Bug 248753

Summary: [exp-run] lang/python37: Update to 3.7.9
Product: Ports & Packages Reporter: Wen Heping <wen>
Component: Individual Port(s)Assignee: Wen Heping <wen>
Status: Closed FIXED    
Severity: Affects Only Me CC: freebsd, i.dani, lwhsu, nevecherya, thierry, wen
Priority: --- Keywords: needs-patch
Version: LatestFlags: lwhsu: merge-quarterly+
antoine: exp-run+
Hardware: Any   
OS: Any   
See Also: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=252916
Attachments:
Description Flags
Update to 3.7.9
none
update to 3.7.9
none
Update python doc size and checksum none

Description Wen Heping freebsd_committer freebsd_triage 2020-08-19 15:03:34 UTC 
Created attachment 217338 [details]
Update to 3.7.9

Update to 3.7.9
Comment 1 Wen Heping freebsd_committer freebsd_triage 2020-08-19 16:04:17 UTC 
Created attachment 217342 [details]
update to 3.7.9

update to 3.7.9
Comment 2 Antoine Brodin freebsd_committer freebsd_triage 2020-08-20 09:23:24 UTC 
The checksums and sizes look wrong
Comment 3 Wen Heping freebsd_committer freebsd_triage 2020-08-21 15:39:29 UTC 
(In reply to Antoine Brodin from comment #2)
I check again, the size and md5 of python-3.7.9.tar.xz both are the same as upstream.
The size of the 4 doc files are the same as upstream too.

wen
Comment 4 Antoine Brodin freebsd_committer freebsd_triage 2020-08-21 15:42:42 UTC 
Please check again,  for instance

fetch: https://www.python.org/ftp/python/doc/3.7.9/python-3.7.9-docs-text.tar.bz2: size mismatch: expected 2295112, actual 2291659
Comment 5 Wen Heping freebsd_committer freebsd_triage 2020-08-21 15:48:21 UTC 
(In reply to Antoine Brodin from comment #4)
I download the file here:
https://docs.python.org/3.7/archives/
Comment 6 Antoine Brodin freebsd_committer freebsd_triage 2020-08-21 16:43:51 UTC 
% make -C lang/python-doc-text fetch-urlall-list MASTER_SITE_BACKUP=
https://www.python.org/ftp/python/doc/3.7.9/python-3.7.9-docs-text.tar.bz2
https://www.python.org/ftp/python/doc/current/python-3.7.9-docs-text.tar.bz2
Comment 7 Michael Büker 2020-08-23 09:45:18 UTC 
I suggest raising the importance, as the current Python 3.7.8 is vulnerable: https://vuxml.freebsd.org/freebsd/3fcb70a4-e22d-11ea-98b2-080027846a02.html
Comment 8 Antoine Brodin freebsd_committer freebsd_triage 2020-08-23 10:09:39 UTC 
Comment on attachment 217342 [details]
update to 3.7.9

Mark obsolete, has wrong checksums and sizes
Comment 9 Wen Heping freebsd_committer freebsd_triage 2020-08-23 15:30:51 UTC 
Created attachment 217456 [details]
Update python doc size and checksum
Comment 10 Antoine Brodin freebsd_committer freebsd_triage 2020-08-25 21:12:26 UTC 
Exp-run looks fine
Comment 11 commit-hook freebsd_committer freebsd_triage 2020-08-26 14:20:56 UTC 
A commit references this bug:

Author: wen
Date: Wed Aug 26 14:20:20 UTC 2020
New revision: 546286
URL: https://svnweb.freebsd.org/changeset/ports/546286

Log:
  - Update to 3.7.9(security update)

  PR:		248753
  Submitted by:	wen@(myself)
  Exp-run by:	antoine@
  MFH:		2020Q3
  Security:	CVE-2020-15801, CVE-2020-15523, CVE-2020-14422

Changes:
  head/lang/python-doc-html/distinfo
  head/lang/python37/Makefile
  head/lang/python37/Makefile.version
  head/lang/python37/distinfo
  head/lang/python37/pkg-plist
Comment 12 commit-hook freebsd_committer freebsd_triage 2020-08-28 23:10:43 UTC 
A commit references this bug:

Author: wen
Date: Fri Aug 28 23:10:28 UTC 2020
New revision: 546849
URL: https://svnweb.freebsd.org/changeset/ports/546849

Log:
  MFH: r546286

  - Update to 3.7.9(security update)

  PR:		248753
  Submitted by:	wen@(myself)
  Exp-run by:	antoine@
  Security:	CVE-2020-15801, CVE-2020-15523, CVE-2020-14422

  Approved by:	ports-secteam@(joneum@)

Changes:
_U  branches/2020Q3/
  branches/2020Q3/lang/python-doc-html/distinfo
  branches/2020Q3/lang/python37/Makefile.version
  branches/2020Q3/lang/python37/distinfo
  branches/2020Q3/lang/python37/pkg-plist
Comment 13 Thierry Thomas freebsd_committer freebsd_triage 2021-01-22 17:18:21 UTC 
This broke french/aster.
See https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=252916