CVS commit: pkgsrc/sysutils/py-supervisor

["Adam Ciarcinski" <adam%netbsd.org@localhost>]

Module Name:    pkgsrc
Committed By:   adam
Date:           Tue Jul 25 08:17:08 UTC 2017

Modified Files:
        pkgsrc/sysutils/py-supervisor: Makefile distinfo

Log Message:
3.3.3:
- Fixed CVE-2017-11610.  A vulnerability was found where an authenticated
  client can send a malicious XML-RPC request to ``supervisord`` that will
  run arbitrary shell commands on the server.  The commands will be run as
  the same user as ``supervisord``.  Depending on how ``supervisord`` has been
  configured, this may be root.  See
  https://github.com/Supervisor/supervisor/issues/964 for details.


To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 pkgsrc/sysutils/py-supervisor/Makefile \
    pkgsrc/sysutils/py-supervisor/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/sysutils/py-supervisor/Makefile
diff -u pkgsrc/sysutils/py-supervisor/Makefile:1.2 pkgsrc/sysutils/py-supervisor/Makefile:1.3
--- pkgsrc/sysutils/py-supervisor/Makefile:1.2  Thu Jul 20 17:43:02 2017
+++ pkgsrc/sysutils/py-supervisor/Makefile      Tue Jul 25 08:17:08 2017
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.2 2017/07/20 17:43:02 adam Exp $
+# $NetBSD: Makefile,v 1.3 2017/07/25 08:17:08 adam Exp $
 
-DISTNAME=      supervisor-3.3.2
+DISTNAME=      supervisor-3.3.3
 PKGNAME=       ${PYPKGPREFIX}-${DISTNAME}
 CATEGORIES=    sysutils
 MASTER_SITES=  ${MASTER_SITE_PYPI:=s/supervisor/}
Index: pkgsrc/sysutils/py-supervisor/distinfo
diff -u pkgsrc/sysutils/py-supervisor/distinfo:1.2 pkgsrc/sysutils/py-supervisor/distinfo:1.3
--- pkgsrc/sysutils/py-supervisor/distinfo:1.2  Thu Jul 20 17:43:02 2017
+++ pkgsrc/sysutils/py-supervisor/distinfo      Tue Jul 25 08:17:08 2017
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.2 2017/07/20 17:43:02 adam Exp $
+$NetBSD: distinfo,v 1.3 2017/07/25 08:17:08 adam Exp $
 
-SHA1 (supervisor-3.3.2.tar.gz) = bfdaf044341692a385e95cd31ccbe598a1c7be13
-RMD160 (supervisor-3.3.2.tar.gz) = 902d8c77b0ee43e7714ad436798eefe9eed04238
-SHA512 (supervisor-3.3.2.tar.gz) = 959f045d8da5a263a6990fdc4a93154684c74cca5f49aeb733b86da046a8a3a56981062d16f0ab8177c0e0bb41f137c62e1ae6a52582e76bbe0adb2b8185202c
-Size (supervisor-3.3.2.tar.gz) = 417348 bytes
+SHA1 (supervisor-3.3.3.tar.gz) = 3e54793f3d389f2ab168d49f13e2be0bb39218ff
+RMD160 (supervisor-3.3.3.tar.gz) = e3c074ad60767b93532ff84668f75c58898077a8
+SHA512 (supervisor-3.3.3.tar.gz) = 8285445da8a0ed790fbdf75d988304ab8fcefd9c36975ae6526ec58f511c73cd8707f22b7cff40c3aed5e63f3665d096ed4b5dbc2cc456fe0c5b4547149dbb4a
+Size (supervisor-3.3.3.tar.gz) = 418354 bytes