CVS commit: pkgsrc/databases/py-pymysql

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/databases/py-pymysql
From: "Adam Ciarcinski" <adam%netbsd.org@localhost>
Date: Wed, 6 May 2026 11:03:48 +0000

Module Name:    pkgsrc
Committed By:   adam
Date:           Wed May  6 11:03:48 UTC 2026

Modified Files:
        pkgsrc/databases/py-pymysql: Makefile distinfo

Log Message:
py-pymysql: updated to 1.1.3

v1.1.3

Security

* Fix `Cursor.callproc()` didn't escape procedure name.
  There was a possibility of SQL injection when calling a procedure with a string received from an untrusted source as the procedure name.

  NOTICE: This change may cause backward compatibility issues. If you specified a procedure name like `"dbname.funcname"`, the previous version called `CALL dbname.funcname`, but from this version, 
it will call ``CALL `dbname.funcname` `` so you cannot specify procedure name with database name anymore.


To generate a diff of this commit:
cvs rdiff -u -r1.21 -r1.22 pkgsrc/databases/py-pymysql/Makefile
cvs rdiff -u -r1.14 -r1.15 pkgsrc/databases/py-pymysql/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/databases/py-pymysql/Makefile
diff -u pkgsrc/databases/py-pymysql/Makefile:1.21 pkgsrc/databases/py-pymysql/Makefile:1.22
--- pkgsrc/databases/py-pymysql/Makefile:1.21   Tue Aug 26 18:55:15 2025
+++ pkgsrc/databases/py-pymysql/Makefile        Wed May  6 11:03:47 2026
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.21 2025/08/26 18:55:15 adam Exp $
+# $NetBSD: Makefile,v 1.22 2026/05/06 11:03:47 adam Exp $
 
-DISTNAME=      pymysql-1.1.2
+DISTNAME=      pymysql-1.1.3
 PKGNAME=       ${PYPKGPREFIX}-${DISTNAME}
 CATEGORIES=    databases python
 MASTER_SITES=  ${MASTER_SITE_PYPI:=P/PyMySQL/}

Index: pkgsrc/databases/py-pymysql/distinfo
diff -u pkgsrc/databases/py-pymysql/distinfo:1.14 pkgsrc/databases/py-pymysql/distinfo:1.15
--- pkgsrc/databases/py-pymysql/distinfo:1.14   Tue Aug 26 18:55:15 2025
+++ pkgsrc/databases/py-pymysql/distinfo        Wed May  6 11:03:47 2026
@@ -1,5 +1,5 @@
-$NetBSD: distinfo,v 1.14 2025/08/26 18:55:15 adam Exp $
+$NetBSD: distinfo,v 1.15 2026/05/06 11:03:47 adam Exp $
 
-BLAKE2s (pymysql-1.1.2.tar.gz) = 284c69dbdf4e197ad5b46fc78ad2aedf7427b846334ce7f62c79c9686bd89ad8
-SHA512 (pymysql-1.1.2.tar.gz) = 338ff403ea96364ed1785501e41d22ffa4305ff09db14445dad8a06e643826c9089d0de3a77de52b55d0e02a9a2a6e0344271b172008bdab968bd74384115736
-Size (pymysql-1.1.2.tar.gz) = 48258 bytes
+BLAKE2s (pymysql-1.1.3.tar.gz) = e5d2892876652174e6efc3b9ce5881ca0be214733a16fb155322cc352adb344c
+SHA512 (pymysql-1.1.3.tar.gz) = 13e3a9a258e8473ed0ec6425e4313074d5ab2030bc008e6f20391ff06ef4c1d3c16b64a5b6a7423178fdf70d0856798a16a6ee50dc7a5de5240ae690adac4f08
+Size (pymysql-1.1.3.tar.gz) = 48207 bytes

Prev by Date: CVS commit: pkgsrc/doc
Next by Date: CVS commit: pkgsrc/security/py-authlib
Previous by Thread: CVS commit: pkgsrc/doc
Next by Thread: CVS commit: pkgsrc/security/py-authlib
Indexes:

Home | Main Index | Thread Index | Old Index