From ebe4ad56fe833bd3dac4a91905612371442bd5e8 Mon Sep 17 00:00:00 2001 From: MSVSphere Packaging Team Date: Thu, 28 Mar 2024 18:13:48 +0300 Subject: [PATCH] import python-urllib3-1.26.5-5.el9 --- .gitignore | 1 + .python-urllib3.metadata | 1 + SOURCES/CVE-2023-43804.patch | 53 ++++ SOURCES/CVE-2023-45803.patch | 94 +++++++ SOURCES/ssl_match_hostname_py3.py | 1 + SPECS/python-urllib3.spec | 432 ++++++++++++++++++++++++++++++ 6 files changed, 582 insertions(+) create mode 100644 .gitignore create mode 100644 .python-urllib3.metadata create mode 100644 SOURCES/CVE-2023-43804.patch create mode 100644 SOURCES/CVE-2023-45803.patch create mode 100644 SOURCES/ssl_match_hostname_py3.py create mode 100644 SPECS/python-urllib3.spec diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..8eff9dc --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +SOURCES/urllib3-1.26.5.tar.gz diff --git a/.python-urllib3.metadata b/.python-urllib3.metadata new file mode 100644 index 0000000..0099e14 --- /dev/null +++ b/.python-urllib3.metadata @@ -0,0 +1 @@ +2870de19c1a575dab12f5d65080ed65d4957d4b2 SOURCES/urllib3-1.26.5.tar.gz diff --git a/SOURCES/CVE-2023-43804.patch b/SOURCES/CVE-2023-43804.patch new file mode 100644 index 0000000..e685755 --- /dev/null +++ b/SOURCES/CVE-2023-43804.patch @@ -0,0 +1,53 @@ +From 5fe72b64a10e9cb5c5e2b9de46401b6c7bb226e9 Mon Sep 17 00:00:00 2001 +From: Lumir Balhar +Date: Thu, 12 Oct 2023 14:27:36 +0200 +Subject: [PATCH] CVE-2023-43804 + +--- + src/urllib3/util/retry.py | 2 +- + test/test_retry.py | 2 +- + test/test_retry_deprecated.py | 2 +- + 3 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/src/urllib3/util/retry.py b/src/urllib3/util/retry.py +index 180e82b..63c02ee 100644 +--- a/src/urllib3/util/retry.py ++++ b/src/urllib3/util/retry.py +@@ -217,7 +217,7 @@ class Retry(object): + RETRY_AFTER_STATUS_CODES = frozenset([413, 429, 503]) + + #: Default headers to be used for ``remove_headers_on_redirect`` +- DEFAULT_REMOVE_HEADERS_ON_REDIRECT = frozenset(["Authorization"]) ++ DEFAULT_REMOVE_HEADERS_ON_REDIRECT = frozenset(["Cookie", "Authorization"]) + + #: Maximum backoff time. + BACKOFF_MAX = 120 +diff --git a/test/test_retry.py b/test/test_retry.py +index 3e71efe..e9270bb 100644 +--- a/test/test_retry.py ++++ b/test/test_retry.py +@@ -293,7 +293,7 @@ class TestRetry(object): + def test_retry_default_remove_headers_on_redirect(self): + retry = Retry() + +- assert list(retry.remove_headers_on_redirect) == ["authorization"] ++ assert retry.remove_headers_on_redirect == {"authorization", "cookie"} + + def test_retry_set_remove_headers_on_redirect(self): + retry = Retry(remove_headers_on_redirect=["X-API-Secret"]) +diff --git a/test/test_retry_deprecated.py b/test/test_retry_deprecated.py +index eafecc4..d18f94c 100644 +--- a/test/test_retry_deprecated.py ++++ b/test/test_retry_deprecated.py +@@ -295,7 +295,7 @@ class TestRetry(object): + def test_retry_default_remove_headers_on_redirect(self): + retry = Retry() + +- assert list(retry.remove_headers_on_redirect) == ["authorization"] ++ assert retry.remove_headers_on_redirect == {"authorization", "cookie"} + + def test_retry_set_remove_headers_on_redirect(self): + retry = Retry(remove_headers_on_redirect=["X-API-Secret"]) +-- +2.41.0 + diff --git a/SOURCES/CVE-2023-45803.patch b/SOURCES/CVE-2023-45803.patch new file mode 100644 index 0000000..a639836 --- /dev/null +++ b/SOURCES/CVE-2023-45803.patch @@ -0,0 +1,94 @@ +From d71ab28f104cac824c6036fa9b35cc2e2dd19bf8 Mon Sep 17 00:00:00 2001 +From: Lumir Balhar +Date: Tue, 12 Dec 2023 11:06:20 +0100 +Subject: [PATCH] Security fix for CVE-2023-45803 + +--- + src/urllib3/_collections.py | 18 ++++++++++++++++++ + src/urllib3/connectionpool.py | 5 +++++ + src/urllib3/poolmanager.py | 7 +++++-- + 3 files changed, 28 insertions(+), 2 deletions(-) + +diff --git a/src/urllib3/_collections.py b/src/urllib3/_collections.py +index da9857e..bceb845 100644 +--- a/src/urllib3/_collections.py ++++ b/src/urllib3/_collections.py +@@ -268,6 +268,24 @@ class HTTPHeaderDict(MutableMapping): + else: + return vals[1:] + ++ def _prepare_for_method_change(self): ++ """ ++ Remove content-specific header fields before changing the request ++ method to GET or HEAD according to RFC 9110, Section 15.4. ++ """ ++ content_specific_headers = [ ++ "Content-Encoding", ++ "Content-Language", ++ "Content-Location", ++ "Content-Type", ++ "Content-Length", ++ "Digest", ++ "Last-Modified", ++ ] ++ for header in content_specific_headers: ++ self.discard(header) ++ return self ++ + # Backwards compatibility for httplib + getheaders = getlist + getallmatchingheaders = getlist +diff --git a/src/urllib3/connectionpool.py b/src/urllib3/connectionpool.py +index 4018321..8f9ebb5 100644 +--- a/src/urllib3/connectionpool.py ++++ b/src/urllib3/connectionpool.py +@@ -36,6 +36,7 @@ from .exceptions import ( + from .packages import six + from .packages.six.moves import queue + from .packages.ssl_match_hostname import CertificateError ++from ._collections import HTTPHeaderDict + from .request import RequestMethods + from .response import HTTPResponse + from .util.connection import is_connection_dropped +@@ -800,7 +801,11 @@ class HTTPConnectionPool(ConnectionPool, RequestMethods): + redirect_location = redirect and response.get_redirect_location() + if redirect_location: + if response.status == 303: ++ # Change the method according to RFC 9110, Section 15.4.4. + method = "GET" ++ # And lose the body not to transfer anything sensitive. ++ body = None ++ headers = HTTPHeaderDict(headers)._prepare_for_method_change() + + try: + retries = retries.increment(method, url, response=response, _pool=self) +diff --git a/src/urllib3/poolmanager.py b/src/urllib3/poolmanager.py +index 3a31a28..7d4c22c 100644 +--- a/src/urllib3/poolmanager.py ++++ b/src/urllib3/poolmanager.py +@@ -4,7 +4,7 @@ import collections + import functools + import logging + +-from ._collections import RecentlyUsedContainer ++from ._collections import HTTPHeaderDict, RecentlyUsedContainer + from .connectionpool import HTTPConnectionPool, HTTPSConnectionPool, port_by_scheme + from .exceptions import ( + LocationValueError, +@@ -381,9 +381,12 @@ class PoolManager(RequestMethods): + # Support relative URLs for redirecting. + redirect_location = urljoin(url, redirect_location) + +- # RFC 7231, Section 6.4.4 + if response.status == 303: ++ # Change the method according to RFC 9110, Section 15.4.4. + method = "GET" ++ # And lose the body not to transfer anything sensitive. ++ kw["body"] = None ++ kw["headers"] = HTTPHeaderDict(kw["headers"])._prepare_for_method_change() + + retries = kw.get("retries") + if not isinstance(retries, Retry): +-- +2.43.0 + diff --git a/SOURCES/ssl_match_hostname_py3.py b/SOURCES/ssl_match_hostname_py3.py new file mode 100644 index 0000000..99d425a --- /dev/null +++ b/SOURCES/ssl_match_hostname_py3.py @@ -0,0 +1 @@ +from ssl import match_hostname, CertificateError diff --git a/SPECS/python-urllib3.spec b/SPECS/python-urllib3.spec new file mode 100644 index 0000000..aa321b6 --- /dev/null +++ b/SPECS/python-urllib3.spec @@ -0,0 +1,432 @@ +%global srcname urllib3 + +# Tests are disabled to remove the test dependencies +# Specify --with tests to run the tests on e.g. EPEL +%bcond_with tests + +Name: python-%{srcname} +Version: 1.26.5 +Release: 5%{?dist} +Summary: Python HTTP library with thread-safe connection pooling and file post + +License: MIT +URL: https://github.com/urllib3/urllib3 +Source0: %{url}/archive/%{version}/%{srcname}-%{version}.tar.gz +# Unbundle ssl_match_hostname since we depend on it +Source1: ssl_match_hostname_py3.py +BuildArch: noarch + +# CVE-2023-43804 +# Added the `Cookie` header to the list of headers to strip from +# requests when redirecting to a different host. As before, different headers +# can be set via `Retry.remove_headers_on_redirect`. +# Tests backported only partially as we don't use the whole part of +# testing with dummyserver. +# Tracking bug: https://bugzilla.redhat.com/show_bug.cgi?id=2242493 +# Upstream fix: https://github.com/urllib3/urllib3/commit/01220354d389cd05474713f8c982d05c9b17aafb +Patch1: CVE-2023-43804.patch + +# CVE-2023-45803 +# Remove HTTP request body when request method is changed. +# Tracking bug: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2023-45803 +# Upstream fix: https://github.com/urllib3/urllib3/commit/4e98d57809dacab1cbe625fddeec1a290c478ea9 +Patch2: CVE-2023-45803.patch + +%description +Python HTTP module with connection pooling and file POST abilities. + +%package -n python3-%{srcname} +Summary: Python3 HTTP library with thread-safe connection pooling and file post + +BuildRequires: python3-devel +BuildRequires: python3-setuptools +%if %{with tests} +BuildRequires: python3-dateutil +BuildRequires: python3-six +BuildRequires: python3-pysocks +BuildRequires: python3-pytest +BuildRequires: python3-pytest-freezegun +BuildRequires: python3-pytest-timeout +BuildRequires: python3-tornado +BuildRequires: python3-trustme +BuildRequires: python3-idna +%endif + +Requires: ca-certificates +Requires: python3-idna +Requires: python3-six +Requires: python3-pysocks + +%description -n python3-%{srcname} +Python3 HTTP module with connection pooling and file POST abilities. + + +%prep +%autosetup -p1 -n %{srcname}-%{version} +# Make sure that the RECENT_DATE value doesn't get too far behind what the current date is. +# RECENT_DATE must not be older that 2 years from the build time, or else test_recent_date +# (from test/test_connection.py) would fail. However, it shouldn't be to close to the build time either, +# since a user's system time could be set to a little in the past from what build time is (because of timezones, +# corner cases, etc). As stated in the comment in src/urllib3/connection.py: +# When updating RECENT_DATE, move it to within two years of the current date, +# and not less than 6 months ago. +# Example: if Today is 2018-01-01, then RECENT_DATE should be any date on or +# after 2016-01-01 (today - 2 years) AND before 2017-07-01 (today - 6 months) +# There is also a test_ssl_wrong_system_time test (from test/with_dummyserver/test_https.py) that tests if +# user's system time isn't set as too far in the past, because it could lead to SSL verification errors. +# That is why we need RECENT_DATE to be set at most 2 years ago (or else test_ssl_wrong_system_time would +# result in false positive), but before at least 6 month ago (so this test could tolerate user's system time being +# set to some time in the past, but not to far away from the present). +# Next few lines update RECENT_DATE dynamically. +recent_date=$(date --date "7 month ago" +"%Y, %_m, %_d") +sed -i "s/^RECENT_DATE = datetime.date(.*)/RECENT_DATE = datetime.date($recent_date)/" src/urllib3/connection.py + +# Drop the dummyserver tests in koji. They fail there in real builds, but not +# in scratch builds (weird). +rm -rf test/with_dummyserver/ +# Don't run the Google App Engine tests +rm -rf test/appengine/ +# Lots of these tests started failing, even for old versions, so it has something +# to do with Fedora in particular. They don't fail in upstream build infrastructure +rm -rf test/contrib/ + +# Tests for Python built without SSL, but Fedora builds with SSL. These tests +# fail when combined with the unbundling of backports-ssl_match_hostname +rm -f test/test_no_ssl.py + +# Use the standard library instead of a backport +sed -i -e 's/^import mock/from unittest import mock/' \ + -e 's/^from mock import /from unittest.mock import /' \ + test/*.py docs/conf.py + +%build +%py3_build + + +%install +%py3_install + +# Unbundle the Python 3 build +rm -rf %{buildroot}/%{python3_sitelib}/urllib3/packages/six.py +rm -rf %{buildroot}/%{python3_sitelib}/urllib3/packages/__pycache__/six.* +rm -rf %{buildroot}/%{python3_sitelib}/urllib3/packages/ssl_match_hostname/ + +mkdir -p %{buildroot}/%{python3_sitelib}/urllib3/packages/ +cp -a %{SOURCE1} %{buildroot}/%{python3_sitelib}/urllib3/packages/ssl_match_hostname.py +ln -s %{python3_sitelib}/six.py %{buildroot}/%{python3_sitelib}/urllib3/packages/six.py +ln -s %{python3_sitelib}/__pycache__/six.cpython-%{python3_version_nodots}.opt-1.pyc \ + %{buildroot}/%{python3_sitelib}/urllib3/packages/__pycache__/ +ln -s %{python3_sitelib}/__pycache__/six.cpython-%{python3_version_nodots}.pyc \ + %{buildroot}/%{python3_sitelib}/urllib3/packages/__pycache__/ + + +%if %{with tests} +%check +%pytest -v +%endif + + +%files -n python3-%{srcname} +%license LICENSE.txt +%doc CHANGES.rst README.rst CONTRIBUTORS.txt +%{python3_sitelib}/urllib3/ +%{python3_sitelib}/urllib3-*.egg-info/ + + +%changelog +* Thu Mar 28 2024 MSVSphere Packaging Team - 1.26.5-5 +- Rebuilt for MSVSphere 9.4 beta + +* Tue Dec 12 2023 Lumír Balhar - 1.26.5-5 +- Security fix for CVE-2023-45803 +Resolves: RHEL-16874 + +* Thu Oct 12 2023 Lumír Balhar - 1.26.5-4 +- Security fix for CVE-2023-43804 +Resolves: RHEL-12001 + +* Tue Feb 08 2022 Tomáš Hrnčiar - 1.26.5-3 +- Add automatically generated Obsoletes tag with the python39- prefix + for smoother upgrade from RHEL8 +- Related: rhbz#1990421 + +* Tue Aug 10 2021 Mohan Boddu - 1.26.5-2 +- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags + Related: rhbz#1991688 + +* Wed Jun 16 2021 Karolina Surma - 1.26.5-1 +- Update to 1.26.5 +- Fix for CVE-2021-33503 Catastrophic backtracking in URL authority parser +Resolves: rhbz#1972639 + +* Tue May 18 2021 Miro Hrončok - 1.26.4-1 +- Update to 1.26.4 +Resolves: rhbz#1935737 + +* Fri Apr 16 2021 Mohan Boddu - 1.25.10-6 +- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937 + +* Mon Mar 08 2021 Charalampos Stratakis - 1.25.10-5 +- Disable tests on RHEL9 to remove the python-tornado dependency + +* Wed Jan 27 2021 Fedora Release Engineering - 1.25.10-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Fri Jan 15 2021 Miro Hrončok - 1.25.10-3 +- Drop redundant BuildRequires for nose +- Instead of the mock backport, use unittest.mock from the standard library + +* Tue Jan 05 2021 Anna Khaitovich - 1.25.10-2 +- Update RECENT_DATE dynamically + +* Sun Sep 27 2020 Kevin Fenzi - 1.25.10-1 +- Update to 1.25.10. Fixed bug #1824900 + +* Wed Jul 29 2020 Fedora Release Engineering - 1.25.8-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Sun May 24 2020 Miro Hrončok - 1.25.8-3 +- Rebuilt for Python 3.9 + +* Fri May 22 2020 Miro Hrončok - 1.25.8-2 +- Bootstrap for Python 3.9 + +* Sun Mar 22 2020 Carl George - 1.25.8-1 +- Latest upstream rhbz#1771186 + +* Thu Jan 30 2020 Fedora Release Engineering - 1.25.7-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + +* Mon Nov 18 2019 Miro Hrončok - 1.25.7-2 +- Subpackage python2-urllib3 has been removed + See https://fedoraproject.org/wiki/Changes/Mass_Python_2_Package_Removal + +* Tue Oct 15 2019 Jeremy Cline - 1.25.6-1 +- Update to v1.25.6 + +* Thu Oct 03 2019 Miro Hrončok - 1.25.3-7 +- Rebuilt for Python 3.8.0rc1 (#1748018) + +* Sun Aug 18 2019 Miro Hrončok - 1.25.3-6 +- Rebuilt for Python 3.8 + +* Thu Aug 15 2019 Miro Hrončok - 1.25.3-5 +- Bootstrap for Python 3.8 + +* Fri Jul 26 2019 Fedora Release Engineering - 1.25.3-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + +* Mon Jul 08 2019 Miro Hrončok - 1.25.3-3 +- Set RECENT_DATE not to be older than 2 years (#1727796) + +* Tue May 28 2019 Jeremy Cline - 1.25.3-2 +- Drop the Python 2 tests since Tornado is going away + +* Tue May 28 2019 Jeremy Cline - 1.25.3-1 +- Update to 1.25.3 + +* Sat Feb 02 2019 Fedora Release Engineering - 1.24.1-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + +* Tue Nov 13 2018 Jeremy Cline - 1.24.1-2 +- Adjust unbundling of ssl_match_hostname + +* Mon Oct 29 2018 Jeremy Cline - 1.24.1-1 +- Update to v1.24.1 + +* Wed Jun 20 2018 Lumír Balhar - 1.23-4 +- Removed unneeded dependency python[23]-psutil + +* Mon Jun 18 2018 Miro Hrončok - 1.23-3 +- Rebuilt for Python 3.7 + +* Thu Jun 14 2018 Miro Hrončok - 1.23-2 +- Bootstrap for Python 3.7 + +* Tue Jun 05 2018 Jeremy Cline - 1.23-1 +- Update to the latest upstream release (rhbz 1586072) + +* Wed May 30 2018 Jeremy Cline - 1.22-10 +- Backport patch to support Python 3.7 (rhbz 1584112) + +* Thu May 03 2018 Lukas Slebodnik - 1.22-9 +- Do not lowercase hostnames with custom-protocol (rhbz 1567862) +- upstream: https://github.com/urllib3/urllib3/issues/1267 + +* Wed Apr 18 2018 Jeremy Cline - 1.22-8 +- Drop the dependency on idna and cryptography (rhbz 1567862) + +* Mon Apr 16 2018 Jeremy Cline - 1.22-7 +- Drop the dependency on PyOpenSSL, it's not needed (rhbz 1567862) + +* Fri Feb 09 2018 Fedora Release Engineering - 1.22-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Wed Jan 31 2018 Iryna Shcherbina - 1.22-5 +- Update Python 2 dependency declarations to new packaging standards + (See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3) + +* Thu Jan 25 2018 Tomas Hoger - 1.22-4 +- Fix FTBFS - Move RECENT_DATE to 2017-06-30 + +* Fri Dec 01 2017 Jeremy Cline - 1.22-3 +- Symlink the Python 3 bytecode for six (rbhz 1519147) + +* Thu Jul 27 2017 Fedora Release Engineering - 1.22-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Fri Jul 21 2017 Jeremy Cline - 1.22-1 +- Update to 1.22 (#1473293) + +* Wed May 17 2017 Jeremy Cline - 1.21.1-1 +- Update to 1.21.1 (#1445280) + +* Thu Feb 09 2017 Jeremy Cline - 1.20-1 +- Update to 1.20 (#1414775) + +* Tue Dec 13 2016 Stratakis Charalampos - 1.19.1-2 +- Rebuild for Python 3.6 + +* Thu Nov 17 2016 Jeremy Cline 1.19.1-1 +- Update to 1.19.1 +- Clean up the specfile to only support Fedora 26 + +* Wed Aug 10 2016 Kevin Fenzi - 1.16-3 +- Rebuild now that python-requests is ready to update. + +* Tue Jul 19 2016 Fedora Release Engineering - 1.16-2 +- https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages + +* Wed Jun 15 2016 Kevin Fenzi - 1.16-1 +- Update to 1.16 + +* Thu Jun 02 2016 Ralph Bean - 1.15.1-3 +- Create python2 subpackage to comply with guidelines. + +* Wed Jun 01 2016 Ralph Bean - 1.15.1-2 +- Remove broken symlinks to unbundled python3-six files + https://bugzilla.redhat.com/show_bug.cgi?id=1295015 + +* Fri Apr 29 2016 Ralph Bean - 1.15.1-1 +- Removed patch for ipv6 support, now applied upstream. +- Latest version. +- New dep on pysocks. + +* Fri Feb 26 2016 Ralph Bean - 1.13.1-3 +- Apply patch from upstream to fix ipv6. + +* Thu Feb 04 2016 Fedora Release Engineering - 1.13.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Mon Dec 21 2015 Ralph Bean - 1.13.1-1 +- new version + +* Fri Dec 18 2015 Ralph Bean - 1.13-1 +- new version + +* Mon Dec 14 2015 Ralph Bean - 1.12-1 +- new version + +* Thu Oct 15 2015 Robert Kuska - 1.10.4-7 +- Rebuilt for Python3.5 rebuild + +* Sat Oct 10 2015 Ralph Bean - 1.10.4-6 +- Sync from PyPI instead of a git checkout. + +* Tue Sep 08 2015 Ralph Bean - 1.10.4-5.20150503gita91975b +- Drop requirement on python-backports-ssl_match_hostname on F22 and newer. + +* Thu Jun 18 2015 Fedora Release Engineering - 1.10.4-4.20150503gita91975b +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Mon Jun 08 2015 Ralph Bean - 1.10.4-3.20150503gita91975b +- Apply pyopenssl injection for an outdated cpython as per upstream advice + https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning + https://urllib3.readthedocs.org/en/latest/security.html#pyopenssl + +* Tue May 19 2015 Ralph Bean - 1.10.4-2.20150503gita91975b +- Specify symlinks for six.py{c,o}, fixing rhbz #1222142. + +* Sun May 03 2015 Ralph Bean - 1.10.4-1.20150503gita91975b +- Latest release for python-requests-2.7.0 + +* Wed Apr 29 2015 Ralph Bean - 1.10.3-2.20150429git585983a +- Grab a git snapshot to get around this chunked encoding failure. + +* Wed Apr 22 2015 Ralph Bean - 1.10.3-1 +- new version + +* Thu Feb 26 2015 Ralph Bean - 1.10.2-1 +- new version + +* Wed Feb 18 2015 Ralph Bean - 1.10.1-1 +- new version + +* Wed Feb 18 2015 Ralph Bean - 1.10.1-1 +- new version + +* Mon Jan 05 2015 Ralph Bean - 1.10-2 +- Copy in a shim for ssl_match_hostname on python3. + +* Sun Dec 14 2014 Ralph Bean - 1.10-1 +- Latest upstream 1.10, for python-requests-2.5.0. +- Re-do unbundling without patch, with symlinks. +- Modernize python2 macros. +- Remove the with_dummyserver tests which fail only sometimes. + +* Wed Nov 05 2014 Ralph Bean - 1.9.1-1 +- Latest upstream, 1.9.1 for latest python-requests. + +* Mon Aug 4 2014 Tom Callaway - 1.8.2-4 +- fix license handling + +* Sun Jun 08 2014 Fedora Release Engineering - 1.8.2-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Wed May 14 2014 Bohuslav Kabrda - 1.8.2-2 +- Rebuilt for https://fedoraproject.org/wiki/Changes/Python_3.4 + +* Mon Apr 21 2014 Arun S A G - 1.8.2-1 +- Update to latest upstream version + +* Mon Oct 28 2013 Ralph Bean - 1.7.1-2 +- Update patch to find ca_certs in the correct location. + +* Wed Sep 25 2013 Ralph Bean - 1.7.1-1 +- Latest upstream with support for a new timeout class and py3.4. + +* Wed Aug 28 2013 Ralph Bean - 1.7-3 +- Bump release again, just to push an unpaired update. + +* Mon Aug 26 2013 Ralph Bean - 1.7-2 +- Bump release to pair an update with python-requests. + +* Thu Aug 22 2013 Ralph Bean - 1.7-1 +- Update to latest upstream. +- Removed the accept-header proxy patch which is included in upstream now. +- Removed py2.6 compat patch which is included in upstream now. + +* Sun Aug 04 2013 Fedora Release Engineering - 1.5-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild + +* Tue Jun 11 2013 Toshio Kuratomi - 1.5-6 +- Fix Requires of python-ordereddict to only apply to RHEL + +* Fri Mar 1 2013 Toshio Kuratomi - 1.5-5 +- Unbundling finished! + +* Fri Mar 01 2013 Ralph Bean - 1.5-4 +- Upstream patch to fix Accept header when behind a proxy. +- Reorganize patch numbers to more clearly distinguish them. + +* Wed Feb 27 2013 Ralph Bean - 1.5-3 +- Renamed patches to python-urllib3-* +- Fixed ssl check patch to use the correct cert path for Fedora. +- Included dependency on ca-certificates +- Cosmetic indentation changes to the .spec file. + +* Tue Feb 5 2013 Toshio Kuratomi - 1.5-2 +- python3-tornado BR and run all unittests on python3 + +* Mon Feb 04 2013 Toshio Kuratomi 1.5-1 +- Initial fedora build.