[pkgsrc/trunk]: pkgsrc/www/py-notebook py-notebook: updated to 5.7.6

[adam <adam%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/f690c23c24cf
branches:  trunk
changeset: 331683:f690c23c24cf
user:      adam <adam%pkgsrc.org@localhost>
date:      Fri Mar 22 17:55:05 2019 +0000

description:
py-notebook: updated to 5.7.6

5.7.6
5.7.6 contains a security fix for a cross-site inclusion (XSSI) vulnerability,
where files at a known URL could be included in a page from an unauthorized website if the user is logged into a Jupyter server.
The fix involves setting the X-Content-Type-Options: nosniff
header, and applying CSRF checks previously on all non-GET
API requests to GET requests to API endpoints and the /files/ endpoint.

The attacking page is able to access some contents of files when using Internet Explorer through script errors,
but this has not been demonstrated with other browsers.
A CVE has been requested for this vulnerability.

5.7.5
- Fix compatibility with tornado 6
- Fix opening integer filedescriptor during startup on Python 2
- Fix compatibility with asynchronous KernelManager.restart_kernel methods

diffstat:

 www/py-notebook/Makefile |   5 ++---
 www/py-notebook/distinfo |  10 +++++-----
 2 files changed, 7 insertions(+), 8 deletions(-)

diffs (29 lines):

diff -r aa9b4ab2feb9 -r f690c23c24cf www/py-notebook/Makefile
--- a/www/py-notebook/Makefile  Fri Mar 22 17:53:10 2019 +0000
+++ b/www/py-notebook/Makefile  Fri Mar 22 17:55:05 2019 +0000
@@ -1,8 +1,7 @@
-# $NetBSD: Makefile,v 1.12 2019/01/08 10:49:30 markd Exp $
+# $NetBSD: Makefile,v 1.13 2019/03/22 17:55:05 adam Exp $
 
-DISTNAME=      notebook-5.7.4
+DISTNAME=      notebook-5.7.6
 PKGNAME=       ${PYPKGPREFIX}-${DISTNAME}
-PKGREVISION=   1
 CATEGORIES=    www python
 MASTER_SITES=  ${MASTER_SITE_PYPI:=n/notebook/}
 
diff -r aa9b4ab2feb9 -r f690c23c24cf www/py-notebook/distinfo
--- a/www/py-notebook/distinfo  Fri Mar 22 17:53:10 2019 +0000
+++ b/www/py-notebook/distinfo  Fri Mar 22 17:55:05 2019 +0000
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.8 2019/01/02 15:32:41 adam Exp $
+$NetBSD: distinfo,v 1.9 2019/03/22 17:55:05 adam Exp $
 
-SHA1 (notebook-5.7.4.tar.gz) = 1be311bcee44c06f4ac4ec8c4cd59ba15504e585
-RMD160 (notebook-5.7.4.tar.gz) = 29c92f292c99e0c1211562499a730e51f6baffb4
-SHA512 (notebook-5.7.4.tar.gz) = e91bcc950055a670ddc966e52e44543de46eb806a55a468053de0b4b92868b3e9551aac51283c502c8bd7c4bfac41e108d81c6d1b32d117fe4a2c2625ffed7ee
-Size (notebook-5.7.4.tar.gz) = 13389469 bytes
+SHA1 (notebook-5.7.6.tar.gz) = f6d31d620b2817ca99e9e0f6685543effdc4185f
+RMD160 (notebook-5.7.6.tar.gz) = bfe058dcc54e0be016df47ca8f3837a09f89c54f
+SHA512 (notebook-5.7.6.tar.gz) = 3382dad95a0fd3de99b96c3a05a0d931fd99829320ef38760e70193b4162d4168459463d399fc066d5606e292462fee0c663ba7763b6f6834fce2c749533a017
+Size (notebook-5.7.6.tar.gz) = 13369646 bytes