CVS commit: pkgsrc/databases/py-pymysql

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/databases/py-pymysql
From: "Adam Ciarcinski" <adam%netbsd.org@localhost>
Date: Wed, 22 May 2024 07:18:56 +0000

Module Name:    pkgsrc
Committed By:   adam
Date:           Wed May 22 07:18:56 UTC 2024

Modified Files:
        pkgsrc/databases/py-pymysql: Makefile distinfo

Log Message:
py-pymysql: updated to 1.1.1

v1.1.1

> [!WARNING]
> This release fixes a vulnerability (CVE-2024-36039).
> All users are recommended to update to this version.
>
> If you can not update soon, check the input value from
> untrusted source has an expected type. Only dict input
> from untrusted source can be an attack vector.

* Prohibit dict parameter for `Cursor.execute()`. It didn't produce valid SQL
  and might cause SQL injection. (CVE-2024-36039)


To generate a diff of this commit:
cvs rdiff -u -r1.16 -r1.17 pkgsrc/databases/py-pymysql/Makefile
cvs rdiff -u -r1.12 -r1.13 pkgsrc/databases/py-pymysql/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/databases/py-pymysql/Makefile
diff -u pkgsrc/databases/py-pymysql/Makefile:1.16 pkgsrc/databases/py-pymysql/Makefile:1.17
--- pkgsrc/databases/py-pymysql/Makefile:1.16   Fri Jan 19 13:08:23 2024
+++ pkgsrc/databases/py-pymysql/Makefile        Wed May 22 07:18:56 2024
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.16 2024/01/19 13:08:23 adam Exp $
+# $NetBSD: Makefile,v 1.17 2024/05/22 07:18:56 adam Exp $
 
-DISTNAME=      PyMySQL-1.1.0
-PKGNAME=       ${PYPKGPREFIX}-${DISTNAME:tl}
+DISTNAME=      pymysql-1.1.1
+PKGNAME=       ${PYPKGPREFIX}-${DISTNAME}
 CATEGORIES=    databases python
 MASTER_SITES=  ${MASTER_SITE_PYPI:=P/PyMySQL/}
 
@@ -10,6 +10,8 @@ HOMEPAGE=     https://github.com/PyMySQL/PyM
 COMMENT=       Pure-Python MySQL driver
 LICENSE=       mit
 
+WHEEL_NAME=    PyMySQL-${PKGVERSION_NOREV}
+
 TOOL_DEPENDS+= ${PYPKGPREFIX}-setuptools>=61:../../devel/py-setuptools
 TOOL_DEPENDS+= ${PYPKGPREFIX}-wheel-[0-9]*:../../devel/py-wheel
 # rsa

Index: pkgsrc/databases/py-pymysql/distinfo
diff -u pkgsrc/databases/py-pymysql/distinfo:1.12 pkgsrc/databases/py-pymysql/distinfo:1.13
--- pkgsrc/databases/py-pymysql/distinfo:1.12   Fri Jan 19 13:08:23 2024
+++ pkgsrc/databases/py-pymysql/distinfo        Wed May 22 07:18:56 2024
@@ -1,5 +1,5 @@
-$NetBSD: distinfo,v 1.12 2024/01/19 13:08:23 adam Exp $
+$NetBSD: distinfo,v 1.13 2024/05/22 07:18:56 adam Exp $
 
-BLAKE2s (PyMySQL-1.1.0.tar.gz) = 57ac742347a8e34408c5df318acb7ba0806e9904d7999b48382fa40fbb31e926
-SHA512 (PyMySQL-1.1.0.tar.gz) = 51dddc92e766183ab5d93717121d853415561dc81abc7ec8299a73610cae5bc22b6070006d6ea24405ab31bc1ea68be61466a3477c0f84d47435f78ffc60d31e
-Size (PyMySQL-1.1.0.tar.gz) = 47240 bytes
+BLAKE2s (pymysql-1.1.1.tar.gz) = c8cc85acda46b2014480643f4525faaf59fd84988b71b79d58b442f5b3ab0455
+SHA512 (pymysql-1.1.1.tar.gz) = 09d533232a2e939ea4586452b97bd6f2d35cf5347027167ab16f154cc5cd63713da6b8782b9669829e1f4f161f189c79bacd2b57cf50880c27d90c832bc3683f
+Size (pymysql-1.1.1.tar.gz) = 47678 bytes

Prev by Date: CVS commit: pkgsrc/textproc/py-rapidfuzz
Next by Date: CVS commit: pkgsrc/devel/bacon
Previous by Thread: CVS commit: pkgsrc/textproc/py-rapidfuzz
Next by Thread: CVS commit: pkgsrc/devel/bacon
Indexes:

Home | Main Index | Thread Index | Old Index