Subject: CVS commit: [pkgsrc-2020Q1] pkgsrc/www/py-httplib2
From: Benny Siegert
Date: 2020-05-26 20:33:19
Message id: 20200526183319.25739FB27@cvs.NetBSD.org
Log Message:
Pullup ticket #6210 - requested by adam
www/py-httplib2: security fix

Revisions pulled up:
- www/py-httplib2/Makefile                                      1.24-1.25
- www/py-httplib2/distinfo                                      1.21-1.22

---
   Module Name:    pkgsrc
   Committed By:   adam
   Date:           Wed May 20 15:29:53 UTC 2020

   Modified Files:
           pkgsrc/www/py-httplib2: Makefile distinfo

   Log Message:
   py-httplib2: updated to 0.18.0

   0.18.0
   IMPORTANT security vulnerability CWE-93 CRLF injection
   Force %xx quote of space, CR, LF characters in uri.
   Special thanks to Recar https://github.com/Ciyfly for discrete notification.
   https://cwe.mitre.org/data/definitions/93.html

   0.17.4
   Ship test suite in source dist
   https://github.com/httplib2/httplib2/pull/168

---
   Module Name:    pkgsrc
   Committed By:   adam
   Date:           Thu May 21 06:19:59 UTC 2020

   Modified Files:
           pkgsrc/www/py-httplib2: Makefile distinfo

   Log Message:
   py-httplib2: updated to 0.18.1

   0.18.1
   explicit build-backend workaround for pip build isolation bug
   "AttributeError: 'module' object has no attribute '__legacy__'" on \ 
pip install
Files:
RevisionActionfile
1.20.2.1modifypkgsrc/www/py-httplib2/Makefile
1.17.2.1modifypkgsrc/www/py-httplib2/distinfo