|
|
|
|
@ -5,7 +5,7 @@
|
|
|
|
|
|
|
|
|
|
Name: python%{python3_pkgversion}-%{pypi_name}
|
|
|
|
|
Version: 1.1.0
|
|
|
|
|
Release: 2%{?dist}
|
|
|
|
|
Release: 3%{?dist}
|
|
|
|
|
Summary: Pure-Python MySQL client library
|
|
|
|
|
|
|
|
|
|
License: MIT
|
|
|
|
|
@ -13,6 +13,11 @@ URL: https://pypi.python.org/pypi/%{pypi_name}/
|
|
|
|
|
Source0: %pypi_source
|
|
|
|
|
Source1: setup.py
|
|
|
|
|
|
|
|
|
|
# Security fix for CVE-2024-36039: SQL injection if used with untrusted JSON input
|
|
|
|
|
# Resolved upstream: https://github.com/PyMySQL/PyMySQL/commit/521e40050cb386a499f68f483fefd144c493053c
|
|
|
|
|
# Tracking bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2282821
|
|
|
|
|
Patch0: CVE-2024-36039.patch
|
|
|
|
|
|
|
|
|
|
BuildArch: noarch
|
|
|
|
|
|
|
|
|
|
BuildRequires: python%{python3_pkgversion}-devel
|
|
|
|
|
@ -35,7 +40,7 @@ and Jython.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%prep
|
|
|
|
|
%setup -qn %{pypi_name}-%{version}
|
|
|
|
|
%autosetup -n %{pypi_name}-%{version} -p1
|
|
|
|
|
rm -rf %{pypi_name}.egg-info
|
|
|
|
|
# Remove tests files so they are not installed globally.
|
|
|
|
|
rm -rf tests
|
|
|
|
|
@ -62,8 +67,9 @@ cp %{SOURCE1} .
|
|
|
|
|
%{python3_sitelib}/pymysql/
|
|
|
|
|
|
|
|
|
|
%changelog
|
|
|
|
|
* Tue Apr 02 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 1.1.0-2
|
|
|
|
|
- Initial build for MSVSphere 9.3
|
|
|
|
|
* Fri May 31 2024 Charalampos Stratakis <cstratak@redhat.com> - 1.1.0-3
|
|
|
|
|
- Security fix for CVE-2024-36039
|
|
|
|
|
Resolves: RHEL-38371
|
|
|
|
|
|
|
|
|
|
* Tue Jan 23 2024 Miro Hrončok <mhroncok@redhat.com> - 1.1.0-2
|
|
|
|
|
- Rebuilt for timestamp .pyc invalidation mode
|
|
|
|
|
|
MSVSphere Packaging Team
