package/python-future: security bump to version 0.18.3

Fix CVE-2022-40899: An issue discovered in Python Charmers Future 0.18.2 and earlier allows remote attackers to cause a denial of service via crafted Set-Cookie header from malicious web server. https://github.com/PythonCharmers/python-future/releases/tag/v0.18.3 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> (cherry picked from commit 51eb81ddcf) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-01-20 20:29:52 +01:00 · 2023-01-20 20:29:52 +01:00 · 14e35225d8
parent 4631f48fe7
commit 14e35225d8
2 changed files with 5 additions and 5 deletions
--- a/package/python-future/python-future.hash
+++ b/package/python-future/python-future.hash
@ -1,5 +1,5 @@
-# md5, sha256 from https://pypi.python.org/pypi/future/json
-md5  e4579c836b9c025872efe230f6270349  future-0.18.2.tar.gz
-sha256  b1bead90b70cf6ec3f0710ae53a525360fa360d306a86583adc6bf83a4db537d  future-0.18.2.tar.gz
+# md5, sha256 from https://pypi.org/pypi/future/json
+md5  dedcb70d14b23388670d54145aab8be4  future-0.18.3.tar.gz
+sha256  34a17436ed1e96697a86f9de3d15a3b0be01d8bc8de9c1dffd59fb8234ed5307  future-0.18.3.tar.gz
 # Locally computed sha256 checksums
 sha256  916e561392d48471b9c23437f56e2652f320cb3b119ceaa162edf41016f746b9  LICENSE.txt
--- a/package/python-future/python-future.mk
+++ b/package/python-future/python-future.mk
@ -4,9 +4,9 @@
 #
 ################################################################################

-PYTHON_FUTURE_VERSION = 0.18.2
+PYTHON_FUTURE_VERSION = 0.18.3
 PYTHON_FUTURE_SOURCE = future-$(PYTHON_FUTURE_VERSION).tar.gz
-PYTHON_FUTURE_SITE = https://files.pythonhosted.org/packages/45/0b/38b06fd9b92dc2b68d58b75f900e97884c45bedd2ff83203d933cf5851c9
+PYTHON_FUTURE_SITE = https://files.pythonhosted.org/packages/8f/2e/cf6accf7415237d6faeeebdc7832023c90e0282aa16fd3263db0eb4715ec
 PYTHON_FUTURE_SETUP_TYPE = setuptools
 PYTHON_FUTURE_LICENSE = MIT
 PYTHON_FUTURE_LICENSE_FILES = LICENSE.txt