* [Buildroot] [PATCH 1/1] package/python-urllib3: security bump to version 2.0.7
@ 2023-10-28 20:00 Fabrice Fontaine
2023-10-30 19:09 ` Peter Korsgaard
0 siblings, 1 reply; 2+ messages in thread
From: Fabrice Fontaine @ 2023-10-28 20:00 UTC (permalink / raw)
To: buildroot; +Cc: James Hilliard, Fabrice Fontaine, Asaf Kahlon
Fix CVE-2023-43804 and CVE-2023-45803
https://github.com/urllib3/urllib3/security/advisories/GHSA-v845-jxx5-vc9f
https://github.com/urllib3/urllib3/security/advisories/GHSA-g4mx-q9vg-27p4
https://github.com/urllib3/urllib3/blob/2.0.7/CHANGES.rst
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
package/python-urllib3/python-urllib3.hash | 4 ++--
package/python-urllib3/python-urllib3.mk | 4 ++--
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/package/python-urllib3/python-urllib3.hash b/package/python-urllib3/python-urllib3.hash
index 2da7abdf29..209cfe277e 100644
--- a/package/python-urllib3/python-urllib3.hash
+++ b/package/python-urllib3/python-urllib3.hash
@@ -1,5 +1,5 @@
# md5, sha256 from https://pypi.org/pypi/urllib3/json
-md5 5d541b944febe50221e24c31cd6e887d urllib3-2.0.4.tar.gz
-sha256 8d22f86aae8ef5e410d4f539fde9ce6b2113a001bb4d189e0aed70642d602b11 urllib3-2.0.4.tar.gz
+md5 5a264ef3ae827e5842bbc80536a343dd urllib3-2.0.7.tar.gz
+sha256 c97dfde1f7bd43a71c8d2a58e369e9b2bf692d1334ea9f9cae55add7d0dd0f84 urllib3-2.0.7.tar.gz
# Locally computed sha256 checksums
sha256 130e3a64d5fdd5d096a752694634a7d9df284469de86e5732100268041e3d686 LICENSE.txt
diff --git a/package/python-urllib3/python-urllib3.mk b/package/python-urllib3/python-urllib3.mk
index 7ff58d9a4a..ba041082db 100644
--- a/package/python-urllib3/python-urllib3.mk
+++ b/package/python-urllib3/python-urllib3.mk
@@ -4,9 +4,9 @@
#
################################################################################
-PYTHON_URLLIB3_VERSION = 2.0.4
+PYTHON_URLLIB3_VERSION = 2.0.7
PYTHON_URLLIB3_SOURCE = urllib3-$(PYTHON_URLLIB3_VERSION).tar.gz
-PYTHON_URLLIB3_SITE = https://files.pythonhosted.org/packages/31/ab/46bec149bbd71a4467a3063ac22f4486ecd2ceb70ae8c70d5d8e4c2a7946
+PYTHON_URLLIB3_SITE = https://files.pythonhosted.org/packages/af/47/b215df9f71b4fdba1025fc05a77db2ad243fa0926755a52c5e71659f4e3c
PYTHON_URLLIB3_LICENSE = MIT
PYTHON_URLLIB3_LICENSE_FILES = LICENSE.txt
PYTHON_URLLIB3_CPE_ID_VENDOR = python
--
2.42.0
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply related [flat|nested] 2+ messages in thread
end of thread, other threads:[~2023-10-30 19:09 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-10-28 20:00 [Buildroot] [PATCH 1/1] package/python-urllib3: security bump to version 2.0.7 Fabrice Fontaine
2023-10-30 19:09 ` Peter Korsgaard
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox