NetBSD Problem Report #54883
From www@netbsd.org Wed Jan 22 00:37:33 2020
Return-Path: <www@netbsd.org>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(Client CN "mail.NetBSD.org", Issuer "mail.NetBSD.org CA" (not verified))
by mollari.NetBSD.org (Postfix) with ESMTPS id 622467A16F
for <gnats-bugs@gnats.NetBSD.org>; Wed, 22 Jan 2020 00:37:33 +0000 (UTC)
Message-Id: <20200122003731.BA5927A1A1@mollari.NetBSD.org>
Date: Wed, 22 Jan 2020 00:37:31 +0000 (UTC)
From: js-pkgsrc@heap.zone
Reply-To: js-pkgsrc@heap.zone
To: gnats-bugs@NetBSD.org
Subject: python-ecdsa 0.15 (important security update)
X-Send-Pr-Version: www-1.0
>Number: 54883
>Category: pkg
>Synopsis: python-ecdsa 0.15 (important security update)
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: bsiegert
>State: closed
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Wed Jan 22 00:40:00 +0000 2020
>Closed-Date: Thu Feb 27 16:56:18 +0000 2020
>Last-Modified: Thu Feb 27 17:00:02 +0000 2020
>Originator: Jonathan Schleifer
>Release: HEAD
>Organization:
>Environment:
>Description:
The python-ecdsa 0.13 has broken signature verification. This could have catastrophic effects.
I also switches the source from GitHub to PyPi, because for whatever reason, the archive is different. Hashes for the archive from GitHub are nowhere to be found, and I could not find a single distro that uses the archive from GitHub instead of PyPi. So instead, I used the PyPi one and compared the hashes to what Alpine has. Since this is a dependency of Electrum, a Bitcoin wallet, it is necessary to be extra cautious here.
>How-To-Repeat:
>Fix:
commit 77be555f9e29d476e73ef3f4c085058b23803c22
Author: Jonathan Schleifer <js@nil.im>
Date: Wed Jan 22 01:33:03 2020 +0100
py-ecdsa 0.15, includes important security updates
Also switches the source from GitHub to PyPi, because for whatever
reason, the archive is different. Hashes for the archive from GitHub are
nowhere to be found, and I could not find a single distro that uses the
archive from GitHub instead of PyPi. So instead, I used the PyPi one and
compared the hashes to what Alpine has.
diff --git a/security/py-ecdsa/Makefile b/security/py-ecdsa/Makefile
index 496eb0b8bd5..916618a7002 100644
--- a/security/py-ecdsa/Makefile
+++ b/security/py-ecdsa/Makefile
@@ -1,17 +1,16 @@
# $NetBSD: Makefile,v 1.7 2015/06/29 17:00:00 gls Exp $
-DISTNAME= python-ecdsa-0.13
-PKGNAME= ${PYPKGPREFIX}-ecdsa-0.13
+DISTNAME= ecdsa-0.15
+PKGNAME= ${PYPKGPREFIX}-ecdsa-0.15
EGG_NAME= ecdsa-${PKGVERSION}
CATEGORIES= security
-MASTER_SITES= https://github.com/warner/python-ecdsa/archive/
+MASTER_SITES= ${MASTER_SITE_PYPI:=e/ecdsa/}
MAINTAINER= gls@NetBSD.org
HOMEPAGE= https://github.com/warner/python-ecdsa/
COMMENT= Easy-to-use implementation of ECDSA cryptography
LICENSE= mit
-WRKSRC= ${WRKDIR}/python-ecdsa-${DISTNAME}
USE_LANGUAGES= # none
REPLACE_PYTHON= ecdsa/ecdsa.py ecdsa/ellipticcurve.py ecdsa/numbertheory.py
diff --git a/security/py-ecdsa/PLIST b/security/py-ecdsa/PLIST
index 32517559708..bb716364a29 100644
--- a/security/py-ecdsa/PLIST
+++ b/security/py-ecdsa/PLIST
@@ -1,41 +1,75 @@
-@comment $NetBSD: PLIST,v 1.3 2015/06/29 17:00:00 gls Exp $
+@comment $NetBSD$
${PYSITELIB}/${EGG_INFODIR}/PKG-INFO
${PYSITELIB}/${EGG_INFODIR}/SOURCES.txt
${PYSITELIB}/${EGG_INFODIR}/dependency_links.txt
+${PYSITELIB}/${EGG_INFODIR}/requires.txt
${PYSITELIB}/${EGG_INFODIR}/top_level.txt
${PYSITELIB}/ecdsa/__init__.py
-${PYSITELIB}/ecdsa/__init__.pyc
${PYSITELIB}/ecdsa/__init__.pyo
-${PYSITELIB}/ecdsa/_version.py
-${PYSITELIB}/ecdsa/_version.pyc
+${PYSITELIB}/ecdsa/__init__.pyc
+${PYSITELIB}/ecdsa/_compat.pyo
+${PYSITELIB}/ecdsa/_compat.pyc
+${PYSITELIB}/ecdsa/_rwlock.pyo
+${PYSITELIB}/ecdsa/_rwlock.pyc
${PYSITELIB}/ecdsa/_version.pyo
-${PYSITELIB}/ecdsa/curves.py
-${PYSITELIB}/ecdsa/curves.pyc
+${PYSITELIB}/ecdsa/_version.pyc
${PYSITELIB}/ecdsa/curves.pyo
-${PYSITELIB}/ecdsa/der.py
-${PYSITELIB}/ecdsa/der.pyc
+${PYSITELIB}/ecdsa/curves.pyc
${PYSITELIB}/ecdsa/der.pyo
-${PYSITELIB}/ecdsa/ecdsa.py
-${PYSITELIB}/ecdsa/ecdsa.pyc
+${PYSITELIB}/ecdsa/der.pyc
+${PYSITELIB}/ecdsa/ecdh.pyo
+${PYSITELIB}/ecdsa/ecdh.pyc
${PYSITELIB}/ecdsa/ecdsa.pyo
-${PYSITELIB}/ecdsa/ellipticcurve.py
-${PYSITELIB}/ecdsa/ellipticcurve.pyc
+${PYSITELIB}/ecdsa/ecdsa.pyc
${PYSITELIB}/ecdsa/ellipticcurve.pyo
-${PYSITELIB}/ecdsa/keys.py
-${PYSITELIB}/ecdsa/keys.pyc
+${PYSITELIB}/ecdsa/ellipticcurve.pyc
${PYSITELIB}/ecdsa/keys.pyo
-${PYSITELIB}/ecdsa/numbertheory.py
-${PYSITELIB}/ecdsa/numbertheory.pyc
+${PYSITELIB}/ecdsa/keys.pyc
${PYSITELIB}/ecdsa/numbertheory.pyo
-${PYSITELIB}/ecdsa/rfc6979.py
-${PYSITELIB}/ecdsa/rfc6979.pyc
+${PYSITELIB}/ecdsa/numbertheory.pyc
${PYSITELIB}/ecdsa/rfc6979.pyo
-${PYSITELIB}/ecdsa/six.py
-${PYSITELIB}/ecdsa/six.pyc
-${PYSITELIB}/ecdsa/six.pyo
-${PYSITELIB}/ecdsa/test_pyecdsa.py
-${PYSITELIB}/ecdsa/test_pyecdsa.pyc
+${PYSITELIB}/ecdsa/rfc6979.pyc
+${PYSITELIB}/ecdsa/test_der.pyo
+${PYSITELIB}/ecdsa/test_der.pyc
+${PYSITELIB}/ecdsa/test_ecdh.pyo
+${PYSITELIB}/ecdsa/test_ecdh.pyc
+${PYSITELIB}/ecdsa/test_ecdsa.pyo
+${PYSITELIB}/ecdsa/test_ecdsa.pyc
+${PYSITELIB}/ecdsa/test_ellipticcurve.pyo
+${PYSITELIB}/ecdsa/test_ellipticcurve.pyc
+${PYSITELIB}/ecdsa/test_jacobi.pyo
+${PYSITELIB}/ecdsa/test_jacobi.pyc
+${PYSITELIB}/ecdsa/test_keys.pyo
+${PYSITELIB}/ecdsa/test_keys.pyc
+${PYSITELIB}/ecdsa/test_malformed_sigs.pyo
+${PYSITELIB}/ecdsa/test_malformed_sigs.pyc
+${PYSITELIB}/ecdsa/test_numbertheory.pyo
+${PYSITELIB}/ecdsa/test_numbertheory.pyc
${PYSITELIB}/ecdsa/test_pyecdsa.pyo
-${PYSITELIB}/ecdsa/util.py
-${PYSITELIB}/ecdsa/util.pyc
+${PYSITELIB}/ecdsa/test_pyecdsa.pyc
+${PYSITELIB}/ecdsa/test_rw_lock.pyo
+${PYSITELIB}/ecdsa/test_rw_lock.pyc
${PYSITELIB}/ecdsa/util.pyo
+${PYSITELIB}/ecdsa/util.pyc
+${PYSITELIB}/ecdsa/_compat.py
+${PYSITELIB}/ecdsa/_rwlock.py
+${PYSITELIB}/ecdsa/_version.py
+${PYSITELIB}/ecdsa/curves.py
+${PYSITELIB}/ecdsa/der.py
+${PYSITELIB}/ecdsa/ecdh.py
+${PYSITELIB}/ecdsa/ecdsa.py
+${PYSITELIB}/ecdsa/ellipticcurve.py
+${PYSITELIB}/ecdsa/keys.py
+${PYSITELIB}/ecdsa/numbertheory.py
+${PYSITELIB}/ecdsa/rfc6979.py
+${PYSITELIB}/ecdsa/test_der.py
+${PYSITELIB}/ecdsa/test_ecdh.py
+${PYSITELIB}/ecdsa/test_ecdsa.py
+${PYSITELIB}/ecdsa/test_ellipticcurve.py
+${PYSITELIB}/ecdsa/test_jacobi.py
+${PYSITELIB}/ecdsa/test_keys.py
+${PYSITELIB}/ecdsa/test_malformed_sigs.py
+${PYSITELIB}/ecdsa/test_numbertheory.py
+${PYSITELIB}/ecdsa/test_pyecdsa.py
+${PYSITELIB}/ecdsa/test_rw_lock.py
+${PYSITELIB}/ecdsa/util.py
diff --git a/security/py-ecdsa/distinfo b/security/py-ecdsa/distinfo
index aa491f44855..b744ddc02a6 100644
--- a/security/py-ecdsa/distinfo
+++ b/security/py-ecdsa/distinfo
@@ -1,6 +1,6 @@
$NetBSD: distinfo,v 1.7 2015/11/04 01:18:03 agc Exp $
-SHA1 (python-ecdsa-0.13.tar.gz) = f23d77b03f3e62a9298579ccf897a305c618a6f2
-RMD160 (python-ecdsa-0.13.tar.gz) = 7d7e2bb73649dba507f6389b8f909d251346e1fc
-SHA512 (python-ecdsa-0.13.tar.gz) = 540b85bc11963b369a2b77adcae132fbac8d267c34c865207b434f013c3d82a9ed118e22e7ce73f85c2ddd5a629926a29ec1b92b56f2a350bb155b53cdb60244
-Size (python-ecdsa-0.13.tar.gz) = 58966 bytes
+SHA1 (ecdsa-0.15.tar.gz) = 5ac84f3012d807793bcb98a8e9c86c63b9965596
+RMD160 (ecdsa-0.15.tar.gz) = aaeba796ec51455deb06d4accc01535aeac26302
+SHA512 (ecdsa-0.15.tar.gz) = 7b7491d1abdb5ca43456d943c96525fa5d722635c496bbddd04ef8e1baad9dc0aef3d1752afea7820f7796421b18295ee260657ec1e8faf7564613b316c0d603
+Size (ecdsa-0.15.tar.gz) = 122119 bytes
>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: pkg-manager->gls
Responsible-Changed-By: hauke@NetBSD.org
Responsible-Changed-When: Thu, 23 Jan 2020 15:39:14 +0000
Responsible-Changed-Why:
Over to maintainer.
State-Changed-From-To: open->feedback
State-Changed-By: leot@NetBSD.org
State-Changed-When: Mon, 27 Jan 2020 13:33:24 +0000
State-Changed-Why:
A couple of suggestions requested.
From: Leonardo Taccari <leot@NetBSD.org>
To: gnats-bugs@NetBSD.org
Cc:
Subject: Re: pkg/54883: python-ecdsa 0.15 (important security update)
Date: Mon, 27 Jan 2020 14:32:57 +0100
Hello Jonathan,
some mostly cosmetic suggestions directly inline!
js-pkgsrc@heap.zone writes:
> [...]
> commit 77be555f9e29d476e73ef3f4c085058b23803c22
> Author: Jonathan Schleifer <js@nil.im>
> Date: Wed Jan 22 01:33:03 2020 +0100
>
> py-ecdsa 0.15, includes important security updates
>
> Also switches the source from GitHub to PyPi, because for whatever
> reason, the archive is different. Hashes for the archive from GitHub are
> nowhere to be found, and I could not find a single distro that uses the
> archive from GitHub instead of PyPi. So instead, I used the PyPi one and
> compared the hashes to what Alpine has.
>
When updating packages, if possible please also provide a changelog from
upstream.
> diff --git a/security/py-ecdsa/Makefile b/security/py-ecdsa/Makefile
> index 496eb0b8bd5..916618a7002 100644
> --- a/security/py-ecdsa/Makefile
> +++ b/security/py-ecdsa/Makefile
> @@ -1,17 +1,16 @@
> # $NetBSD: Makefile,v 1.7 2015/06/29 17:00:00 gls Exp $
>
> -DISTNAME= python-ecdsa-0.13
> -PKGNAME= ${PYPKGPREFIX}-ecdsa-0.13
> +DISTNAME= ecdsa-0.15
> +PKGNAME= ${PYPKGPREFIX}-ecdsa-0.15
> EGG_NAME= ecdsa-${PKGVERSION}
> [...]
Unrelated to the update but I think that EGG_NAME could be removed (I
think that defining it as ecdsa-${PKGVERSION} is also incorrect for
possible PKGREVISION bumps), please remove it if that's the case.
> diff --git a/security/py-ecdsa/PLIST b/security/py-ecdsa/PLIST
> index 32517559708..bb716364a29 100644
> --- a/security/py-ecdsa/PLIST
> +++ b/security/py-ecdsa/PLIST
> @@ -1,41 +1,75 @@
> -@comment $NetBSD: PLIST,v 1.3 2015/06/29 17:00:00 gls Exp $
> +@comment $NetBSD$
> ${PYSITELIB}/${EGG_INFODIR}/PKG-INFO
> ${PYSITELIB}/${EGG_INFODIR}/SOURCES.txt
> ${PYSITELIB}/${EGG_INFODIR}/dependency_links.txt
> +${PYSITELIB}/${EGG_INFODIR}/requires.txt
The extra requires.txt seems to point out that there is at least a
missing dependency, please add py-six to DEPENDS in the Makefile.
> ${PYSITELIB}/${EGG_INFODIR}/top_level.txt
> ${PYSITELIB}/ecdsa/__init__.py
> -${PYSITELIB}/ecdsa/__init__.pyc
> ${PYSITELIB}/ecdsa/__init__.pyo
> [...]
The PLIST is not sorted, please sort it.
Thanks!
From: js-pkgsrc@heap.zone
To: gnats-bugs@netbsd.org
Cc: gls@netbsd.org,
gnats-admin@netbsd.org,
pkgsrc-bugs@netbsd.org
Subject: Re: pkg/54883: python-ecdsa 0.15 (important security update)
Date: Sun, 9 Feb 2020 12:26:43 +0100
> When updating packages, if possible please also provide a changelog =
from
> upstream.
I could not find an upstream change log, unfortunately. It's also =
jumping several versions.
> Unrelated to the update but I think that EGG_NAME could be removed (I
> think that defining it as ecdsa-${PKGVERSION} is also incorrect for
> possible PKGREVISION bumps), please remove it if that's the case.
Removed.
> The extra requires.txt seems to point out that there is at least a
> missing dependency, please add py-six to DEPENDS in the Makefile.
Added.
> The PLIST is not sorted, please sort it.
Done.
New patch:
commit 72fe11c8f23930b06c6045149c68dac2736e703e
Author: Jonathan Schleifer <js@nil.im>
Date: Wed Jan 22 01:33:03 2020 +0100
py-ecdsa 0.15, includes important security updates
=20
Also switches the source from GitHub to PyPi, because for whatever
reason, the archive is different. Hashes for the archive from GitHub =
are
nowhere to be found, and I could not find a single distro that uses =
the
archive from GitHub instead of PyPi. So instead, I used the PyPi one =
and
compared the hashes to what Alpine has.
diff --git a/security/py-ecdsa/Makefile b/security/py-ecdsa/Makefile
index 496eb0b8bd5..fb19738c5ca 100644
--- a/security/py-ecdsa/Makefile
+++ b/security/py-ecdsa/Makefile
@@ -1,17 +1,17 @@
# $NetBSD: Makefile,v 1.7 2015/06/29 17:00:00 gls Exp $
=20
-DISTNAME=3D python-ecdsa-0.13
-PKGNAME=3D ${PYPKGPREFIX}-ecdsa-0.13
-EGG_NAME=3D ecdsa-${PKGVERSION}
+DISTNAME=3D ecdsa-0.15
+PKGNAME=3D ${PYPKGPREFIX}-ecdsa-0.15
CATEGORIES=3D security
-MASTER_SITES=3D https://github.com/warner/python-ecdsa/archive/
+MASTER_SITES=3D ${MASTER_SITE_PYPI:=3De/ecdsa/}
=20
MAINTAINER=3D gls@NetBSD.org
HOMEPAGE=3D https://github.com/warner/python-ecdsa/
COMMENT=3D Easy-to-use implementation of ECDSA cryptography
LICENSE=3D mit
=20
-WRKSRC=3D ${WRKDIR}/python-ecdsa-${DISTNAME}
+DEPENDS+=3D ${PYPKGPREFIX}-six-[0-9]*:../../lang/py-six
+
USE_LANGUAGES=3D # none
=20
REPLACE_PYTHON=3D ecdsa/ecdsa.py ecdsa/ellipticcurve.py =
ecdsa/numbertheory.py
diff --git a/security/py-ecdsa/PLIST b/security/py-ecdsa/PLIST
index 32517559708..bd61df47360 100644
--- a/security/py-ecdsa/PLIST
+++ b/security/py-ecdsa/PLIST
@@ -1,11 +1,18 @@
-@comment $NetBSD: PLIST,v 1.3 2015/06/29 17:00:00 gls Exp $
+@comment $NetBSD$
${PYSITELIB}/${EGG_INFODIR}/PKG-INFO
${PYSITELIB}/${EGG_INFODIR}/SOURCES.txt
${PYSITELIB}/${EGG_INFODIR}/dependency_links.txt
+${PYSITELIB}/${EGG_INFODIR}/requires.txt
${PYSITELIB}/${EGG_INFODIR}/top_level.txt
${PYSITELIB}/ecdsa/__init__.py
${PYSITELIB}/ecdsa/__init__.pyc
${PYSITELIB}/ecdsa/__init__.pyo
+${PYSITELIB}/ecdsa/_compat.py
+${PYSITELIB}/ecdsa/_compat.pyc
+${PYSITELIB}/ecdsa/_compat.pyo
+${PYSITELIB}/ecdsa/_rwlock.py
+${PYSITELIB}/ecdsa/_rwlock.pyc
+${PYSITELIB}/ecdsa/_rwlock.pyo
${PYSITELIB}/ecdsa/_version.py
${PYSITELIB}/ecdsa/_version.pyc
${PYSITELIB}/ecdsa/_version.pyo
@@ -15,6 +22,9 @@ ${PYSITELIB}/ecdsa/curves.pyo
${PYSITELIB}/ecdsa/der.py
${PYSITELIB}/ecdsa/der.pyc
${PYSITELIB}/ecdsa/der.pyo
+${PYSITELIB}/ecdsa/ecdh.py
+${PYSITELIB}/ecdsa/ecdh.pyc
+${PYSITELIB}/ecdsa/ecdh.pyo
${PYSITELIB}/ecdsa/ecdsa.py
${PYSITELIB}/ecdsa/ecdsa.pyc
${PYSITELIB}/ecdsa/ecdsa.pyo
@@ -30,12 +40,36 @@ ${PYSITELIB}/ecdsa/numbertheory.pyo
${PYSITELIB}/ecdsa/rfc6979.py
${PYSITELIB}/ecdsa/rfc6979.pyc
${PYSITELIB}/ecdsa/rfc6979.pyo
-${PYSITELIB}/ecdsa/six.py
-${PYSITELIB}/ecdsa/six.pyc
-${PYSITELIB}/ecdsa/six.pyo
+${PYSITELIB}/ecdsa/test_der.py
+${PYSITELIB}/ecdsa/test_der.pyc
+${PYSITELIB}/ecdsa/test_der.pyo
+${PYSITELIB}/ecdsa/test_ecdh.py
+${PYSITELIB}/ecdsa/test_ecdh.pyc
+${PYSITELIB}/ecdsa/test_ecdh.pyo
+${PYSITELIB}/ecdsa/test_ecdsa.py
+${PYSITELIB}/ecdsa/test_ecdsa.pyc
+${PYSITELIB}/ecdsa/test_ecdsa.pyo
+${PYSITELIB}/ecdsa/test_ellipticcurve.py
+${PYSITELIB}/ecdsa/test_ellipticcurve.pyc
+${PYSITELIB}/ecdsa/test_ellipticcurve.pyo
+${PYSITELIB}/ecdsa/test_jacobi.py
+${PYSITELIB}/ecdsa/test_jacobi.pyc
+${PYSITELIB}/ecdsa/test_jacobi.pyo
+${PYSITELIB}/ecdsa/test_keys.py
+${PYSITELIB}/ecdsa/test_keys.pyc
+${PYSITELIB}/ecdsa/test_keys.pyo
+${PYSITELIB}/ecdsa/test_malformed_sigs.py
+${PYSITELIB}/ecdsa/test_malformed_sigs.pyc
+${PYSITELIB}/ecdsa/test_malformed_sigs.pyo
+${PYSITELIB}/ecdsa/test_numbertheory.py
+${PYSITELIB}/ecdsa/test_numbertheory.pyc
+${PYSITELIB}/ecdsa/test_numbertheory.pyo
${PYSITELIB}/ecdsa/test_pyecdsa.py
${PYSITELIB}/ecdsa/test_pyecdsa.pyc
${PYSITELIB}/ecdsa/test_pyecdsa.pyo
+${PYSITELIB}/ecdsa/test_rw_lock.py
+${PYSITELIB}/ecdsa/test_rw_lock.pyc
+${PYSITELIB}/ecdsa/test_rw_lock.pyo
${PYSITELIB}/ecdsa/util.py
${PYSITELIB}/ecdsa/util.pyc
${PYSITELIB}/ecdsa/util.pyo
diff --git a/security/py-ecdsa/distinfo b/security/py-ecdsa/distinfo
index aa491f44855..b744ddc02a6 100644
--- a/security/py-ecdsa/distinfo
+++ b/security/py-ecdsa/distinfo
@@ -1,6 +1,6 @@
$NetBSD: distinfo,v 1.7 2015/11/04 01:18:03 agc Exp $
=20
-SHA1 (python-ecdsa-0.13.tar.gz) =3D =
f23d77b03f3e62a9298579ccf897a305c618a6f2
-RMD160 (python-ecdsa-0.13.tar.gz) =3D =
7d7e2bb73649dba507f6389b8f909d251346e1fc
-SHA512 (python-ecdsa-0.13.tar.gz) =3D =
540b85bc11963b369a2b77adcae132fbac8d267c34c865207b434f013c3d82a9ed118e22e7=
ce73f85c2ddd5a629926a29ec1b92b56f2a350bb155b53cdb60244
-Size (python-ecdsa-0.13.tar.gz) =3D 58966 bytes
+SHA1 (ecdsa-0.15.tar.gz) =3D 5ac84f3012d807793bcb98a8e9c86c63b9965596
+RMD160 (ecdsa-0.15.tar.gz) =3D aaeba796ec51455deb06d4accc01535aeac26302
+SHA512 (ecdsa-0.15.tar.gz) =3D =
7b7491d1abdb5ca43456d943c96525fa5d722635c496bbddd04ef8e1baad9dc0aef3d1752a=
fea7820f7796421b18295ee260657ec1e8faf7564613b316c0d603
+Size (ecdsa-0.15.tar.gz) =3D 122119 bytes
Responsible-Changed-From-To: gls->bsiegert
Responsible-Changed-By: bsiegert@NetBSD.org
Responsible-Changed-When: Thu, 27 Feb 2020 16:56:18 +0000
Responsible-Changed-Why:
take
State-Changed-From-To: feedback->closed
State-Changed-By: bsiegert@NetBSD.org
State-Changed-When: Thu, 27 Feb 2020 16:56:18 +0000
State-Changed-Why:
I committed your second patch. Thanks!
From: "Benny Siegert" <bsiegert@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/54883 CVS commit: pkgsrc/security/py-ecdsa
Date: Thu, 27 Feb 2020 16:55:07 +0000
Module Name: pkgsrc
Committed By: bsiegert
Date: Thu Feb 27 16:55:07 UTC 2020
Modified Files:
pkgsrc/security/py-ecdsa: Makefile PLIST distinfo
Log Message:
Update py-ecdsa to 0.15.
Patch from Jonathan Schleifer via PR pkg/54883.
Contains a fix for broken signature verification.
To generate a diff of this commit:
cvs rdiff -u -r1.7 -r1.8 pkgsrc/security/py-ecdsa/Makefile \
pkgsrc/security/py-ecdsa/distinfo
cvs rdiff -u -r1.3 -r1.4 pkgsrc/security/py-ecdsa/PLIST
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
>Unformatted:
(Contact us)
$NetBSD: query-full-pr,v 1.46 2020/01/03 16:35:01 leot Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2020
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.
Home