From 6907f30f17878b3776e13e68c9d66756c8ac8402 Mon Sep 17 00:00:00 2001
From: Max Rees <maxcrees@me.com>
Date: Tue, 6 Aug 2019 01:00:43 -0500
Subject: system/python3: [CVE] bump to 3.6.9

---
 system/python3/APKBUILD | 19 ++++++++++---------
 1 file changed, 10 insertions(+), 9 deletions(-)

(limited to 'system/python3/APKBUILD')

diff --git a/system/python3/APKBUILD b/system/python3/APKBUILD
index 0bb9db2a2..f14f72b1c 100644
--- a/system/python3/APKBUILD
+++ b/system/python3/APKBUILD
@@ -1,7 +1,7 @@
 # Contributor: Kiyoshi Aman <kiyoshi.aman@gmail.com>
 # Maintainer: A. Wilcox <awilfox@adelielinux.org>
 pkgname=python3
-pkgver=3.6.8
+pkgver=3.6.9
 _basever="${pkgver%.*}"
 pkgrel=0
 pkgdesc="A high-level scripting language"
@@ -40,19 +40,23 @@ makedepends="expat-dev openssl-dev zlib-dev ncurses-dev bzip2-dev xz-dev
 source="https://www.python.org/ftp/python/$pkgver/Python-$pkgver.tar.xz
 	musl-find_library.patch
 	fix-xattrs-glibc.patch
-	CVE-2019-9636.patch
-	CVE-2019-9740-and-9947.patch
-	test-fix-selfsign-cert.patch
 	"
 builddir="$srcdir/Python-$pkgver"
 
 # secfixes: python
+#   3.6.5-r0:
+#     - CVE-2018-1060
+#     - CVE-2018-1061
 #   3.6.8-r0:
 #     - CVE-2018-14647
 #     - CVE-2018-20406
 #     - CVE-2019-9636
 #     - CVE-2019-9740
 #     - CVE-2019-9947
+#   3.6.9-r0:
+#     - CVE-2018-20852
+#     - CVE-2019-5010
+#     - CVE-2019-9948
 
 prepare() {
 	default_prepare
@@ -172,9 +176,6 @@ wininst() {
 		"$subpkgdir"/usr/lib/python$_basever/distutils/command
 }
 
-sha512sums="b17867e451ebe662f50df83ed112d3656c089e7d750651ea640052b01b713b58e66aac9e082f71fd16f5b5510bc9b797f5ccd30f5399581e9aa406197f02938a  Python-3.6.8.tar.xz
+sha512sums="05de9c6f44d96a52bfce10ede4312de892573edaf8bece65926d19973a3a800d65eed7a857af945f69efcfb25efa3788e7a54016b03d80b611eb51c3ea074819  Python-3.6.9.tar.xz
 ab8eaa2858d5109049b1f9f553198d40e0ef8d78211ad6455f7b491af525bffb16738fed60fc84e960c4889568d25753b9e4a1494834fea48291b33f07000ec2  musl-find_library.patch
-37b6ee5d0d5de43799316aa111423ba5a666c17dc7f81b04c330f59c1d1565540eac4c585abe2199bbed52ebe7426001edb1c53bd0a17486a2a8e052d0f494ad  fix-xattrs-glibc.patch
-bf2ec0bdba63b714f99aa9783a31ab935b234cabe4dc482769462a55bd572c74e03f192fbc5e8a7e2b9a887a5eef7dc0c3819fb464b656f73b500d1b65b591ad  CVE-2019-9636.patch
-daae79c8d914f0afe3c09ef15fa2838958e3d9a45e37bb7ebf84ce431b3635f48744011c640e0f6696922db76da199a55befb3754e335660b6d25f3dad2a8c4e  CVE-2019-9740-and-9947.patch
-34bb7353e93f74a0f70d9b44f9bb9a6561c47a6d2169e08390818113bcb8b25c6660dfab2c2ef2aba6c08805e71719227baf01285da7f8276c61fba422a1bad2  test-fix-selfsign-cert.patch"
+37b6ee5d0d5de43799316aa111423ba5a666c17dc7f81b04c330f59c1d1565540eac4c585abe2199bbed52ebe7426001edb1c53bd0a17486a2a8e052d0f494ad  fix-xattrs-glibc.patch"
-- 
cgit v1.2.3-60-g2f50