CVS commit: pkgsrc/www/py-bleach

["Adam Ciarcinski" <adam%netbsd.org@localhost>]

Module Name:    pkgsrc
Committed By:   adam
Date:           Mon Apr  9 12:14:19 UTC 2018

Modified Files:
        pkgsrc/www/py-bleach: Makefile distinfo

Log Message:
py-bleach: updated to 2.1.3

Version 2.1.3:

**Security fixes**
* Attributes that have URI values weren't properly sanitized if the
  values contained character entities. Using character entities, it
  was possible to construct a URI value with a scheme that was not
  allowed that would slide through unsanitized.

  This security issue was introduced in Bleach 2.1. Anyone using
  Bleach 2.1 is highly encouraged to upgrade.

**Bug fixes**
* Fixed some other edge cases for attribute URI value sanitizing and
  improved testing of this code.


To generate a diff of this commit:
cvs rdiff -u -r1.8 -r1.9 pkgsrc/www/py-bleach/Makefile
cvs rdiff -u -r1.7 -r1.8 pkgsrc/www/py-bleach/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/www/py-bleach/Makefile
diff -u pkgsrc/www/py-bleach/Makefile:1.8 pkgsrc/www/py-bleach/Makefile:1.9
--- pkgsrc/www/py-bleach/Makefile:1.8   Sun Dec 10 16:56:51 2017
+++ pkgsrc/www/py-bleach/Makefile       Mon Apr  9 12:14:19 2018
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.8 2017/12/10 16:56:51 adam Exp $
+# $NetBSD: Makefile,v 1.9 2018/04/09 12:14:19 adam Exp $
 
-DISTNAME=      bleach-2.1.2
+DISTNAME=      bleach-2.1.3
 PKGNAME=       ${PYPKGPREFIX}-${DISTNAME}
 CATEGORIES=    www python
 MASTER_SITES=  ${MASTER_SITE_PYPI:=b/bleach/}
@@ -12,8 +12,8 @@ LICENSE=      apache-2.0
 
 DEPENDS+=      ${PYPKGPREFIX}-html5lib>=0.99999999:../../textproc/py-html5lib
 DEPENDS+=      ${PYPKGPREFIX}-six-[0-9]*:../../lang/py-six
-BUILD_DEPENDS+=        ${PYPKGPREFIX}-test>=3.0.0:../../devel/py-test
 BUILD_DEPENDS+=        ${PYPKGPREFIX}-test-runner>=2.0:../../devel/py-test-runner
+TEST_DEPENDS+= ${PYPKGPREFIX}-test>=3.0.0:../../devel/py-test
 
 USE_LANGUAGES= # none
 

Index: pkgsrc/www/py-bleach/distinfo
diff -u pkgsrc/www/py-bleach/distinfo:1.7 pkgsrc/www/py-bleach/distinfo:1.8
--- pkgsrc/www/py-bleach/distinfo:1.7   Sun Dec 10 16:56:51 2017
+++ pkgsrc/www/py-bleach/distinfo       Mon Apr  9 12:14:19 2018
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.7 2017/12/10 16:56:51 adam Exp $
+$NetBSD: distinfo,v 1.8 2018/04/09 12:14:19 adam Exp $
 
-SHA1 (bleach-2.1.2.tar.gz) = 5a1c023724f16cbb1fce65816aa36b6a502bebdc
-RMD160 (bleach-2.1.2.tar.gz) = 86b4f867b5dbcabf44af764c36d175625985dad3
-SHA512 (bleach-2.1.2.tar.gz) = ea4071e05deae54c88507c299805b44ade23810b63834d83fa5682ebcfb36bb4b9fe09e4aa2f50f9a5b1a07d13fd70aece30d02fc5b55d983930e353bdc37f48
-Size (bleach-2.1.2.tar.gz) = 58954 bytes
+SHA1 (bleach-2.1.3.tar.gz) = ed09e5428b8a47d57e232457ad944119ce9cba06
+RMD160 (bleach-2.1.3.tar.gz) = a86fbfd97c1e2b7eace9eef5281e9c78d84c381b
+SHA512 (bleach-2.1.3.tar.gz) = ff74fb3646709f20c79ea02e6d0fb93e2f204d3151a05f259b703050c10d410859af76acb470405f6fb7b55c8fb64595e6f0fcf8e9cb8fd3fc3722fa30a47de5
+Size (bleach-2.1.3.tar.gz) = 60141 bytes