|
|
@ -1,12 +1,12 @@
|
|
|
|
%global srcname urllib3
|
|
|
|
%global srcname urllib3
|
|
|
|
|
|
|
|
|
|
|
|
# When bootstrapping Python, we cannot test this yet
|
|
|
|
# Tests are disabled to remove the test dependencies
|
|
|
|
# RHEL8: Tests disabled during build due to missing dependencies
|
|
|
|
# Specify --with tests to run the tests on e.g. EPEL
|
|
|
|
%bcond_with tests
|
|
|
|
%bcond_with tests
|
|
|
|
|
|
|
|
|
|
|
|
Name: python-%{srcname}
|
|
|
|
Name: python-%{srcname}
|
|
|
|
Version: 1.25.10
|
|
|
|
Version: 1.26.5
|
|
|
|
Release: 5%{?dist}
|
|
|
|
Release: 5%{?dist}.1
|
|
|
|
Summary: Python HTTP library with thread-safe connection pooling and file post
|
|
|
|
Summary: Python HTTP library with thread-safe connection pooling and file post
|
|
|
|
|
|
|
|
|
|
|
|
License: MIT
|
|
|
|
License: MIT
|
|
|
@ -14,10 +14,7 @@ URL: https://github.com/urllib3/urllib3
|
|
|
|
Source0: %{url}/archive/%{version}/%{srcname}-%{version}.tar.gz
|
|
|
|
Source0: %{url}/archive/%{version}/%{srcname}-%{version}.tar.gz
|
|
|
|
# Unbundle ssl_match_hostname since we depend on it
|
|
|
|
# Unbundle ssl_match_hostname since we depend on it
|
|
|
|
Source1: ssl_match_hostname_py3.py
|
|
|
|
Source1: ssl_match_hostname_py3.py
|
|
|
|
# CVE-2021-33503 Catastrophic backtracking in URL authority parser
|
|
|
|
BuildArch: noarch
|
|
|
|
# Tracking bug: https://bugzilla.redhat.com/show_bug.cgi?id=1968074
|
|
|
|
|
|
|
|
# Upstream fix: https://github.com/urllib3/urllib3/commit/2d4a3fee6de2fa45eb82169361918f759269b4ec
|
|
|
|
|
|
|
|
Patch0: CVE-2021-33503.patch
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# CVE-2023-43804
|
|
|
|
# CVE-2023-43804
|
|
|
|
# Added the `Cookie` header to the list of headers to strip from
|
|
|
|
# Added the `Cookie` header to the list of headers to strip from
|
|
|
@ -29,38 +26,49 @@ Patch0: CVE-2021-33503.patch
|
|
|
|
# Upstream fix: https://github.com/urllib3/urllib3/commit/01220354d389cd05474713f8c982d05c9b17aafb
|
|
|
|
# Upstream fix: https://github.com/urllib3/urllib3/commit/01220354d389cd05474713f8c982d05c9b17aafb
|
|
|
|
Patch1: CVE-2023-43804.patch
|
|
|
|
Patch1: CVE-2023-43804.patch
|
|
|
|
|
|
|
|
|
|
|
|
BuildArch: noarch
|
|
|
|
# CVE-2023-45803
|
|
|
|
# Exclude i686 arch. Due to a modularity issue it's being added to the
|
|
|
|
# Remove HTTP request body when request method is changed.
|
|
|
|
# x86_64 compose of CRB, but we don't want to ship it at all.
|
|
|
|
# Tracking bug: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2023-45803
|
|
|
|
# See: https://projects.engineering.redhat.com/browse/RCM-72605
|
|
|
|
# Upstream fix: https://github.com/urllib3/urllib3/commit/4e98d57809dacab1cbe625fddeec1a290c478ea9
|
|
|
|
ExcludeArch: i686
|
|
|
|
Patch2: CVE-2023-45803.patch
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# PoolManager.urlopen fails with TypeError for http connection if the PoolManager is instantiated with server_hostname
|
|
|
|
|
|
|
|
# Tracking bug: https://issues.redhat.com/browse/RHEL-39285
|
|
|
|
|
|
|
|
# Upstream fix: https://github.com/urllib3/urllib3/commit/f1d40fd07f7b5d9cf846a18fb5a920b4be07dfc5
|
|
|
|
|
|
|
|
Patch3: Add-server_hostname-to-SSL_KEYWORDS.patch
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# CVE-2024-37891
|
|
|
|
|
|
|
|
# Proxy-authorization request header is not stripped during cross-origin redirects.
|
|
|
|
|
|
|
|
# Tracking bug: https://issues.redhat.com/browse/RHEL-43172
|
|
|
|
|
|
|
|
# Upstream fix: https://github.com/urllib3/urllib3/commit/40b6d1605814dd1db0a46e202d6e56f2e4c9a468
|
|
|
|
|
|
|
|
Patch4: CVE-2024-37891.patch
|
|
|
|
|
|
|
|
|
|
|
|
%description
|
|
|
|
%description
|
|
|
|
Python HTTP module with connection pooling and file POST abilities.
|
|
|
|
Python HTTP module with connection pooling and file POST abilities.
|
|
|
|
|
|
|
|
|
|
|
|
%package -n python%{python3_pkgversion}-%{srcname}
|
|
|
|
%package -n python3-%{srcname}
|
|
|
|
Summary: Python3 HTTP library with thread-safe connection pooling and file post
|
|
|
|
Summary: Python3 HTTP library with thread-safe connection pooling and file post
|
|
|
|
|
|
|
|
|
|
|
|
BuildRequires: python%{python3_pkgversion}-devel
|
|
|
|
BuildRequires: python3-devel
|
|
|
|
BuildRequires: python%{python3_pkgversion}-rpm-macros
|
|
|
|
BuildRequires: python3-setuptools
|
|
|
|
BuildRequires: python%{python3_pkgversion}-setuptools
|
|
|
|
|
|
|
|
%if %{with tests}
|
|
|
|
%if %{with tests}
|
|
|
|
BuildRequires: python%{python3_pkgversion}-nose
|
|
|
|
BuildRequires: python3-dateutil
|
|
|
|
BuildRequires: python%{python3_pkgversion}-mock
|
|
|
|
BuildRequires: python3-six
|
|
|
|
BuildRequires: python%{python3_pkgversion}-six
|
|
|
|
BuildRequires: python3-pysocks
|
|
|
|
BuildRequires: python%{python3_pkgversion}-pysocks
|
|
|
|
BuildRequires: python3-pytest
|
|
|
|
BuildRequires: python%{python3_pkgversion}-pytest
|
|
|
|
BuildRequires: python3-pytest-freezegun
|
|
|
|
BuildRequires: python%{python3_pkgversion}-tornado
|
|
|
|
BuildRequires: python3-pytest-timeout
|
|
|
|
BuildRequires: python%{python3_pkgversion}-trustme
|
|
|
|
BuildRequires: python3-tornado
|
|
|
|
BuildRequires: python%{python3_pkgversion}-idna
|
|
|
|
BuildRequires: python3-trustme
|
|
|
|
|
|
|
|
BuildRequires: python3-idna
|
|
|
|
%endif
|
|
|
|
%endif
|
|
|
|
|
|
|
|
|
|
|
|
Requires: ca-certificates
|
|
|
|
Requires: ca-certificates
|
|
|
|
Requires: python%{python3_pkgversion}-idna
|
|
|
|
Requires: python3-idna
|
|
|
|
Requires: python%{python3_pkgversion}-six
|
|
|
|
Requires: python3-six
|
|
|
|
Requires: python%{python3_pkgversion}-pysocks
|
|
|
|
Requires: python3-pysocks
|
|
|
|
|
|
|
|
|
|
|
|
%description -n python%{python3_pkgversion}-%{srcname}
|
|
|
|
%description -n python3-%{srcname}
|
|
|
|
Python3 HTTP module with connection pooling and file POST abilities.
|
|
|
|
Python3 HTTP module with connection pooling and file POST abilities.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@ -97,6 +105,11 @@ rm -rf test/contrib/
|
|
|
|
# fail when combined with the unbundling of backports-ssl_match_hostname
|
|
|
|
# fail when combined with the unbundling of backports-ssl_match_hostname
|
|
|
|
rm -f test/test_no_ssl.py
|
|
|
|
rm -f test/test_no_ssl.py
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# Use the standard library instead of a backport
|
|
|
|
|
|
|
|
sed -i -e 's/^import mock/from unittest import mock/' \
|
|
|
|
|
|
|
|
-e 's/^from mock import /from unittest.mock import /' \
|
|
|
|
|
|
|
|
test/*.py docs/conf.py
|
|
|
|
|
|
|
|
|
|
|
|
%build
|
|
|
|
%build
|
|
|
|
%py3_build
|
|
|
|
%py3_build
|
|
|
|
|
|
|
|
|
|
|
@ -105,8 +118,8 @@ rm -f test/test_no_ssl.py
|
|
|
|
%py3_install
|
|
|
|
%py3_install
|
|
|
|
|
|
|
|
|
|
|
|
# Unbundle the Python 3 build
|
|
|
|
# Unbundle the Python 3 build
|
|
|
|
rm -rf %{buildroot}/%{python3_sitelib}/urllib3/packages/six.py*
|
|
|
|
rm -rf %{buildroot}/%{python3_sitelib}/urllib3/packages/six.py
|
|
|
|
rm -rf %{buildroot}/%{python3_sitelib}/urllib3/packages/__pycache__/six*
|
|
|
|
rm -rf %{buildroot}/%{python3_sitelib}/urllib3/packages/__pycache__/six.*
|
|
|
|
rm -rf %{buildroot}/%{python3_sitelib}/urllib3/packages/ssl_match_hostname/
|
|
|
|
rm -rf %{buildroot}/%{python3_sitelib}/urllib3/packages/ssl_match_hostname/
|
|
|
|
|
|
|
|
|
|
|
|
mkdir -p %{buildroot}/%{python3_sitelib}/urllib3/packages/
|
|
|
|
mkdir -p %{buildroot}/%{python3_sitelib}/urllib3/packages/
|
|
|
@ -120,13 +133,11 @@ ln -s %{python3_sitelib}/__pycache__/six.cpython-%{python3_version_nodots}.pyc \
|
|
|
|
|
|
|
|
|
|
|
|
%if %{with tests}
|
|
|
|
%if %{with tests}
|
|
|
|
%check
|
|
|
|
%check
|
|
|
|
pushd test
|
|
|
|
%pytest -v
|
|
|
|
PYTHONPATH=%{buildroot}%{python3_sitelib}:%{python3_sitelib} %{__python3} -m pytest -v
|
|
|
|
|
|
|
|
popd
|
|
|
|
|
|
|
|
%endif
|
|
|
|
%endif
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%files -n python%{python3_pkgversion}-%{srcname}
|
|
|
|
%files -n python3-%{srcname}
|
|
|
|
%license LICENSE.txt
|
|
|
|
%license LICENSE.txt
|
|
|
|
%doc CHANGES.rst README.rst CONTRIBUTORS.txt
|
|
|
|
%doc CHANGES.rst README.rst CONTRIBUTORS.txt
|
|
|
|
%{python3_sitelib}/urllib3/
|
|
|
|
%{python3_sitelib}/urllib3/
|
|
|
@ -134,20 +145,50 @@ popd
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%changelog
|
|
|
|
%changelog
|
|
|
|
* Wed Apr 03 2024 MSVSphere Packaging Team <packager@msvsphere-os.ru> - 1.25.10-5
|
|
|
|
* Tue Jun 18 2024 Tomáš Hrnčiar <thrnciar@redhat.com> - 1.26.5-5.1
|
|
|
|
- Rebuilt for MSVSphere 8.10 beta
|
|
|
|
- Security fix for CVE-2024-37891
|
|
|
|
|
|
|
|
- Backport upstream patch to fix TypeError for http connection if the PoolManager
|
|
|
|
|
|
|
|
- is instantiated with server_hostname
|
|
|
|
|
|
|
|
Resolves: RHEL-49853
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Tue Dec 12 2023 Lumír Balhar <lbalhar@redhat.com> - 1.26.5-5
|
|
|
|
|
|
|
|
- Security fix for CVE-2023-45803
|
|
|
|
|
|
|
|
Resolves: RHEL-16874
|
|
|
|
|
|
|
|
|
|
|
|
* Thu Oct 12 2023 Lumír Balhar <lbalhar@redhat.com> - 1.25.10-5
|
|
|
|
* Thu Oct 12 2023 Lumír Balhar <lbalhar@redhat.com> - 1.26.5-4
|
|
|
|
- Security fix for CVE-2023-43804
|
|
|
|
- Security fix for CVE-2023-43804
|
|
|
|
Resolves: RHEL-11997
|
|
|
|
Resolves: RHEL-12001
|
|
|
|
|
|
|
|
|
|
|
|
* Tue Jun 29 2021 Lumír Balhar <lbalhar@redhat.com> - 1.25.10-4
|
|
|
|
* Tue Feb 08 2022 Tomáš Hrnčiar <thrnciar@redhat.com> - 1.26.5-3
|
|
|
|
|
|
|
|
- Add automatically generated Obsoletes tag with the python39- prefix
|
|
|
|
|
|
|
|
for smoother upgrade from RHEL8
|
|
|
|
|
|
|
|
- Related: rhbz#1990421
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 1.26.5-2
|
|
|
|
|
|
|
|
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
|
|
|
|
|
|
|
|
Related: rhbz#1991688
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Wed Jun 16 2021 Karolina Surma <ksurma@redhat.com> - 1.26.5-1
|
|
|
|
|
|
|
|
- Update to 1.26.5
|
|
|
|
- Fix for CVE-2021-33503 Catastrophic backtracking in URL authority parser
|
|
|
|
- Fix for CVE-2021-33503 Catastrophic backtracking in URL authority parser
|
|
|
|
Resolves: rhbz#1968074
|
|
|
|
Resolves: rhbz#1972639
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Tue May 18 2021 Miro Hrončok <mhroncok@redhat.com> - 1.26.4-1
|
|
|
|
|
|
|
|
- Update to 1.26.4
|
|
|
|
|
|
|
|
Resolves: rhbz#1935737
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 1.25.10-6
|
|
|
|
|
|
|
|
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Mon Mar 08 2021 Charalampos Stratakis <cstratak@redhat.com> - 1.25.10-5
|
|
|
|
|
|
|
|
- Disable tests on RHEL9 to remove the python-tornado dependency
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.25.10-4
|
|
|
|
|
|
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
|
|
|
|
|
|
|
|
|
|
|
|
* Wed Jan 13 2021 Tomas Orsava <torsava@redhat.com> - 1.25.10-3
|
|
|
|
* Fri Jan 15 2021 Miro Hrončok <mhroncok@redhat.com> - 1.25.10-3
|
|
|
|
- Convert from Fedora to the python39 module in RHEL8
|
|
|
|
- Drop redundant BuildRequires for nose
|
|
|
|
- Resolves: rhbz#1877430
|
|
|
|
- Instead of the mock backport, use unittest.mock from the standard library
|
|
|
|
|
|
|
|
|
|
|
|
* Tue Jan 05 2021 Anna Khaitovich <akhaitov@redhat.com> - 1.25.10-2
|
|
|
|
* Tue Jan 05 2021 Anna Khaitovich <akhaitov@redhat.com> - 1.25.10-2
|
|
|
|
- Update RECENT_DATE dynamically
|
|
|
|
- Update RECENT_DATE dynamically
|
|
|
|