[pkgsrc/trunk]: pkgsrc/net/py-twisted Update to 14.0.1 -- security update:

[wiz <wiz%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/195095d4e2a5
branches:  trunk
changeset: 639587:195095d4e2a5
user:      wiz <wiz%pkgsrc.org@localhost>
date:      Wed Sep 17 22:41:06 2014 +0000

description:
Update to 14.0.1 -- security update:

On behalf of Twisted Matrix Laboratories, Iâm releasing Twisted
14.0.1, a security release for Twisted 14.0. It is strongly suggested
that users of 14.0.0 upgrade to this release.

This patches a bug in Twisted Webâs Agent, where BrowserLikePolicyForHTTPS
would not honour the trust root given, and would use the system
trust root instead. This would have broken, for example, attempting
to pin the issuer for your HTTPS application because you only trust
one issuer.

Note: on OS X, with the system OpenSSL, you still can't fully rely
on this API for issuer pinning, due to modifications by Apple â
please see https://hynek.me/articles/apple-openssl-verification-surprises/
for more details.

diffstat:

 net/py-twisted/Makefile.common |  5 +++--
 net/py-twisted/distinfo        |  8 ++++----
 2 files changed, 7 insertions(+), 6 deletions(-)

diffs (29 lines):

diff -r 8416bc570e86 -r 195095d4e2a5 net/py-twisted/Makefile.common
--- a/net/py-twisted/Makefile.common    Wed Sep 17 22:37:13 2014 +0000
+++ b/net/py-twisted/Makefile.common    Wed Sep 17 22:41:06 2014 +0000
@@ -1,8 +1,9 @@
-# $NetBSD: Makefile.common,v 1.16 2014/07/22 12:08:14 wiz Exp $
+# $NetBSD: Makefile.common,v 1.17 2014/09/17 22:41:06 wiz Exp $
+#
 # used by net/py-twisted/Makefile
 # used by net/py-twisted-docs/Makefile
 
-DISTNAME=      Twisted-14.0.0
+DISTNAME=      Twisted-14.0.1
 CATEGORIES=    net python
 MASTER_SITES=  http://twistedmatrix.com/Releases/Twisted/${PKGVERSION_NOREV:R}/
 EXTRACT_SUFX=  .tar.bz2
diff -r 8416bc570e86 -r 195095d4e2a5 net/py-twisted/distinfo
--- a/net/py-twisted/distinfo   Wed Sep 17 22:37:13 2014 +0000
+++ b/net/py-twisted/distinfo   Wed Sep 17 22:41:06 2014 +0000
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.14 2014/07/22 12:08:14 wiz Exp $
+$NetBSD: distinfo,v 1.15 2014/09/17 22:41:06 wiz Exp $
 
-SHA1 (Twisted-14.0.0.tar.bz2) = a90fae98072f8e28b9459875ce9b77f5524bbc48
-RMD160 (Twisted-14.0.0.tar.bz2) = d81c539978bfa21a4b79723578f105e05242058b
-Size (Twisted-14.0.0.tar.bz2) = 4339509 bytes
+SHA1 (Twisted-14.0.1.tar.bz2) = 4d3c0188f073136212ac55071bce12c65787da70
+RMD160 (Twisted-14.0.1.tar.bz2) = 73fb6528e5e4f01950fad2a17989cd473eaf8e9d
+Size (Twisted-14.0.1.tar.bz2) = 4344379 bytes
 SHA1 (patch-ab) = 26495e5abd57025e915b923cc7089704bbd85629