From aeb138911e773cf4011b81fc4fcec0037f366bb1 Mon Sep 17 00:00:00 2001 From: Fabrice Fontaine Date: Sun, 20 Feb 2022 22:54:09 +0100 Subject: [PATCH] package/python-ipython: security bump to version 7.31.1 Fix CVE-2022-21699: IPython (Interactive Python) is a command shell for interactive computing in multiple programming languages, originally developed for the Python programming language. Affected versions are subject to an arbitrary code execution vulnerability achieved by not properly managing cross user temporary files. This vulnerability allows one user to run code as another on the same machine. All users are advised to upgrade. Also update indentation in hash file (two spaces) https://github.com/ipython/ipython/security/advisories/GHSA-pq7m-3gw7-gq5x Signed-off-by: Fabrice Fontaine Signed-off-by: Peter Korsgaard --- package/python-ipython/python-ipython.hash | 8 ++++---- package/python-ipython/python-ipython.mk | 4 ++-- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/package/python-ipython/python-ipython.hash b/package/python-ipython/python-ipython.hash index 5f591129a4..cd18c3d125 100644 --- a/package/python-ipython/python-ipython.hash +++ b/package/python-ipython/python-ipython.hash @@ -1,6 +1,6 @@ # md5, sha256 from https://pypi.org/pypi/ipython/json -md5 f733048322cd34ce392ec5404813540b ipython-7.28.0.tar.gz -sha256 2097be5c814d1b974aea57673176a924c4c8c9583890e7a5f082f547b9975b11 ipython-7.28.0.tar.gz +md5 6907b67691ba697173a3befb2c35f7ac ipython-7.31.1.tar.gz +sha256 b5548ec5329a4bcf054a5deed5099b0f9622eb9ea51aaa7104d215fece201d8c ipython-7.31.1.tar.gz # Locally computed sha256 checksums -sha256 341afcbd729887b7046fe7b98fc4f4edff3aed8d38f06eefd9b30670f043df17 COPYING.rst -sha256 e0e390748ed440ab893ca1f135a88a920aaf5409dbb90a5b427c75c5e51268fb LICENSE +sha256 341afcbd729887b7046fe7b98fc4f4edff3aed8d38f06eefd9b30670f043df17 COPYING.rst +sha256 e0e390748ed440ab893ca1f135a88a920aaf5409dbb90a5b427c75c5e51268fb LICENSE diff --git a/package/python-ipython/python-ipython.mk b/package/python-ipython/python-ipython.mk index c669dd1b92..389ebfa897 100644 --- a/package/python-ipython/python-ipython.mk +++ b/package/python-ipython/python-ipython.mk @@ -4,9 +4,9 @@ # ################################################################################ -PYTHON_IPYTHON_VERSION = 7.28.0 +PYTHON_IPYTHON_VERSION = 7.31.1 PYTHON_IPYTHON_SOURCE = ipython-$(PYTHON_IPYTHON_VERSION).tar.gz -PYTHON_IPYTHON_SITE = https://files.pythonhosted.org/packages/e2/c8/7046d0409a90e31263d5bbaa708347d522ac584a1140c01a951d9deb1792 +PYTHON_IPYTHON_SITE = https://files.pythonhosted.org/packages/fb/39/c1947dc1bb993a35469ca474535cb3214c91f5f9a7752a1fcbd9b6b37dde PYTHON_IPYTHON_LICENSE = BSD-3-Clause PYTHON_IPYTHON_LICENSE_FILES = COPYING.rst LICENSE PYTHON_IPYTHON_CPE_ID_VENDOR = ipython