[Bug 229322] net/py-urllib3: Update to 1.25.6
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Mon Nov 25 17:57:22 UTC 2019
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=229322
Kai Knoblich <kai at FreeBSD.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |kai at FreeBSD.org
--- Comment #30 from Kai Knoblich <kai at FreeBSD.org> ---
With ports r518410 all preparations from my side are now done for the /head
branch to get net/py-urllib3 updated to 1.25.6.
When my assumptions are correct there are two exp-runs running which are
related to urllib3 at the moment (the label PR241621 is a somewhat confusing in
that case):
http://package23.nyi.freebsd.org/build.html?mastername=113i386-default-PR241624&build=2019-11-25_06h54m48s
http://package22.nyi.freebsd.org/build.html?mastername=113amd64-default-PR241624&build=2019-11-25_10h11m45s
I have one question/note regarding the "merge-quartely" flag that was set to
"-" recently:
I'm afraid that a MFH is required because the 1.25.6 release of urllib3
includes fixes for three CVEs (CVE-2018-20060, CVE-2019-11236 and
CVE-2019-11324). I plan to commit a related VuXML entry in a few hours.
At the moment I'm doing preparations and test-runs for the 2019Q4 branch but
that still takes a little while. Maybe another exp-run for the 2019Q4 branch
makes sense once urllib 1.25.6 lands in /head?
--
You are receiving this mail because:
You are on the CC list for the bug.
More information about the freebsd-elastic
mailing list