kahlon
  2019-01-12 17:42 ` [Buildroot] [PATCH 1/1] python-crossbar: " Asaf Kahlon
@ 2019-01-12 17:42 ` Asaf Kahlon
  2019-01-13 13:15   ` Thomas Petazzoni
  2019-01-12 17:42 ` [Buildroot] [PATCH 1/1] python-pyyaml: security bump to 4.2b4 Asaf Kahlon
  2019-01-13 13:15 ` [Buildroot] [PATCH 1/1] python-autobahn: bump to version 19.1.1 Thomas Petazzoni
  3 siblings, 1 reply; 8+ messages in thread
From: Asaf Kahlon @ 2019-01-12 17:42 UTC (permalink / raw)
  To: buildroot

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
---
 package/python-engineio/python-engineio.hash | 4 ++--
 package/python-engineio/python-engineio.mk   | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/package/python-engineio/python-engineio.hash b/package/python-engineio/python-engineio.hash
index b92b908a64..3b16d7ef61 100644
--- a/package/python-engineio/python-engineio.hash
+++ b/package/python-engineio/python-engineio.hash
@@ -1,5 +1,5 @@
 # md5, sha256 from https://pypi.org/pypi/python-engineio/json
-md5	203f9b530086c83b6948d750c080d14e  python-engineio-3.1.1.tar.gz
-sha256	3ec885307c404ff97d14dbdbf1461ede14c70c5adb015b2c97666819edbeef81  python-engineio-3.1.1.tar.gz
+md5	ba0fd43c77028bd6fed4ee1004f37c71  python-engineio-3.2.3.tar.gz
+sha256	401458bb0046d950c429dac3ef82ce12e3ff1236f63b4bbb344d60a1b51c4e94  python-engineio-3.2.3.tar.gz
 # Locally computed sha256 checksums
 sha256	c9e97d3dbc1fbbcdb4f7808b282cd646db887aff4f5313fe6bbe8d4c31405a9c  LICENSE
diff --git a/package/python-engineio/python-engineio.mk b/package/python-engineio/python-engineio.mk
index de9070a55d..8d4e344247 100644
--- a/package/python-engineio/python-engineio.mk
+++ b/package/python-engineio/python-engineio.mk
@@ -4,8 +4,8 @@
 #
 ################################################################################
 
-PYTHON_ENGINEIO_VERSION = 3.1.1
-PYTHON_ENGINEIO_SITE = https://files.pythonhosted.org/packages/c7/fd/9dad6c1794be838c05610c04e869bca9a3e0d94145ac71e57a9345a784b9
+PYTHON_ENGINEIO_VERSION = 3.2.3
+PYTHON_ENGINEIO_SITE = https://files.pythonhosted.org/packages/e6/1e/64fd629f8215b81bf0e5682504ebbbd10d1d48e52ee30d053484b6e91421
 PYTHON_ENGINEIO_SETUP_TYPE = setuptools
 PYTHON_ENGINEIO_LICENSE = MIT
 PYTHON_ENGINEIO_LICENSE_FILES = LICENSE
-- 
2.19.1

^ permalink raw reply related	[flat|nested] 8+ messages in thread

* [Buildroot] [PATCH 1/1] python-pyyaml: security bump to 4.2b4
  2019-01-12 17:42 [Buildroot] [PATCH 1/1] python-autobahn: bump to version 19.1.1 Asaf Kahlon
  2019-01-12 17:42 ` [Buildroot] [PATCH 1/1] python-crossbar: " Asaf Kahlon
  2019-01-12 17:42 ` [Buildroot] [PATCH 1/1] python-engineio: bump to version 3.2.3 Asaf Kahlon
@ 2019-01-12 17:42 ` Asaf Kahlon
  2019-01-13 13:15   ` Thomas Petazzoni
  2019-01-13 13:15 ` [Buildroot] [PATCH 1/1] python-autobahn: bump to version 19.1.1 Thomas Petazzoni
  3 siblings, 1 reply; 8+ messages in thread
From: Asaf Kahlon @ 2019-01-12 17:42 UTC (permalink / raw)
  To: buildroot

Fixes CVE-2017-18342: In PyYAML before 4.1, the yaml.load() API
could execute arbitrary code.

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
---
 package/python-pyyaml/python-pyyaml.hash | 4 ++--
 package/python-pyyaml/python-pyyaml.mk   | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/package/python-pyyaml/python-pyyaml.hash b/package/python-pyyaml/python-pyyaml.hash
index 47a379ce6a..256742feb6 100644
--- a/package/python-pyyaml/python-pyyaml.hash
+++ b/package/python-pyyaml/python-pyyaml.hash
@@ -1,3 +1,3 @@
 # md5, sha256 from https://pypi.python.org/pypi/pyyaml/json
-md5 b78b96636d68ac581c0e2f38158c224f PyYAML-3.13.tar.gz
-sha256 3ef3092145e9b70e3ddd2c7ad59bdd0252a94dfe3949721633e41344de00a6bf PyYAML-3.13.tar.gz
+md5 a842bc7391e145bbe4e7fd0d32da1132 PyYAML-4.2b4.tar.gz
+sha256 3c17fb92c8ba2f525e4b5f7941d850e7a48c3a59b32d331e2502a3cdc6648e76 PyYAML-4.2b4.tar.gz
diff --git a/package/python-pyyaml/python-pyyaml.mk b/package/python-pyyaml/python-pyyaml.mk
index cbf8df7b2d..95f0f0bb9e 100644
--- a/package/python-pyyaml/python-pyyaml.mk
+++ b/package/python-pyyaml/python-pyyaml.mk
@@ -4,9 +4,9 @@
 #
 ################################################################################
 
-PYTHON_PYYAML_VERSION = 3.13
+PYTHON_PYYAML_VERSION = 4.2b4
 PYTHON_PYYAML_SOURCE = PyYAML-$(PYTHON_PYYAML_VERSION).tar.gz
-PYTHON_PYYAML_SITE = https://files.pythonhosted.org/packages/9e/a3/1d13970c3f36777c583f136c136f804d70f500168edc1edea6daa7200769
+PYTHON_PYYAML_SITE = https://files.pythonhosted.org/packages/a8/c6/a8d1555e795dbd0375c3c93b576ca13bbf139db51ea604afa19a2c35fc03
 PYTHON_PYYAML_SETUP_TYPE = distutils
 PYTHON_PYYAML_LICENSE = MIT
 PYTHON_PYYAML_LICENSE_FILES = LICENSE
-- 
2.19.1

^ permalink raw reply related	[flat|nested] 8+ messages in thread

* [Buildroot] [PATCH 1/1] python-autobahn: bump to version 19.1.1
  2019-01-12 17:42 [Buildroot] [PATCH 1/1] python-autobahn: bump to version 19.1.1 Asaf Kahlon
                   ` (2 preceding siblings ...)
  2019-01-12 17:42 ` [Buildroot] [PATCH 1/1] python-pyyaml: security bump to 4.2b4 Asaf Kahlon
@ 2019-01-13 13:15 ` Thomas Petazzoni
  3 siblings, 0 replies; 8+ messages in thread
From: Thomas Petazzoni @ 2019-01-13 13:15 UTC (permalink / raw)
  To: buildroot

Hello,

On Sat, 12 Jan 2019 19:42:24 +0200, Asaf Kahlon wrote:
> Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
> ---
>  package/python-autobahn/python-autobahn.hash | 4 ++--
>  package/python-autobahn/python-autobahn.mk   | 4 ++--
>  2 files changed, 4 insertions(+), 4 deletions(-)

Applied to master, thanks.

Thomas
-- 
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com

^ permalink raw reply	[flat|nested] 8+ messages in thread

* [Buildroot] [PATCH 1/1] python-crossbar: bump to version 19.1.1
  2019-01-12 17:42 ` [Buildroot] [PATCH 1/1] python-crossbar: " Asaf Kahlon
@ 2019-01-13 13:15   ` Thomas Petazzoni
  0 siblings, 0 replies; 8+ messages in thread
From: Thomas Petazzoni @ 2019-01-13 13:15 UTC (permalink / raw)
  To: buildroot

Hello,

On Sat, 12 Jan 2019 19:42:25 +0200, Asaf Kahlon wrote:
> Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
> ---
>  package/python-crossbar/python-crossbar.hash | 4 ++--
>  package/python-crossbar/python-crossbar.mk   | 4 ++--
>  2 files changed, 4 insertions(+), 4 deletions(-)

Applied to master, thanks.

Thomas
-- 
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com

^ permalink raw reply	[flat|nested] 8+ messages in thread

* [Buildroot] [PATCH 1/1] python-engineio: bump to version 3.2.3
  2019-01-12 17:42 ` [Buildroot] [PATCH 1/1] python-engineio: bump to version 3.2.3 Asaf Kahlon
@ 2019-01-13 13:15   ` Thomas Petazzoni
  0 siblings, 0 replies; 8+ messages in thread
From: Thomas Petazzoni @ 2019-01-13 13:15 UTC (permalink / raw)
  To: buildroot

Hello,

On Sat, 12 Jan 2019 19:42:26 +0200, Asaf Kahlon wrote:
> Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
> ---
>  package/python-engineio/python-engineio.hash | 4 ++--
>  package/python-engineio/python-engineio.mk   | 4 ++--
>  2 files changed, 4 insertions(+), 4 deletions(-)

Applied to master, thanks.

Thomas
-- 
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com

^ permalink raw reply	[flat|nested] 8+ messages in thread

* [Buildroot] [PATCH 1/1] python-pyyaml: security bump to 4.2b4
  2019-01-12 17:42 ` [Buildroot] [PATCH 1/1] python-pyyaml: security bump to 4.2b4 Asaf Kahlon
@ 2019-01-13 13:15   ` Thomas Petazzoni
  0 siblings, 0 replies; 8+ messages in thread
From: Thomas Petazzoni @ 2019-01-13 13:15 UTC (permalink / raw)
  To: buildroot

Hello,

On Sat, 12 Jan 2019 19:42:27 +0200, Asaf Kahlon wrote:
> Fixes CVE-2017-18342: In PyYAML before 4.1, the yaml.load() API
> could execute arbitrary code.
> 
> Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
> ---
>  package/python-pyyaml/python-pyyaml.hash | 4 ++--
>  package/python-pyyaml/python-pyyaml.mk   | 4 ++--
>  2 files changed, 4 insertions(+), 4 deletions(-)

Applied to master, thanks.

Thomas
-- 
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com

^ permalink raw reply	[flat|nested] 8+ messages in thread

end of thread, other threads:[~2019-01-13 13:15 UTC | newest]

Thread overview: 8+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2019-01-12 17:42 [Buildroot] [PATCH 1/1] python-autobahn: bump to version 19.1.1 Asaf Kahlon
2019-01-12 17:42 ` [Buildroot] [PATCH 1/1] python-crossbar: " Asaf Kahlon
2019-01-13 13:15   ` Thomas Petazzoni
2019-01-12 17:42 ` [Buildroot] [PATCH 1/1] python-engineio: bump to version 3.2.3 Asaf Kahlon
2019-01-13 13:15   ` Thomas Petazzoni
2019-01-12 17:42 ` [Buildroot] [PATCH 1/1] python-pyyaml: security bump to 4.2b4 Asaf Kahlon
2019-01-13 13:15   ` Thomas Petazzoni
2019-01-13 13:15 ` [Buildroot] [PATCH 1/1] python-autobahn: bump to version 19.1.1 Thomas Petazzoni

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox