<pre style='margin:0'>
Ryan Carsten Schmidt (ryandesign) pushed a commit to branch master
in repository macports-ports.

</pre>
<p><a href="https://github.com/macports/macports-ports/commit/de9421a1e8d0be182152be0d3e4955328233de6a">https://github.com/macports/macports-ports/commit/de9421a1e8d0be182152be0d3e4955328233de6a</a></p>
<pre style="white-space: pre; background: #F8F8F8">The following commit(s) were added to refs/heads/master by this push:
<span style='display:block; white-space:pre;color:#404040;'>     new de9421a1e8d xz: Update to 5.4.7
</span>de9421a1e8d is described below

<span style='display:block; white-space:pre;color:#808000;'>commit de9421a1e8d0be182152be0d3e4955328233de6a
</span>Author: Ryan Carsten Schmidt <ryandesign@macports.org>
AuthorDate: Mon Jun 3 07:56:36 2024 -0500

<span style='display:block; white-space:pre;color:#404040;'>    xz: Update to 5.4.7
</span>---
 archivers/xz/Portfile | 15 +++++----------
 1 file changed, 5 insertions(+), 10 deletions(-)

<span style='display:block; white-space:pre;color:#808080;'>diff --git a/archivers/xz/Portfile b/archivers/xz/Portfile
</span><span style='display:block; white-space:pre;color:#808080;'>index 339fb56b10f..11f41a7417c 100644
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>--- a/archivers/xz/Portfile
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>+++ b/archivers/xz/Portfile
</span><span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -5,17 +5,12 @@ PortGroup       clang_dependency 1.0
</span> PortGroup       github 1.0
 
 epoch           1
<span style='display:block; white-space:pre;background:#ffe0e0;'>-github.setup    tukaani-project xz 5.4.6 v
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-# DO NOT UPDATE to version 5.6.x which contains malware.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-# 5.8.0 and later are expected to be ok.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+# 5.6.0 and 5.6.1 contained Linux-specific malware. 5.6.2 and later are OK.
</span> # https://tukaani.org/xz-backdoor/
<span style='display:block; white-space:pre;background:#ffe0e0;'>-# https://lists.macports.org/pipermail/macports-dev/2024-March/045563.html
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-# https://lists.debian.org/debian-security-announce/2024/msg00057.html
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-# https://www.openwall.com/lists/oss-security/2024/03/29/4
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-# https://github.com/tukaani-project/xz/issues/92
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-checksums       rmd160  b520491a5cae36c5295859d51eee5573a5953a1f \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-                sha256  913851b274e8e1d31781ec949f1c23e8dbcf0ecf6e73a2436dc21769dd3e6f49 \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-                size    2181925
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+github.setup    tukaani-project xz 5.4.7 v
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+checksums       rmd160  b78831a070fde3715fdac3a509c6a66bd8f87a93 \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+                sha256  9976ed9cd0764e962d852d7d519ee1c3a7f87aca3b86e5d021a45650ba3ecb41 \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+                size    2166519
</span> 
 categories      archivers
 # some executables are GPL, libs and everything else are public domain
</pre><pre style='margin:0'>

</pre>