Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

python:html5lib: 0.999 -> 0.999999999 #21299

Merged
merged 1 commit into from
Dec 25, 2016

Conversation

phanimahesh
Copy link
Contributor

Motivation for this change

fixes LWN vuln:709146
ref #21289: Vulnerability roundup 14

Things done

  • Tested using sandboxing
    (nix.useSandbox on NixOS,
    or option build-use-sandbox in nix.conf
    on non-NixOS)
  • Built on platform(s)
    • NixOS
    • macOS
    • Linux
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nox --run "nox-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Fits CONTRIBUTING.md.

nox-review wip build was taking too long, so aborted it. :/

fixes LWN vuln:709146
ref NixOS#21289: Vulnerability roundup 14
@mention-bot
Copy link

@phanimahesh, thanks for your PR! By analyzing the history of the files in this pull request, we identified @FRidh to be a potential reviewer.

@phanimahesh
Copy link
Contributor Author

Apparently needs update to webencodings. Will look at it later today, in 10 hours.

@FRidh
Copy link
Member

FRidh commented Dec 20, 2016

Seeing that version number made me go to the upstream issue tracker and wanting to open an issue saying what an **** they are for having such version number...but someone did it already before me, and a bit more subtle as well.

Anyway, please add the webencodings update as a separate commit to this PR.

@FRidh FRidh added 6.topic: python 8.has: package (update) This PR updates a package to a newer version labels Dec 20, 2016
@LnL7 LnL7 added the 1.severity: security Issues which raise a security issue, or PRs that fix one label Dec 20, 2016
@phanimahesh
Copy link
Contributor Author

It's hilarious. For anyone curious, I'll save you hunting around for the upstream issue. See html5lib/html5lib-python#282

@FRidh FRidh merged commit 757d10a into NixOS:master Dec 25, 2016
@phanimahesh
Copy link
Contributor Author

Sorry everyone, I should have copied over this comment to here too. Got occupied and had to push back on completing this.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
1.severity: security Issues which raise a security issue, or PRs that fix one 6.topic: python 8.has: package (update) This PR updates a package to a newer version
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants