From 33480066f266d783d7a66cffc5a1e8d78f5f929e Mon Sep 17 00:00:00 2001
From: Andreas Billmeier <b@edevau.net>
Date: Mon, 9 Dec 2019 17:51:46 +0100
Subject: [PATCH] bump pyyaml-5.2.0

---
 CHANGELOG.txt                                 |  3 ++
 dev-python/pyyaml/Manifest                    |  3 ++
 .../files/pyyaml-5.2.0-cve-2017-18342.patch   | 40 +++++++++++++++
 dev-python/pyyaml/pyyaml-5.2.0.ebuild         | 49 +++++++++++++++++++
 4 files changed, 95 insertions(+)
 create mode 100644 dev-python/pyyaml/files/pyyaml-5.2.0-cve-2017-18342.patch
 create mode 100644 dev-python/pyyaml/pyyaml-5.2.0.ebuild

diff --git a/CHANGELOG.txt b/CHANGELOG.txt
index a4529538c..2404ad927 100644
--- a/CHANGELOG.txt
+++ b/CHANGELOG.txt
@@ -1,3 +1,6 @@
+2019-12-09
+	* bump pyyaml-5.2.0
+
 2019-12-05
 	* bump pyhomematic-0.1.62
 	* bump georss-generic-client-0.3 and georss-client-0.10
diff --git a/dev-python/pyyaml/Manifest b/dev-python/pyyaml/Manifest
index 077527f97..e2108dfb6 100644
--- a/dev-python/pyyaml/Manifest
+++ b/dev-python/pyyaml/Manifest
@@ -1,7 +1,10 @@
 AUX pyyaml-5.1.1-cve-2017-18342.patch 1420 BLAKE2B bf053ed121355aea1e44f9bd29b22c9afbca7b99b68e59a6e213d2723531044049964dcb20dbc036ee27ae8bcc2c26e317cf080637e611fa0105a9d451496125 SHA512 8e7737761555d851b21ca61128d2ced4163d446acb87510b6962a20dc217923bcf835d70224c9e721486351e0aeb57f9f3c570b57086a0a00c3e8ac656a458c5
 AUX pyyaml-5.1.2-cve-2017-18342.patch 1420 BLAKE2B bf053ed121355aea1e44f9bd29b22c9afbca7b99b68e59a6e213d2723531044049964dcb20dbc036ee27ae8bcc2c26e317cf080637e611fa0105a9d451496125 SHA512 8e7737761555d851b21ca61128d2ced4163d446acb87510b6962a20dc217923bcf835d70224c9e721486351e0aeb57f9f3c570b57086a0a00c3e8ac656a458c5
+AUX pyyaml-5.2.0-cve-2017-18342.patch 1420 BLAKE2B bf053ed121355aea1e44f9bd29b22c9afbca7b99b68e59a6e213d2723531044049964dcb20dbc036ee27ae8bcc2c26e317cf080637e611fa0105a9d451496125 SHA512 8e7737761555d851b21ca61128d2ced4163d446acb87510b6962a20dc217923bcf835d70224c9e721486351e0aeb57f9f3c570b57086a0a00c3e8ac656a458c5
 DIST PyYAML-5.1.1.tar.gz 274442 BLAKE2B 0235ea6a2cfefb0e99094be2a79331aebe0642d104bbcdfb037f45cb2f07e193daffc0bc9f307f677b9f37078e1bdedfd5371ae92272a981aee3b8b135502750 SHA512 fa47fb2d2903506c55e3651ec130ad5472168e0257eabec8fdf329336f60d9ef36df0f8c4eb7d5ab913f3037120048b02f715aa2215085b3b1ce936cdcff77bf
 DIST PyYAML-5.1.2.tar.gz 265034 BLAKE2B a3f6fe4a0c0a24f8934b94545e7727fad26b397755416a8127bd52fd9ea5e8fea3c6452ddfbd91edfa2e8ca88522b1ae9061c9221f394c8fa4cbd1c2dc256f72 SHA512 b5ee201c612486a95c87b7e41d474313160284359b8b30ababc80b51325aef9dd7dc27eb3b8a03a4749cb8c7e3789c5684d5c285fe35d4b20be1f189641531e0
+DIST pyyaml-5.2.0.tar.gz 164599 BLAKE2B 227db3952eed6ff16a872895d39f8fa40086f742fa233faf96e299e0bd93feff447c2dcebf77b933dc8bed9f446cbbe005331288d13a16f206503b45d34a6033 SHA512 8d8ec87cf5ce7f4299da5a7ffbaee60372bf1606d6e527f0897cde7cea3234100502767c0975027151bc99549d9d8edf243c003ea08948670f367e9778abdc89
 EBUILD pyyaml-5.1.1.ebuild 1148 BLAKE2B 2fb99abcf514207f3520a6807c3006b5a3ff35308cf32a5f98fda137960baa506fa19ceccf5c88cb7daa61c052e4283241ab7c8344c0a05f8dd04499bf2a68fa SHA512 69207f06ec14c57839b9251f4f30b15ca4467d0c4ede51d421aa7462d3275da54428e622b7c66df0b23bb625e4dcd74d169f108d2b3ea14d63fb93902982698b
 EBUILD pyyaml-5.1.2.ebuild 1148 BLAKE2B 2fb99abcf514207f3520a6807c3006b5a3ff35308cf32a5f98fda137960baa506fa19ceccf5c88cb7daa61c052e4283241ab7c8344c0a05f8dd04499bf2a68fa SHA512 69207f06ec14c57839b9251f4f30b15ca4467d0c4ede51d421aa7462d3275da54428e622b7c66df0b23bb625e4dcd74d169f108d2b3ea14d63fb93902982698b
+EBUILD pyyaml-5.2.0.ebuild 1320 BLAKE2B e0ed8e34f7bb7791753ca61de88d1041128d172fb0677fe9e782f08ec8eb1da80163feec670cd6b1053475f1d66b54d490ebff11a61fe0c9dc8f0775297d066c SHA512 da3897d199047f06564642d9c8a4b1fd8710110b7ba51e5c95dbaa4e4d86f96d5e2baba7330b9a49bc78e6d434249c6380fdb0de3d4daf6733fa4e978101b306
 MISC metadata.xml 345 BLAKE2B 8c26b8b05b08ed9abab5ed2cb36552dc9af33ee2b30cf3ebe551576d7ad44908b3dff195cd7f1a3f5af9323d17eadee407e42bfeb99150be2a0ac4b48653c1eb SHA512 1fdee5219c989b3edf11bdb63264c6ca6bd54fb1f44907bf20ce7ee6b1968c9c6f2c94363698be87d92eb6cd07a034acca7dbcffaeac40d2add8d57a240772da
diff --git a/dev-python/pyyaml/files/pyyaml-5.2.0-cve-2017-18342.patch b/dev-python/pyyaml/files/pyyaml-5.2.0-cve-2017-18342.patch
new file mode 100644
index 000000000..28626ba9e
--- /dev/null
+++ b/dev-python/pyyaml/files/pyyaml-5.2.0-cve-2017-18342.patch
@@ -0,0 +1,40 @@
+diff --git a/lib/yaml/__init__.py b/lib/yaml/__init__.py
+index e7a419d..5f80761 100644
+--- a/lib/yaml/__init__.py
++++ b/lib/yaml/__init__.py
+@@ -106,6 +106,7 @@ def load(stream, Loader=None):
+     and produce the corresponding Python object.
+     """
+     if Loader is None:
++        raise RuntimeError("Unsafe load() call disabled by Gentoo. See bug #659348")
+         load_warning('load')
+         Loader = FullLoader
+ 
+@@ -121,6 +122,7 @@ def load_all(stream, Loader=None):
+     and produce corresponding Python objects.
+     """
+     if Loader is None:
++        raise RuntimeError("Unsafe load() call disabled by Gentoo. See bug #659348")
+         load_warning('load_all')
+         Loader = FullLoader
+ 
+diff --git a/lib3/yaml/__init__.py b/lib3/yaml/__init__.py
+index 5df0bb5..6952ba5 100644
+--- a/lib3/yaml/__init__.py
++++ b/lib3/yaml/__init__.py
+@@ -106,6 +106,7 @@ def load(stream, Loader=None):
+     and produce the corresponding Python object.
+     """
+     if Loader is None:
++        raise RuntimeError("Unsafe load() call disabled by Gentoo. See bug #659348")
+         load_warning('load')
+         Loader = FullLoader
+ 
+@@ -121,6 +122,7 @@ def load_all(stream, Loader=None):
+     and produce corresponding Python objects.
+     """
+     if Loader is None:
++        raise RuntimeError("Unsafe load() call disabled by Gentoo. See bug #659348")
+         load_warning('load_all')
+         Loader = FullLoader
+ 
diff --git a/dev-python/pyyaml/pyyaml-5.2.0.ebuild b/dev-python/pyyaml/pyyaml-5.2.0.ebuild
new file mode 100644
index 000000000..3b237b553
--- /dev/null
+++ b/dev-python/pyyaml/pyyaml-5.2.0.ebuild
@@ -0,0 +1,49 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+PYTHON_COMPAT=( python2_7 python3_{5,6,7} pypy pypy3 )
+
+inherit distutils-r1
+
+MY_P="PyYAML-${PV}"
+MY_PN="${MY_P}-${PV}"
+
+DESCRIPTION="YAML parser and emitter for Python"
+HOMEPAGE="https://pyyaml.org/wiki/PyYAML https://pypi.org/project/PyYAML/"
+#SRC_URI="https://pyyaml.org/download/${PN}/${MY_P}.tar.gz"
+#SRC_URI="mirror://pypi/${PN:0:1}/${MY_PN}/${MY_P}.tar.gz -> ${P}.tar.gz"
+SRC_URI="https://github.com/yaml/pyyaml/archive/5.2.tar.gz -> ${P}.tar.gz"
+
+LICENSE="MIT"
+SLOT="0"
+KEYWORDS="alpha amd64 arm arm64 hppa ia64 ~m68k ~mips ppc ppc64 ~riscv s390 ~sh sparc x86 ~x64-cygwin ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~x64-solaris ~x86-solaris"
+IUSE="examples libyaml"
+
+RDEPEND="libyaml? ( dev-libs/libyaml )"
+DEPEND="${RDEPEND}
+	libyaml? ( $(python_gen_cond_dep 'dev-python/cython[${PYTHON_USEDEP}]' python2_7 'python3*') )"
+
+S="${WORKDIR}/${MY_P}"
+
+PATCHES=(
+	# bug #659348
+	"${FILESDIR}/${P}-cve-2017-18342.patch"
+)
+
+python_configure_all() {
+	mydistutilsargs=( $(use_with libyaml) )
+}
+
+python_test() {
+	esetup.py test
+}
+
+python_install_all() {
+	distutils-r1_python_install_all
+	if use examples; then
+		dodoc -r examples
+		docompress -x /usr/share/doc/${PF}
+	fi
+}