pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/www/py-notebook py-notebook: updated to 5.7.4



details:   https://anonhg.NetBSD.org/pkgsrc/rev/14577b8150f7
branches:  trunk
changeset: 327474:14577b8150f7
user:      adam <adam%pkgsrc.org@localhost>
date:      Wed Jan 02 15:32:41 2019 +0000

description:
py-notebook: updated to 5.7.4

5.7.4 fixes a bug introduced in 5.7.3, in which the list_running_servers()
function attempts to parse HTML files as JSON, and consequently crashes

5.7.3 contains one security improvement and one security fix:
- Launch the browser with a local file which redirects to the server address
  including the authentication token
  This prevents another logged-in user from stealing the token from command line
  arguments and authenticating to the server.
  The single-use token previously used to mitigate this has been removed.
  Thanks to Dr. Owain Kenway for suggesting the local file approach.
- Upgrade bootstrap to 3.4, fixing an XSS vulnerability, which has been
  assigned CVE-2018-14041

diffstat:

 www/py-notebook/Makefile |   4 ++--
 www/py-notebook/PLIST    |   5 +++--
 www/py-notebook/distinfo |  10 +++++-----
 3 files changed, 10 insertions(+), 9 deletions(-)

diffs (53 lines):

diff -r 403ca8db62ad -r 14577b8150f7 www/py-notebook/Makefile
--- a/www/py-notebook/Makefile  Wed Jan 02 15:31:36 2019 +0000
+++ b/www/py-notebook/Makefile  Wed Jan 02 15:32:41 2019 +0000
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.10 2018/11/30 09:53:33 adam Exp $
+# $NetBSD: Makefile,v 1.11 2019/01/02 15:32:41 adam Exp $
 
-DISTNAME=      notebook-5.7.2
+DISTNAME=      notebook-5.7.4
 PKGNAME=       ${PYPKGPREFIX}-${DISTNAME}
 CATEGORIES=    www python
 MASTER_SITES=  ${MASTER_SITE_PYPI:=n/notebook/}
diff -r 403ca8db62ad -r 14577b8150f7 www/py-notebook/PLIST
--- a/www/py-notebook/PLIST     Wed Jan 02 15:31:36 2019 +0000
+++ b/www/py-notebook/PLIST     Wed Jan 02 15:32:41 2019 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.7 2018/11/29 18:34:12 adam Exp $
+@comment $NetBSD: PLIST,v 1.8 2019/01/02 15:32:41 adam Exp $
 bin/jupyter-bundlerextension-${PYVERSSUFFIX}
 bin/jupyter-nbextension-${PYVERSSUFFIX}
 bin/jupyter-notebook-${PYVERSSUFFIX}
@@ -1054,7 +1054,7 @@
 ${PYSITELIB}/notebook/static/components/backbone/backbone-min.js
 ${PYSITELIB}/notebook/static/components/bootstrap-tour/build/css/bootstrap-tour.min.css
 ${PYSITELIB}/notebook/static/components/bootstrap-tour/build/js/bootstrap-tour.min.js
-${PYSITELIB}/notebook/static/components/bootstrap/js/bootstrap.min.js
+${PYSITELIB}/notebook/static/components/bootstrap/dist/js/bootstrap.min.js
 ${PYSITELIB}/notebook/static/components/codemirror/addon/comment/comment.js
 ${PYSITELIB}/notebook/static/components/codemirror/addon/comment/continuecomment.js
 ${PYSITELIB}/notebook/static/components/codemirror/addon/dialog/dialog.css
@@ -1493,6 +1493,7 @@
 ${PYSITELIB}/notebook/static/tree/js/shutdownbutton.js
 ${PYSITELIB}/notebook/static/tree/js/terminallist.js
 ${PYSITELIB}/notebook/templates/404.html
+${PYSITELIB}/notebook/templates/browser-open.html
 ${PYSITELIB}/notebook/templates/edit.html
 ${PYSITELIB}/notebook/templates/error.html
 ${PYSITELIB}/notebook/templates/login.html
diff -r 403ca8db62ad -r 14577b8150f7 www/py-notebook/distinfo
--- a/www/py-notebook/distinfo  Wed Jan 02 15:31:36 2019 +0000
+++ b/www/py-notebook/distinfo  Wed Jan 02 15:32:41 2019 +0000
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.7 2018/11/29 18:34:12 adam Exp $
+$NetBSD: distinfo,v 1.8 2019/01/02 15:32:41 adam Exp $
 
-SHA1 (notebook-5.7.2.tar.gz) = 8e5f3afa1e22226406126f0a914e4bb22862d826
-RMD160 (notebook-5.7.2.tar.gz) = 3b5753e9674b9b6e44f93518a72b4180c9472e1a
-SHA512 (notebook-5.7.2.tar.gz) = 4f94bea8c3be3bc7a7a1b23049852b0902d13fb3c58a752cc99fca0f7ad6c7b9d404f39d83ae8a533e1452bd38b0c8000ea99c66d5382fe17caf53ccdc3f7066
-Size (notebook-5.7.2.tar.gz) = 13394141 bytes
+SHA1 (notebook-5.7.4.tar.gz) = 1be311bcee44c06f4ac4ec8c4cd59ba15504e585
+RMD160 (notebook-5.7.4.tar.gz) = 29c92f292c99e0c1211562499a730e51f6baffb4
+SHA512 (notebook-5.7.4.tar.gz) = e91bcc950055a670ddc966e52e44543de46eb806a55a468053de0b4b92868b3e9551aac51283c502c8bd7c4bfac41e108d81c6d1b32d117fe4a2c2625ffed7ee
+Size (notebook-5.7.4.tar.gz) = 13389469 bytes



Home | Main Index | Thread Index | Old Index