[pkgsrc/pkgsrc-2017Q2]: pkgsrc/devel/py-mercurial Pullup ticket #5533 - reque...

To: pkgsrc-changes-hg%NetBSD.org@localhost
Subject: [pkgsrc/pkgsrc-2017Q2]: pkgsrc/devel/py-mercurial Pullup ticket #5533 - reque...
From: bsiegert <bsiegert%pkgsrc.org@localhost>
Date: Wed, 15 Jan 2020 12:52:13 +0000
details:   https://anonhg.NetBSD.org/pkgsrc/rev/cda7ba8f5af5
branches:  pkgsrc-2017Q2
changeset: 408674:cda7ba8f5af5
user:      bsiegert <bsiegert%pkgsrc.org@localhost>
date:      Tue Aug 15 19:06:53 2017 +0000

description:
Pullup ticket #5533 - requested by maya
devel/py-mercurial: security fix

Revisions pulled up:
- devel/py-mercurial/Makefile                                   1.13-1.14
- devel/py-mercurial/Makefile.version                           1.51
- devel/py-mercurial/PLIST                                      1.16
- devel/py-mercurial/distinfo                                   1.51-1.52

---
   Module Name:    pkgsrc
   Committed By:   joerg
   Date:           Tue Jul 25 16:09:40 UTC 2017

   Modified Files:
           pkgsrc/devel/py-mercurial: Makefile distinfo
   Added Files:
           pkgsrc/devel/py-mercurial/patches: patch-mercurial_localrepo.py
               patch-mercurial_statichttprepo.py

   Log Message:
   Fix a memory leak, from upstream. Bump revision.

---
   Module Name:    pkgsrc
   Committed By:   maya
   Date:           Mon Aug 14 01:31:56 UTC 2017

   Modified Files:
           pkgsrc/devel/py-mercurial: Makefile Makefile.version PLIST distinfo
   Removed Files:
           pkgsrc/devel/py-mercurial/patches: patch-mercurial_localrepo.py
               patch-mercurial_statichttprepo.py

   Log Message:
   py-mercurial: update to 4.3.1

   1. Mercurial 4.3 / 4.3.1 (2017-08-10)

   (4.3.1 was released immediately after 4.3 to fix a release oversight.)

   An overview of new features available. This is a regularly-scheduled quarterly feature release.

   1.1. Notable changes

       experimental amend extension providing the amend command
       experimental sparse extension
       Support for Python 2.6 has been dropped.
       Bundles created by the strip extension now store phase information. It will be restored when unbundling.
       The strip extension now removes relevant obsmarkers. If a backup requested (the default), the obsmarkers are stored in the backup bundle and will be restored when unbundling.

       hg show work (from the experimental show extension) now displays more info

       hg show stack is a new view for the current, in-progress changeset and others around it
       Mitigation for two security vulnerabilities

   1.2. CVE-2017-1000115

   Mercurial's symlink auditing was incomplete prior to 4.3, and could be abused to write to files outside the repository.

   1.3. CVE-2017-1000116

   Mercurial was not sanitizing hostnames passed to ssh, allowing shell injection attacks on clients by specifying a hostname starting with -oProxyCommand. This is also present in Git 
(CVE-2017-1000117)
   and Subversion (CVE-2017-9800), so please patch those tools as well if you have them installed.

   2. Mercurial 4.2.3 (2017-08-10)

   This was an out-of-cycle backport of security fixes from 4.3 for users stuck on Python 2.6.-1000117)
   and Subversion (CVE-2017-9800), so please patch those tools as well if you have them installed.

   2. Mercurial 4.2.3 (2017-08-10)

   This was an out-of-cycle backport of security fixes from 4.3 for users stuck on Python 2.6.

   3. Mercurial 4.2.2 (2017-07-05)

   This is a regularly-scheduled bugfix release.

       largefiles: avoid a crash when archiving a subrepo with largefiles disabled
       rebase: also test abort from pretxnclose error

       rebase: backed out changes 2519994d25ca and cf8ad0e6c0e4 (issue5610)
       rebase: reinforce testing around precommit hook interrupting a rebase

diffstat:

 devel/py-mercurial/Makefile         |   2 +-
 devel/py-mercurial/Makefile.version |   4 +-
 devel/py-mercurial/PLIST            |  89 +++++++++++++++++++++++++++++++-----
 devel/py-mercurial/distinfo         |  10 ++--
 4 files changed, 84 insertions(+), 21 deletions(-)

diffs (229 lines):

diff -r 5aa9191e3f6e -r cda7ba8f5af5 devel/py-mercurial/Makefile
--- a/devel/py-mercurial/Makefile       Sun Aug 13 19:07:26 2017 +0000
+++ b/devel/py-mercurial/Makefile       Tue Aug 15 19:06:53 2017 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.12 2017/05/17 10:30:18 wiz Exp $
+# $NetBSD: Makefile,v 1.12.2.1 2017/08/15 19:06:53 bsiegert Exp $
 
 DISTNAME=      mercurial-${VERSION}
 PKGNAME=       ${PYPKGPREFIX}-${DISTNAME}
diff -r 5aa9191e3f6e -r cda7ba8f5af5 devel/py-mercurial/Makefile.version
--- a/devel/py-mercurial/Makefile.version       Sun Aug 13 19:07:26 2017 +0000
+++ b/devel/py-mercurial/Makefile.version       Tue Aug 15 19:06:53 2017 +0000
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile.version,v 1.50 2017/06/19 20:07:43 wiz Exp $
+# $NetBSD: Makefile.version,v 1.50.2.1 2017/08/15 19:06:53 bsiegert Exp $
 
-VERSION=       4.2.1
+VERSION=       4.3.1
 
 PYTHON_VERSIONS_INCOMPATIBLE=  34 35 36 # not yet ported as of 3.9
 # see also https://www.mercurial-scm.org/wiki/SupportedPythonVersions
diff -r 5aa9191e3f6e -r cda7ba8f5af5 devel/py-mercurial/PLIST
--- a/devel/py-mercurial/PLIST  Sun Aug 13 19:07:26 2017 +0000
+++ b/devel/py-mercurial/PLIST  Tue Aug 15 19:06:53 2017 +0000
@@ -1,11 +1,23 @@
-@comment $NetBSD: PLIST,v 1.15 2017/05/17 10:30:18 wiz Exp $
+@comment $NetBSD: PLIST,v 1.15.2.1 2017/08/15 19:06:53 bsiegert Exp $
 bin/hg
+${PYSITELIB}/hgdemandimport/__init__.py
+${PYSITELIB}/hgdemandimport/__init__.pyc
+${PYSITELIB}/hgdemandimport/__init__.pyo
+${PYSITELIB}/hgdemandimport/demandimportpy2.py
+${PYSITELIB}/hgdemandimport/demandimportpy2.pyc
+${PYSITELIB}/hgdemandimport/demandimportpy2.pyo
+${PYSITELIB}/hgdemandimport/demandimportpy3.py
+${PYSITELIB}/hgdemandimport/demandimportpy3.pyc
+${PYSITELIB}/hgdemandimport/demandimportpy3.pyo
 ${PYSITELIB}/hgext/__init__.py
 ${PYSITELIB}/hgext/__init__.pyc
 ${PYSITELIB}/hgext/__init__.pyo
 ${PYSITELIB}/hgext/acl.py
 ${PYSITELIB}/hgext/acl.pyc
 ${PYSITELIB}/hgext/acl.pyo
+${PYSITELIB}/hgext/amend.py
+${PYSITELIB}/hgext/amend.pyc
+${PYSITELIB}/hgext/amend.pyo
 ${PYSITELIB}/hgext/automv.py
 ${PYSITELIB}/hgext/automv.pyc
 ${PYSITELIB}/hgext/automv.pyo
@@ -27,9 +39,9 @@
 ${PYSITELIB}/hgext/clonebundles.py
 ${PYSITELIB}/hgext/clonebundles.pyc
 ${PYSITELIB}/hgext/clonebundles.pyo
-${PYSITELIB}/hgext/color.py
-${PYSITELIB}/hgext/color.pyc
-${PYSITELIB}/hgext/color.pyo
+${PYSITELIB}/hgext/commitextras.py
+${PYSITELIB}/hgext/commitextras.pyc
+${PYSITELIB}/hgext/commitextras.pyo
 ${PYSITELIB}/hgext/convert/__init__.py
 ${PYSITELIB}/hgext/convert/__init__.pyc
 ${PYSITELIB}/hgext/convert/__init__.pyo
@@ -199,6 +211,9 @@
 ${PYSITELIB}/hgext/record.py
 ${PYSITELIB}/hgext/record.pyc
 ${PYSITELIB}/hgext/record.pyo
+${PYSITELIB}/hgext/releasenotes.py
+${PYSITELIB}/hgext/releasenotes.pyc
+${PYSITELIB}/hgext/releasenotes.pyo
 ${PYSITELIB}/hgext/relink.py
 ${PYSITELIB}/hgext/relink.pyc
 ${PYSITELIB}/hgext/relink.pyo
@@ -214,6 +229,9 @@
 ${PYSITELIB}/hgext/show.py
 ${PYSITELIB}/hgext/show.pyc
 ${PYSITELIB}/hgext/show.pyo
+${PYSITELIB}/hgext/sparse.py
+${PYSITELIB}/hgext/sparse.pyc
+${PYSITELIB}/hgext/sparse.pyo
 ${PYSITELIB}/hgext/strip.py
 ${PYSITELIB}/hgext/strip.pyc
 ${PYSITELIB}/hgext/strip.pyo
@@ -251,8 +269,6 @@
 ${PYSITELIB}/mercurial/archival.py
 ${PYSITELIB}/mercurial/archival.pyc
 ${PYSITELIB}/mercurial/archival.pyo
-${PYSITELIB}/mercurial/base85.so
-${PYSITELIB}/mercurial/bdiff.so
 ${PYSITELIB}/mercurial/bookmarks.py
 ${PYSITELIB}/mercurial/bookmarks.pyc
 ${PYSITELIB}/mercurial/bookmarks.pyo
@@ -268,6 +284,45 @@
 ${PYSITELIB}/mercurial/byterange.py
 ${PYSITELIB}/mercurial/byterange.pyc
 ${PYSITELIB}/mercurial/byterange.pyo
+${PYSITELIB}/mercurial/cext/__init__.py
+${PYSITELIB}/mercurial/cext/__init__.pyc
+${PYSITELIB}/mercurial/cext/__init__.pyo
+${PYSITELIB}/mercurial/cext/base85.so
+${PYSITELIB}/mercurial/cext/bdiff.so
+${PYSITELIB}/mercurial/cext/diffhelpers.so
+${PYSITELIB}/mercurial/cext/mpatch.so
+${PYSITELIB}/mercurial/cext/osutil.so
+${PYSITELIB}/mercurial/cext/parsers.so
+${PYSITELIB}/mercurial/cffi/__init__.py
+${PYSITELIB}/mercurial/cffi/__init__.pyc
+${PYSITELIB}/mercurial/cffi/__init__.pyo
+${PYSITELIB}/mercurial/cffi/base85.py
+${PYSITELIB}/mercurial/cffi/base85.pyc
+${PYSITELIB}/mercurial/cffi/base85.pyo
+${PYSITELIB}/mercurial/cffi/bdiff.py
+${PYSITELIB}/mercurial/cffi/bdiff.pyc
+${PYSITELIB}/mercurial/cffi/bdiff.pyo
+${PYSITELIB}/mercurial/cffi/bdiffbuild.py
+${PYSITELIB}/mercurial/cffi/bdiffbuild.pyc
+${PYSITELIB}/mercurial/cffi/bdiffbuild.pyo
+${PYSITELIB}/mercurial/cffi/diffhelpers.py
+${PYSITELIB}/mercurial/cffi/diffhelpers.pyc
+${PYSITELIB}/mercurial/cffi/diffhelpers.pyo
+${PYSITELIB}/mercurial/cffi/mpatch.py
+${PYSITELIB}/mercurial/cffi/mpatch.pyc
+${PYSITELIB}/mercurial/cffi/mpatch.pyo
+${PYSITELIB}/mercurial/cffi/mpatchbuild.py
+${PYSITELIB}/mercurial/cffi/mpatchbuild.pyc
+${PYSITELIB}/mercurial/cffi/mpatchbuild.pyo
+${PYSITELIB}/mercurial/cffi/osutil.py
+${PYSITELIB}/mercurial/cffi/osutil.pyc
+${PYSITELIB}/mercurial/cffi/osutil.pyo
+${PYSITELIB}/mercurial/cffi/osutilbuild.py
+${PYSITELIB}/mercurial/cffi/osutilbuild.pyc
+${PYSITELIB}/mercurial/cffi/osutilbuild.pyo
+${PYSITELIB}/mercurial/cffi/parsers.py
+${PYSITELIB}/mercurial/cffi/parsers.pyc
+${PYSITELIB}/mercurial/cffi/parsers.pyo
 ${PYSITELIB}/mercurial/changegroup.py
 ${PYSITELIB}/mercurial/changegroup.pyc
 ${PYSITELIB}/mercurial/changegroup.pyo
@@ -292,6 +347,9 @@
 ${PYSITELIB}/mercurial/config.py
 ${PYSITELIB}/mercurial/config.pyc
 ${PYSITELIB}/mercurial/config.pyo
+${PYSITELIB}/mercurial/configitems.py
+${PYSITELIB}/mercurial/configitems.pyc
+${PYSITELIB}/mercurial/configitems.pyo
 ${PYSITELIB}/mercurial/context.py
 ${PYSITELIB}/mercurial/context.pyc
 ${PYSITELIB}/mercurial/context.pyo
@@ -301,6 +359,9 @@
 ${PYSITELIB}/mercurial/crecord.py
 ${PYSITELIB}/mercurial/crecord.pyc
 ${PYSITELIB}/mercurial/crecord.pyo
+${PYSITELIB}/mercurial/dagop.py
+${PYSITELIB}/mercurial/dagop.pyc
+${PYSITELIB}/mercurial/dagop.pyo
 ${PYSITELIB}/mercurial/dagparser.py
 ${PYSITELIB}/mercurial/dagparser.pyc
 ${PYSITELIB}/mercurial/dagparser.pyo
@@ -311,13 +372,9 @@
 ${PYSITELIB}/mercurial/debugcommands.pyc
 ${PYSITELIB}/mercurial/debugcommands.pyo
 ${PYSITELIB}/mercurial/default.d/mergetools.rc
-${PYSITELIB}/mercurial/demandimport.py
-${PYSITELIB}/mercurial/demandimport.pyc
-${PYSITELIB}/mercurial/demandimport.pyo
 ${PYSITELIB}/mercurial/destutil.py
 ${PYSITELIB}/mercurial/destutil.pyc
 ${PYSITELIB}/mercurial/destutil.pyo
-${PYSITELIB}/mercurial/diffhelpers.so
 ${PYSITELIB}/mercurial/dirstate.py
 ${PYSITELIB}/mercurial/dirstate.pyc
 ${PYSITELIB}/mercurial/dirstate.pyo
@@ -497,7 +554,6 @@
 ${PYSITELIB}/mercurial/minirst.py
 ${PYSITELIB}/mercurial/minirst.pyc
 ${PYSITELIB}/mercurial/minirst.pyo
-${PYSITELIB}/mercurial/mpatch.so
 ${PYSITELIB}/mercurial/namespaces.py
 ${PYSITELIB}/mercurial/namespaces.pyc
 ${PYSITELIB}/mercurial/namespaces.pyo
@@ -507,11 +563,12 @@
 ${PYSITELIB}/mercurial/obsolete.py
 ${PYSITELIB}/mercurial/obsolete.pyc
 ${PYSITELIB}/mercurial/obsolete.pyo
-${PYSITELIB}/mercurial/osutil.so
+${PYSITELIB}/mercurial/obsutil.py
+${PYSITELIB}/mercurial/obsutil.pyc
+${PYSITELIB}/mercurial/obsutil.pyo
 ${PYSITELIB}/mercurial/parser.py
 ${PYSITELIB}/mercurial/parser.pyc
 ${PYSITELIB}/mercurial/parser.pyo
-${PYSITELIB}/mercurial/parsers.so
 ${PYSITELIB}/mercurial/patch.py
 ${PYSITELIB}/mercurial/patch.pyc
 ${PYSITELIB}/mercurial/patch.pyo
@@ -596,6 +653,9 @@
 ${PYSITELIB}/mercurial/scmwindows.py
 ${PYSITELIB}/mercurial/scmwindows.pyc
 ${PYSITELIB}/mercurial/scmwindows.pyo
+${PYSITELIB}/mercurial/selectors2.py
+${PYSITELIB}/mercurial/selectors2.pyc
+${PYSITELIB}/mercurial/selectors2.pyo
 ${PYSITELIB}/mercurial/server.py
 ${PYSITELIB}/mercurial/server.pyc
 ${PYSITELIB}/mercurial/server.pyo
@@ -611,6 +671,9 @@
 ${PYSITELIB}/mercurial/smartset.py
 ${PYSITELIB}/mercurial/smartset.pyc
 ${PYSITELIB}/mercurial/smartset.pyo
+${PYSITELIB}/mercurial/sparse.py
+${PYSITELIB}/mercurial/sparse.pyc
+${PYSITELIB}/mercurial/sparse.pyo
 ${PYSITELIB}/mercurial/sshpeer.py
 ${PYSITELIB}/mercurial/sshpeer.pyc
 ${PYSITELIB}/mercurial/sshpeer.pyo
diff -r 5aa9191e3f6e -r cda7ba8f5af5 devel/py-mercurial/distinfo
--- a/devel/py-mercurial/distinfo       Sun Aug 13 19:07:26 2017 +0000
+++ b/devel/py-mercurial/distinfo       Tue Aug 15 19:06:53 2017 +0000
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.50 2017/06/19 20:07:43 wiz Exp $
+$NetBSD: distinfo,v 1.50.2.1 2017/08/15 19:06:53 bsiegert Exp $
 
-SHA1 (mercurial-4.2.1.tar.gz) = 3fb8e228c8e3129cae1b222085984f4f90c7140b
-RMD160 (mercurial-4.2.1.tar.gz) = a0dead4f0307fd168aa3a33aa9fd5971340eedc3
-SHA512 (mercurial-4.2.1.tar.gz) = 0349fb5343210869bacb2247d30546676e5cf486f64fb8ebb2b1c6cdf7d564e7b754a43fb5b61c7d7e66a67609c514c8e15f415f4189bccbebb2fbb5a5474645
-Size (mercurial-4.2.1.tar.gz) = 5317692 bytes
+SHA1 (mercurial-4.3.1.tar.gz) = 06cde0a5d555d5c62bb7f791409fd91910c28553
+RMD160 (mercurial-4.3.1.tar.gz) = 744cac47bd71c454365aff5123a6e93464dba7cf
+SHA512 (mercurial-4.3.1.tar.gz) = 4c42d06b7f111a3e825dd927704a30f88f0b2225cf87ab8954bf53a7fbc0edf561374dd49b13d9c10140d98ff5853a64acb5a744349727abae81d32da401922b
+Size (mercurial-4.3.1.tar.gz) = 5475042 bytes
Prev by Date: [pkgsrc/pkgsrc-2017Q2]: pkgsrc/doc Pullup ticket #5533.
Next by Date: [pkgsrc/pkgsrc-2017Q2]: pkgsrc/math/py-scipy Pullup ticket #5535 - requested ...
Previous by Thread: [pkgsrc/pkgsrc-2017Q2]: pkgsrc/doc Pullup ticket #5533.
Next by Thread: [pkgsrc/pkgsrc-2017Q2]: pkgsrc/math/py-scipy Pullup ticket #5535 - requested ...
Indexes:
Home | Main Index | Thread Index | Old Index