[pkgsrc/trunk]: pkgsrc/sysutils/py-supervisor 3.3.3:

[adam <adam%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/5838c0f37151
branches:  trunk
changeset: 365754:5838c0f37151
user:      adam <adam%pkgsrc.org@localhost>
date:      Tue Jul 25 08:17:08 2017 +0000

description:
3.3.3:
- Fixed CVE-2017-11610.  A vulnerability was found where an authenticated
  client can send a malicious XML-RPC request to ``supervisord`` that will
  run arbitrary shell commands on the server.  The commands will be run as
  the same user as ``supervisord``.  Depending on how ``supervisord`` has been
  configured, this may be root.  See
  https://github.com/Supervisor/supervisor/issues/964 for details.

diffstat:

 sysutils/py-supervisor/Makefile |   4 ++--
 sysutils/py-supervisor/distinfo |  10 +++++-----
 2 files changed, 7 insertions(+), 7 deletions(-)

diffs (27 lines):

diff -r 091700748084 -r 5838c0f37151 sysutils/py-supervisor/Makefile
--- a/sysutils/py-supervisor/Makefile   Tue Jul 25 08:11:17 2017 +0000
+++ b/sysutils/py-supervisor/Makefile   Tue Jul 25 08:17:08 2017 +0000
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.2 2017/07/20 17:43:02 adam Exp $
+# $NetBSD: Makefile,v 1.3 2017/07/25 08:17:08 adam Exp $
 
-DISTNAME=      supervisor-3.3.2
+DISTNAME=      supervisor-3.3.3
 PKGNAME=       ${PYPKGPREFIX}-${DISTNAME}
 CATEGORIES=    sysutils
 MASTER_SITES=  ${MASTER_SITE_PYPI:=s/supervisor/}
diff -r 091700748084 -r 5838c0f37151 sysutils/py-supervisor/distinfo
--- a/sysutils/py-supervisor/distinfo   Tue Jul 25 08:11:17 2017 +0000
+++ b/sysutils/py-supervisor/distinfo   Tue Jul 25 08:17:08 2017 +0000
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.2 2017/07/20 17:43:02 adam Exp $
+$NetBSD: distinfo,v 1.3 2017/07/25 08:17:08 adam Exp $
 
-SHA1 (supervisor-3.3.2.tar.gz) = bfdaf044341692a385e95cd31ccbe598a1c7be13
-RMD160 (supervisor-3.3.2.tar.gz) = 902d8c77b0ee43e7714ad436798eefe9eed04238
-SHA512 (supervisor-3.3.2.tar.gz) = 959f045d8da5a263a6990fdc4a93154684c74cca5f49aeb733b86da046a8a3a56981062d16f0ab8177c0e0bb41f137c62e1ae6a52582e76bbe0adb2b8185202c
-Size (supervisor-3.3.2.tar.gz) = 417348 bytes
+SHA1 (supervisor-3.3.3.tar.gz) = 3e54793f3d389f2ab168d49f13e2be0bb39218ff
+RMD160 (supervisor-3.3.3.tar.gz) = e3c074ad60767b93532ff84668f75c58898077a8
+SHA512 (supervisor-3.3.3.tar.gz) = 8285445da8a0ed790fbdf75d988304ab8fcefd9c36975ae6526ec58f511c73cd8707f22b7cff40c3aed5e63f3665d096ed4b5dbc2cc456fe0c5b4547149dbb4a
+Size (supervisor-3.3.3.tar.gz) = 418354 bytes