0 2 1
default
Daniel Neugebauer (dneuge) - 25 days ago 2018-10-21 13:19:45
dneuge@energiequant.de
dev-vcs/kallithea: version bump to 0.3.5 (security update), masking <0.3.5
3 files changed with 17 insertions and 6 deletions:
↑ Collapse Diff ↑
1 1
 
AUX production.wsgi 448 SHA256 34aa607585b8526356d0a4e7103689a4c353e333bfd7dbd9316dea1601403af6 SHA512 f1d6310626ce5687317d856e4be2ea37d4d39dea5402846c64195d77cef1454ef96d3c6d23832a9a0c8ecdc6645582bc86b138cc7fbb7dc78226f45279d44f7a WHIRLPOOL cfee76d169facea538b00fdd9683a9ecefe58cd49f3c2f3f46e49025af459e5a8bdd236ea55252d5488ee52212f2f57423f3d8e21ddb2251e25851bffc93d243
2 2
 
AUX start-virtualenv.sh 463 SHA256 2f5def6c4840b94b78055fcc3f3e37aa42dd709e4e71dfa16d1fc63966274456 SHA512 0912644b3806b9c04d301f5f2f59c9b212549e73dec848a324fb0dd8bc9410e60750a571a3438ccc4b9dd940020986b67a9f3bb29a7fd27945daa2ae4c24139d WHIRLPOOL f4cbb8e583ec907baaa0801c6c2f73a9832689422654661079d420002a6c55ff872f8af1b4a2b78e50085f90e2c8d5876e93a436c443ac75f9d589510d8f615c
3 3
 
DIST Kallithea-0.3.2.tar.gz 5347665 SHA256 891a7f88cf02a887c8eb711bfe56ff79f053a9051e0748fc29293bc7fa6ef0b3 SHA512 6f0cbab03004ea776e7278470ce12c025ba252b2194fc93c2dc5f3675811ca01306fd7ca076f1248915f22265d03d94741f2fdb7edeb8a90425e9d297a7f6af4 WHIRLPOOL ee0249a7563271ed94cc0a04ed1e90508854573a2395909e8525da19be68c04ed9b8c6968f47e76b86c6fa697a8fbf4c316fdd210caea4550655201a80bc360e
4
 
DIST Kallithea-0.3.5.tar.gz 6358269 SHA256 4b598546494a3b68a5a7ff40b313606dc5de14e8eeb351b8a6adafc68631f729 SHA512 dbf752afab9cbda07880fd1ce77ff0389280746aab4ca530a15745258e52732c240e95b8e6ee9ffef7df3e135ceab5d063bec3b2a4d77f022b3687dfbf51f126 WHIRLPOOL 099e4d2129b664a9550cb8073c455635f43ff784d4b9b79ae1543ec0b745795945b1b50f026b31e993c40be9e94f0ba2398012bcae7e3465fe09de506b042fd6
4 5
 
EBUILD kallithea-0.3.2.ebuild 15573 SHA256 d84b9f260eb6a5af551b5def59a89340366927dd1af0936b755fc885fcc11366 SHA512 13f3843d33cef3fce28e0e3e46999b407020a0f2fdc86baa05dac093a89881a453686ab5f7902567e5f33ef9670bb484465f6eaface3e74779e8d40d4dce5646 WHIRLPOOL 6deb4b03e56cf171403c6f92a9cab17e4eef4acb5791d76ac08a2b57806b923317e6b41110eaed3d9a6534ed5dee1b6beb883b80ae504a61ac74f2a0ae69c3ac
6
 
EBUILD kallithea-0.3.5.ebuild 15585 SHA256 27c518602eebdd4f5cee59b584fdcf50c6ae0c871d2aba9188fa5793c3d11c64 SHA512 1408dec24433afa622b1bcc747070067de71778d0c07d11a8daf8667740475d8f3da4d7156b328367d16b34c96cce02aff9b2a56099b68f10527a959324bcc8c WHIRLPOOL ee52143dff5796b268236f1359896becda961e9920b32e8753f5fcb67b9505ba21cce9ebc71b3340576a4868b7baa4a0126deec571a0fa6da4d95dc35f9a0adc
 
file copied from dev-vcs/kallithea/kallithea-0.3.2.ebuild to dev-vcs/kallithea/kallithea-0.3.5.ebuild
...
 
@@ -18,7 +18,7 @@ inherit user
18 18
 

	
19 19
 
DESCRIPTION="a web-based frontend and middleware to Mercurial and Git repositories"
20 20
 
HOMEPAGE="https://kallithea-scm.org/"
21
 
SRC_URI="https://pypi.python.org/packages/72/b3/a135896270360385ae5b47a5a7d119e90143334e30d93fb68c26ec59edfc/Kallithea-0.3.2.tar.gz"
21
 
SRC_URI="https://files.pythonhosted.org/packages/b7/74/5d8ff9186721347d40ef486bd7246b0fc9bf53d27ed923d4bf06be8fbadf/Kallithea-0.3.5.tar.gz"
22 22
 

	
23 23
 
IUSE="+git mysql postgres sqlite"
24 24
 
REQUIRED_USE="|| ( mysql postgres sqlite )"
...
 
@@ -252,11 +252,11 @@ pkg_postinst() {
252 252
 
	elog  ""
253 253
 
	elog  "    source ${installBasePath}/${virtualenvActivationPath}"
254 254
 
	elog  ""
255
 
	elog  "We altered the default config slightly. It may be best to have a look at our"
256
 
	elog  "short example on how to setup hosting with Apache and mod_wsgi, even if you"
257
 
	elog  "prefer another method of hosting Kallithea:"
258
 
	elog  "    ${urlDocumentationMegacoffee}"
259
 
	elog  ""
255
 
	#elog  "We altered the default config slightly. It may be best to have a look at our"
256
 
	#elog  "short example on how to setup hosting with Apache and mod_wsgi, even if you"
257
 
	#elog  "prefer another method of hosting Kallithea:"
258
 
	#elog  "    ${urlDocumentationMegacoffee}"
259
 
	#elog  ""
260 260
 
	#elog  "We can wrap those commands for you if you run (no prior activation needed):"
261 261
 
	#elog  "    emerge --config =${CATEGORY}/${PF}"
262 262
 
	#elog  ""
...
 
@@ -3,3 +3,12 @@
3 3
 
# ebuild was restored from official portage tree after deletion and should
4 4
 
# only be used as a last resort
5 5
 
=media-libs/xine-lib-1.1.20
6
 

	
7
 
# Daniel Neugebauer <dneuge@energiequant.de> (21 Oct 2018)
8
 
# for gentoo-overlay.megacoffee.net
9
 
# Kallithea versions before 0.3.5 are vulnerable to several security issues
10
 
# (incorrect access control, directory traversal, XSS). See the 0.3.5 release
11
 
# notes on details and recommended actions and upgrade ASAP (update was
12
 
# already published on 6 Jun 2018):
13
 
# https://kallithea-scm.org/news/release-0.3.5.html
14
 
<dev-vcs/kallithea-0.3.5
0 comments (0 inline, 0 general)