head 1.5; access; symbols pkgsrc-2026Q1:1.5.0.36 pkgsrc-2026Q1-base:1.5 pkgsrc-2025Q4:1.5.0.34 pkgsrc-2025Q4-base:1.5 pkgsrc-2025Q3:1.5.0.32 pkgsrc-2025Q3-base:1.5 pkgsrc-2025Q2:1.5.0.30 pkgsrc-2025Q2-base:1.5 pkgsrc-2025Q1:1.5.0.28 pkgsrc-2025Q1-base:1.5 pkgsrc-2024Q4:1.5.0.26 pkgsrc-2024Q4-base:1.5 pkgsrc-2024Q3:1.5.0.24 pkgsrc-2024Q3-base:1.5 pkgsrc-2024Q2:1.5.0.22 pkgsrc-2024Q2-base:1.5 pkgsrc-2024Q1:1.5.0.20 pkgsrc-2024Q1-base:1.5 pkgsrc-2023Q4:1.5.0.18 pkgsrc-2023Q4-base:1.5 pkgsrc-2023Q3:1.5.0.16 pkgsrc-2023Q3-base:1.5 pkgsrc-2023Q2:1.5.0.14 pkgsrc-2023Q2-base:1.5 pkgsrc-2023Q1:1.5.0.12 pkgsrc-2023Q1-base:1.5 pkgsrc-2022Q4:1.5.0.10 pkgsrc-2022Q4-base:1.5 pkgsrc-2022Q3:1.5.0.8 pkgsrc-2022Q3-base:1.5 pkgsrc-2022Q2:1.5.0.6 pkgsrc-2022Q2-base:1.5 pkgsrc-2022Q1:1.5.0.4 pkgsrc-2022Q1-base:1.5 pkgsrc-2021Q4:1.5.0.2 pkgsrc-2021Q4-base:1.5 pkgsrc-2021Q3:1.3.0.16 pkgsrc-2021Q3-base:1.3 pkgsrc-2021Q2:1.3.0.14 pkgsrc-2021Q2-base:1.3 pkgsrc-2021Q1:1.3.0.12 pkgsrc-2021Q1-base:1.3 pkgsrc-2020Q4:1.3.0.10 pkgsrc-2020Q4-base:1.3 pkgsrc-2020Q3:1.3.0.8 pkgsrc-2020Q3-base:1.3 pkgsrc-2020Q2:1.3.0.6 pkgsrc-2020Q2-base:1.3 pkgsrc-2020Q1:1.3.0.2 pkgsrc-2020Q1-base:1.3 pkgsrc-2019Q4:1.3.0.4 pkgsrc-2019Q4-base:1.3 pkgsrc-2019Q3:1.2.0.6 pkgsrc-2019Q3-base:1.2 pkgsrc-2019Q2:1.2.0.4 pkgsrc-2019Q2-base:1.2 pkgsrc-2019Q1:1.2.0.2 pkgsrc-2019Q1-base:1.2 pkgsrc-2018Q4:1.1.0.14 pkgsrc-2018Q4-base:1.1 pkgsrc-2018Q3:1.1.0.12 pkgsrc-2018Q3-base:1.1 pkgsrc-2018Q2:1.1.0.10 pkgsrc-2018Q2-base:1.1 pkgsrc-2018Q1:1.1.0.8 pkgsrc-2018Q1-base:1.1 pkgsrc-2017Q4:1.1.0.6 pkgsrc-2017Q4-base:1.1 pkgsrc-2017Q3:1.1.0.4 pkgsrc-2017Q3-base:1.1; locks; strict; comment @# @; 1.5 date 2021.10.26.11.17.47; author nia; state Exp; branches; next 1.4; commitid PNswNV9GDLZeojeD; 1.4 date 2021.10.07.14.54.31; author nia; state Exp; branches; next 1.3; commitid nfjKlj1wTplMcTbD; 1.3 date 2019.11.13.15.06.44; author adam; state Exp; branches; next 1.2; commitid 7nrPJTPHJnIhAHKB; 1.2 date 2019.01.17.13.22.00; author adam; state Exp; branches; next 1.1; commitid SX85pB6ZQoTdE88B; 1.1 date 2017.07.03.21.03.29; author adam; state Exp; branches; next ; commitid idozwkverkIDiPXz; desc @@ 1.5 log @security: Replace RMD160 checksums with BLAKE2s checksums All checksums have been double-checked against existing RMD160 and SHA512 hashes Unfetchable distfiles (fetched conditionally?): ./security/cyrus-sasl/distinfo cyrus-sasl-dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d.patch.v2 @ text @$NetBSD: distinfo,v 1.4 2021/10/07 14:54:31 nia Exp $ BLAKE2s (mohawk-1.1.0.tar.gz) = 8f7023cc928ea15a74e32a76c5ec289a5068eb061410f7348d572d2d3e73d41a SHA512 (mohawk-1.1.0.tar.gz) = 1e4a55f62f759dd00d7acef00d4c447b98c0c06bd142574abd20f8309ba12b2209d1690d59687807306a8808aa5a39871508517981846ee1c9a8bc603ef443a5 Size (mohawk-1.1.0.tar.gz) = 18507 bytes @ 1.4 log @security: Remove SHA1 hashes for distfiles @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.3 2019/11/13 15:06:44 adam Exp $ d3 1 a3 1 RMD160 (mohawk-1.1.0.tar.gz) = 9998b8d8617f61805b64ac78aee2a45e5f837d9e @ 1.3 log @py-mohawk: updated to 1.1.0 1.1.0: Support passing file-like objects (those implementing .read(n)) as the content parameter for Resources. See mohawk.Sender for details. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.2 2019/01/17 13:22:00 adam Exp $ a2 1 SHA1 (mohawk-1.1.0.tar.gz) = c1f40f98a43a9094c481d49ad5af3409da6728a3 @ 1.2 log @py-mohawk: updated to 1.0.0 1.0.0: Security related: Bewit MACs were not compared in constant time and were thus possibly circumventable by an attacker. Breaking change: Escape characters in header values (such as a back slash) are no longer allowed, potentially breaking clients that depended on this behavior. See https://github.com/kumar303/mohawk/issues/34 A sender is allowed to omit the content hash as long as their request has no content. The mohawk.Receiver will skip the content hash check in this situation, regardless of the value of accept_untrusted_content. See Empty requests for more details. Introduced max limit of 4096 characters in the Authorization header Changed default values of content and content_type arguments to mohawk.base.EmptyValue in order to differentiate between misconfiguration and cases where these arguments are explicitly given as None (as with some web frameworks). See Skipping content checks for more details. Failing to pass content and content_type arguments to mohawk.Receiver or mohawk.Sender.accept_response() without specifying accept_untrusted_content=True will now raise mohawk.exc.MissingContent instead of ValueError. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.1 2017/07/03 21:03:29 adam Exp $ d3 4 a6 4 SHA1 (mohawk-1.0.0.tar.gz) = 31969339d4debbace957dd8a1e62c91fc1c319d7 RMD160 (mohawk-1.0.0.tar.gz) = d9a7d4528668a10d5f7092378bf9443a849b756d SHA512 (mohawk-1.0.0.tar.gz) = 5bd360f26276181b1384d62e0929b2dc52e9cce39bf9293e85eef94bfc70b91954bc8ac1eb869fb7a8073cec17daf66c67e4c4af726c9f231792f2cb2f0bc7ac Size (mohawk-1.0.0.tar.gz) = 17593 bytes @ 1.1 log @Mohawk is an alternate Python implementation of the Hawk HTTP authorization scheme. Hawk lets two parties securely communicate with each other using messages signed by a shared key. It is based on HTTP MAC access authentication (which was based on parts of OAuth 1.0). The Mohawk API is a little different from that of the Node library (i.e. the living Hawk spec). It was redesigned to be more intuitive to developers, less prone to security problems, and more Pythonic. @ text @d1 1 a1 1 $NetBSD$ d3 4 a6 4 SHA1 (mohawk-0.3.4.tar.gz) = c164f113a0bfbb38f9fc36c25bc5520b27b0b283 RMD160 (mohawk-0.3.4.tar.gz) = df9a7812085cc06fa7106301d5ce04613d46fbce SHA512 (mohawk-0.3.4.tar.gz) = f5a5d99d80e7806f92d5078d4d6a7f0b1fd1d4759a9897cfd178fe1ed07b27831c707dbd9b8b6a735d392845e532f2805e27cfd78e69ea72f22efaac1dafc9a5 Size (mohawk-0.3.4.tar.gz) = 15616 bytes @