From 7802a404ebb8b2e97905a48875292116f54fb752 Mon Sep 17 00:00:00 2001 From: Ze Zhang Date: Thu, 10 Oct 2024 10:37:00 +0800 Subject: [PATCH 1/3] Update to 1.26.19 to fix CVE-2024-37891 --- python-urllib3.spec | 32 +++++++++++++++++--------------- sources | 2 +- 2 files changed, 18 insertions(+), 16 deletions(-) diff --git a/python-urllib3.spec b/python-urllib3.spec index e6f41d4..a8c9377 100644 --- a/python-urllib3.spec +++ b/python-urllib3.spec @@ -2,10 +2,10 @@ %bcond_with tests -Summary: Python HTTP library with thread-safe connection pooling and file post +Summary: Python HTTP library with thread-safe connection pooling, file post, and more Name: python-%{srcname} -Version: 1.26.18 -Release: 3%{?dist} +Version: 1.26.19 +Release: 1%{?dist} License: MIT URL: https://github.com/urllib3/urllib3 Source0: %{url}/archive/%{version}/%{srcname}-%{version}.tar.gz @@ -38,20 +38,17 @@ user friendly, and more. recent_date=$(date --date "7 month ago" +"%Y, %_m, %_d") sed -i "s/^RECENT_DATE = datetime.date(.*)/RECENT_DATE = datetime.date($recent_date)/" src/urllib3/connection.py -rm -rf test/with_dummyserver/ -rm -rf test/appengine/ -rm -rf test/contrib/ -rm -f test/test_no_ssl.py - sed -i -e 's/^import mock/from unittest import mock/' \ -e 's/^from mock import /from unittest.mock import /' \ test/*.py docs/conf.py %build -%py3_build +%pyproject_wheel %install -%py3_install +%pyproject_install + +%pyproject_save_files urllib3 rm -rf %{buildroot}/%{python3_sitelib}/urllib3/packages/six.py rm -rf %{buildroot}/%{python3_sitelib}/urllib3/packages/__pycache__/six.* @@ -65,16 +62,21 @@ ln -s %{python3_sitelib}/__pycache__/six.cpython-%{python3_version_nodots}.pyc \ %if %{with tests} %check -%pytest -v +ignore="${ignore-} --ignore=test/with_dummyserver/" +ignore="${ignore-} --ignore=test/appengine/" +ignore="${ignore-} --ignore=test/contrib/" +ignore="${ignore-} --ignore=test/test_no_ssl.py" +%pytest -v ${ignore-} %endif -%files -n python3-%{srcname} -%license LICENSE.txt +%files -n python3-%{srcname} -f %{pyproject_files} %doc CHANGES.rst README.rst -%{python3_sitelib}/urllib3/ -%{python3_sitelib}/urllib3-*.egg-info/ %changelog +* Thu Oct 10 2024 Ze Zhang - 1.26.19-1 +- [Type] security +- [DESC] Update to 1.26.19 to fix CVE-2024-37891 + * Thu Sep 26 2024 OpenCloudOS Release Engineering - 1.26.18-3 - Rebuilt for clarifying the packages requirement in BaseOS and AppStream diff --git a/sources b/sources index 66ed1d0..010dd3d 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (urllib3-1.26.18.tar.gz) = c89e93a032bf6b11375c06ef7c5abc1868f93e7655cfdca09e9bd939ad415d206ea159fe151ecd2e5f725e0e18a831c7a5382ad01dbc32264154fc8af7aec156 +SHA512 (urllib3-1.26.19.tar.gz) = 6b72012dbd85434b2441229cbdea2a94583693f904dde349780e1290d581c8a5e10fe00a287a032ed1276349d0078b530f16a133e0f164dcea18105fa3dec79a -- Gitee From 8565139c6c071aef175a0f3fb8e8381342fb3323 Mon Sep 17 00:00:00 2001 From: Ze Zhang Date: Thu, 10 Oct 2024 11:05:16 +0800 Subject: [PATCH 2/3] fix build error --- python-urllib3.spec | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/python-urllib3.spec b/python-urllib3.spec index a8c9377..f5f75eb 100644 --- a/python-urllib3.spec +++ b/python-urllib3.spec @@ -43,12 +43,10 @@ sed -i -e 's/^import mock/from unittest import mock/' \ test/*.py docs/conf.py %build -%pyproject_wheel +%py3_build %install -%pyproject_install - -%pyproject_save_files urllib3 +%py3_install rm -rf %{buildroot}/%{python3_sitelib}/urllib3/packages/six.py rm -rf %{buildroot}/%{python3_sitelib}/urllib3/packages/__pycache__/six.* @@ -69,8 +67,12 @@ ignore="${ignore-} --ignore=test/test_no_ssl.py" %pytest -v ${ignore-} %endif +%files -n python3-%{srcname} +%license LICENSE.txt %files -n python3-%{srcname} -f %{pyproject_files} %doc CHANGES.rst README.rst +%{python3_sitelib}/urllib3/ +%{python3_sitelib}/urllib3-*.egg-info/ %changelog * Thu Oct 10 2024 Ze Zhang - 1.26.19-1 -- Gitee From 3575e4bcdf7e435a017cdc1bd89b33310bf4d977 Mon Sep 17 00:00:00 2001 From: Ze Zhang Date: Thu, 10 Oct 2024 11:06:47 +0800 Subject: [PATCH 3/3] fix build error --- python-urllib3.spec | 1 - 1 file changed, 1 deletion(-) diff --git a/python-urllib3.spec b/python-urllib3.spec index f5f75eb..7531b4e 100644 --- a/python-urllib3.spec +++ b/python-urllib3.spec @@ -69,7 +69,6 @@ ignore="${ignore-} --ignore=test/test_no_ssl.py" %files -n python3-%{srcname} %license LICENSE.txt -%files -n python3-%{srcname} -f %{pyproject_files} %doc CHANGES.rst README.rst %{python3_sitelib}/urllib3/ %{python3_sitelib}/urllib3-*.egg-info/ -- Gitee