K 10
svn:author
V 8
jpaetzel
K 8
svn:date
V 27
2020-04-28T14:52:41.003210Z
K 7
svn:log
V 545
MFH: r533167

Update to 5.3.1

This release contains a security fix for CVE-2020-1747. FullLoader was still
exploitable for arbitrary command execution.
https://bugzilla.redhat.com/show_bug.cgi?id=1807367

Thanks to Riccardo Schirone (https://github.com/ret2libc) for both reporting
this and providing the fixes to resolve it.

  - https://github.com/yaml/pyyaml/pull/386

PR:	245937
Submitted by:	daniel.engberg.lists@pyret.net
Security:	http://vuxml.freebsd.org/freebsd/aae8fecf-888e-11ea-9714-08002718de91.html

Approved by:	portmgr (joneum)

END