pkgsrc-Bugs archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: pkg/54883: python-ecdsa 0.15 (important security update)
> When updating packages, if possible please also provide a changelog from
> upstream.
I could not find an upstream change log, unfortunately. It's also jumping several versions.
> Unrelated to the update but I think that EGG_NAME could be removed (I
> think that defining it as ecdsa-${PKGVERSION} is also incorrect for
> possible PKGREVISION bumps), please remove it if that's the case.
Removed.
> The extra requires.txt seems to point out that there is at least a
> missing dependency, please add py-six to DEPENDS in the Makefile.
Added.
> The PLIST is not sorted, please sort it.
Done.
New patch:
commit 72fe11c8f23930b06c6045149c68dac2736e703e
Author: Jonathan Schleifer <js%nil.im@localhost>
Date: Wed Jan 22 01:33:03 2020 +0100
py-ecdsa 0.15, includes important security updates
Also switches the source from GitHub to PyPi, because for whatever
reason, the archive is different. Hashes for the archive from GitHub are
nowhere to be found, and I could not find a single distro that uses the
archive from GitHub instead of PyPi. So instead, I used the PyPi one and
compared the hashes to what Alpine has.
diff --git a/security/py-ecdsa/Makefile b/security/py-ecdsa/Makefile
index 496eb0b8bd5..fb19738c5ca 100644
--- a/security/py-ecdsa/Makefile
+++ b/security/py-ecdsa/Makefile
@@ -1,17 +1,17 @@
# $NetBSD: Makefile,v 1.7 2015/06/29 17:00:00 gls Exp $
-DISTNAME= python-ecdsa-0.13
-PKGNAME= ${PYPKGPREFIX}-ecdsa-0.13
-EGG_NAME= ecdsa-${PKGVERSION}
+DISTNAME= ecdsa-0.15
+PKGNAME= ${PYPKGPREFIX}-ecdsa-0.15
CATEGORIES= security
-MASTER_SITES= https://github.com/warner/python-ecdsa/archive/
+MASTER_SITES= ${MASTER_SITE_PYPI:=e/ecdsa/}
MAINTAINER= gls%NetBSD.org@localhost
HOMEPAGE= https://github.com/warner/python-ecdsa/
COMMENT= Easy-to-use implementation of ECDSA cryptography
LICENSE= mit
-WRKSRC= ${WRKDIR}/python-ecdsa-${DISTNAME}
+DEPENDS+= ${PYPKGPREFIX}-six-[0-9]*:../../lang/py-six
+
USE_LANGUAGES= # none
REPLACE_PYTHON= ecdsa/ecdsa.py ecdsa/ellipticcurve.py ecdsa/numbertheory.py
diff --git a/security/py-ecdsa/PLIST b/security/py-ecdsa/PLIST
index 32517559708..bd61df47360 100644
--- a/security/py-ecdsa/PLIST
+++ b/security/py-ecdsa/PLIST
@@ -1,11 +1,18 @@
-@comment $NetBSD: PLIST,v 1.3 2015/06/29 17:00:00 gls Exp $
+@comment $NetBSD$
${PYSITELIB}/${EGG_INFODIR}/PKG-INFO
${PYSITELIB}/${EGG_INFODIR}/SOURCES.txt
${PYSITELIB}/${EGG_INFODIR}/dependency_links.txt
+${PYSITELIB}/${EGG_INFODIR}/requires.txt
${PYSITELIB}/${EGG_INFODIR}/top_level.txt
${PYSITELIB}/ecdsa/__init__.py
${PYSITELIB}/ecdsa/__init__.pyc
${PYSITELIB}/ecdsa/__init__.pyo
+${PYSITELIB}/ecdsa/_compat.py
+${PYSITELIB}/ecdsa/_compat.pyc
+${PYSITELIB}/ecdsa/_compat.pyo
+${PYSITELIB}/ecdsa/_rwlock.py
+${PYSITELIB}/ecdsa/_rwlock.pyc
+${PYSITELIB}/ecdsa/_rwlock.pyo
${PYSITELIB}/ecdsa/_version.py
${PYSITELIB}/ecdsa/_version.pyc
${PYSITELIB}/ecdsa/_version.pyo
@@ -15,6 +22,9 @@ ${PYSITELIB}/ecdsa/curves.pyo
${PYSITELIB}/ecdsa/der.py
${PYSITELIB}/ecdsa/der.pyc
${PYSITELIB}/ecdsa/der.pyo
+${PYSITELIB}/ecdsa/ecdh.py
+${PYSITELIB}/ecdsa/ecdh.pyc
+${PYSITELIB}/ecdsa/ecdh.pyo
${PYSITELIB}/ecdsa/ecdsa.py
${PYSITELIB}/ecdsa/ecdsa.pyc
${PYSITELIB}/ecdsa/ecdsa.pyo
@@ -30,12 +40,36 @@ ${PYSITELIB}/ecdsa/numbertheory.pyo
${PYSITELIB}/ecdsa/rfc6979.py
${PYSITELIB}/ecdsa/rfc6979.pyc
${PYSITELIB}/ecdsa/rfc6979.pyo
-${PYSITELIB}/ecdsa/six.py
-${PYSITELIB}/ecdsa/six.pyc
-${PYSITELIB}/ecdsa/six.pyo
+${PYSITELIB}/ecdsa/test_der.py
+${PYSITELIB}/ecdsa/test_der.pyc
+${PYSITELIB}/ecdsa/test_der.pyo
+${PYSITELIB}/ecdsa/test_ecdh.py
+${PYSITELIB}/ecdsa/test_ecdh.pyc
+${PYSITELIB}/ecdsa/test_ecdh.pyo
+${PYSITELIB}/ecdsa/test_ecdsa.py
+${PYSITELIB}/ecdsa/test_ecdsa.pyc
+${PYSITELIB}/ecdsa/test_ecdsa.pyo
+${PYSITELIB}/ecdsa/test_ellipticcurve.py
+${PYSITELIB}/ecdsa/test_ellipticcurve.pyc
+${PYSITELIB}/ecdsa/test_ellipticcurve.pyo
+${PYSITELIB}/ecdsa/test_jacobi.py
+${PYSITELIB}/ecdsa/test_jacobi.pyc
+${PYSITELIB}/ecdsa/test_jacobi.pyo
+${PYSITELIB}/ecdsa/test_keys.py
+${PYSITELIB}/ecdsa/test_keys.pyc
+${PYSITELIB}/ecdsa/test_keys.pyo
+${PYSITELIB}/ecdsa/test_malformed_sigs.py
+${PYSITELIB}/ecdsa/test_malformed_sigs.pyc
+${PYSITELIB}/ecdsa/test_malformed_sigs.pyo
+${PYSITELIB}/ecdsa/test_numbertheory.py
+${PYSITELIB}/ecdsa/test_numbertheory.pyc
+${PYSITELIB}/ecdsa/test_numbertheory.pyo
${PYSITELIB}/ecdsa/test_pyecdsa.py
${PYSITELIB}/ecdsa/test_pyecdsa.pyc
${PYSITELIB}/ecdsa/test_pyecdsa.pyo
+${PYSITELIB}/ecdsa/test_rw_lock.py
+${PYSITELIB}/ecdsa/test_rw_lock.pyc
+${PYSITELIB}/ecdsa/test_rw_lock.pyo
${PYSITELIB}/ecdsa/util.py
${PYSITELIB}/ecdsa/util.pyc
${PYSITELIB}/ecdsa/util.pyo
diff --git a/security/py-ecdsa/distinfo b/security/py-ecdsa/distinfo
index aa491f44855..b744ddc02a6 100644
--- a/security/py-ecdsa/distinfo
+++ b/security/py-ecdsa/distinfo
@@ -1,6 +1,6 @@
$NetBSD: distinfo,v 1.7 2015/11/04 01:18:03 agc Exp $
-SHA1 (python-ecdsa-0.13.tar.gz) = f23d77b03f3e62a9298579ccf897a305c618a6f2
-RMD160 (python-ecdsa-0.13.tar.gz) = 7d7e2bb73649dba507f6389b8f909d251346e1fc
-SHA512 (python-ecdsa-0.13.tar.gz) = 540b85bc11963b369a2b77adcae132fbac8d267c34c865207b434f013c3d82a9ed118e22e7ce73f85c2ddd5a629926a29ec1b92b56f2a350bb155b53cdb60244
-Size (python-ecdsa-0.13.tar.gz) = 58966 bytes
+SHA1 (ecdsa-0.15.tar.gz) = 5ac84f3012d807793bcb98a8e9c86c63b9965596
+RMD160 (ecdsa-0.15.tar.gz) = aaeba796ec51455deb06d4accc01535aeac26302
+SHA512 (ecdsa-0.15.tar.gz) = 7b7491d1abdb5ca43456d943c96525fa5d722635c496bbddd04ef8e1baad9dc0aef3d1752afea7820f7796421b18295ee260657ec1e8faf7564613b316c0d603
+Size (ecdsa-0.15.tar.gz) = 122119 bytes
Home |
Main Index |
Thread Index |
Old Index