qutebrowser update to 1.11.1, fixes CVE-2020-11054

To: pkgsrc-wip-changes%NetBSD.org@localhost
Subject: qutebrowser update to 1.11.1, fixes CVE-2020-11054
From: pin <voidpin%protonmail.com@localhost>
Date: Tue, 12 May 2020 13:38:05 +0000

Module Name:	pkgsrc-wip
Committed By:	pin <voidpin%protonmail.com@localhost>
Pushed By:	pin
Date:		Tue May 12 15:38:05 2020 +0200
Changeset:	5b7af903df9750abe378bc2baae222b31ab79d5e

Modified Files:
	qutebrowser/Makefile
	qutebrowser/distinfo
Removed Files:
	qutebrowser/TODO

Log Message:
qutebrowser update to 1.11.1, fixes CVE-2020-11054

CVE-2020-11054: After a certificate error was overridden by the user,
qutebrowser displays the URL as yellow (colors.statusbar.url.warn.fg).
However, when the affected website was subsequently loaded again, the URL
was mistakenly displayed as green (colors.statusbar.url.success_https).
While the user already has seen a certificate error prompt at this point
(or set content.ssl_strict to false which is not recommended), this could
still provide a false sense of security. This is now fixed.

To see a diff of this commit:
https://wip.pkgsrc.org/cgi-bin/gitweb.cgi?p=pkgsrc-wip.git;a=commitdiff;h=5b7af903df9750abe378bc2baae222b31ab79d5e

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

diffstat:
 qutebrowser/Makefile | 2 +-
 qutebrowser/TODO     | 2 --
 qutebrowser/distinfo | 8 ++++----
 3 files changed, 5 insertions(+), 7 deletions(-)

diffs:
diff --git a/qutebrowser/Makefile b/qutebrowser/Makefile
index 655322f827..966e173227 100644
--- a/qutebrowser/Makefile
+++ b/qutebrowser/Makefile
@@ -1,6 +1,6 @@
 # $NetBSD$
 
-DISTNAME=	qutebrowser-1.11.0
+DISTNAME=	qutebrowser-1.11.1
 CATEGORIES=	www
 MASTER_SITES=	${MASTER_SITE_GITHUB:=qutebrowser/}
 GITHUB_TAG=	v${PKGVERSION_NOREV}
diff --git a/qutebrowser/TODO b/qutebrowser/TODO
deleted file mode 100644
index c71b0415c3..0000000000
--- a/qutebrowser/TODO
+++ /dev/null
@@ -1,2 +0,0 @@
-This package has known vulnerabilities, please investigate and fix if possible:
-  CVE-2020-11054
diff --git a/qutebrowser/distinfo b/qutebrowser/distinfo
index 28993773a5..5b33085263 100644
--- a/qutebrowser/distinfo
+++ b/qutebrowser/distinfo
@@ -1,6 +1,6 @@
 $NetBSD$
 
-SHA1 (qutebrowser-1.11.0.tar.gz) = 9675dfe27cfabf0a658875336b29ce6bad28164f
-RMD160 (qutebrowser-1.11.0.tar.gz) = cffbff996fa1c3d3e68b861d47e78db45f70d065
-SHA512 (qutebrowser-1.11.0.tar.gz) = d55dd057ad58be67f318fe6bad45b1850a89dc7078bd3a977a88e74ac2450441a80525d2a5fe990bd4726b2b0236dcb958e2018110780d3b2d679f14206f88d2
-Size (qutebrowser-1.11.0.tar.gz) = 3229625 bytes
+SHA1 (qutebrowser-1.11.1.tar.gz) = 4421562ccc7818943bbba88dc4078e4dd2d253ae
+RMD160 (qutebrowser-1.11.1.tar.gz) = d828d15741152a889262b810f82edb6dccc03dd7
+SHA512 (qutebrowser-1.11.1.tar.gz) = 20ccaff5f0130371969ca493efde3d5c558c5b8cf9921f52e5c98a1c49ae5a3fe8f7994f5d886746e9306fd553cf1296ec6456bafd4680d0e435c026d4d08aa8
+Size (qutebrowser-1.11.1.tar.gz) = 3229613 bytes

Prev by Date: kio-extras: Add reference to CVE-2020-12755
Next by Date: doomlegacy-devel: Import code for internal blockmap creation
Previous by Thread: kio-extras: Add reference to CVE-2020-12755
Next by Thread: doomlegacy-devel: Import code for internal blockmap creation
Indexes:

Home | Main Index | Thread Index | Old Index