From cb1c59033e8320c67232a5d64313a82515c2ade0 Mon Sep 17 00:00:00 2001
From: starlet-dx <15929766099@163.com>
Date: Mon, 1 Sep 2025 10:49:26 +0800
Subject: [PATCH] Fix CVE-2025-58068

(cherry picked from commit 920bc3fc0f223bc38b10bac68b74b405f1c36cfe)
---
 CVE-2025-58068.patch | 40 ++++++++++++++++++++++++++++++++++++++++
 python-eventlet.spec |  6 +++++-
 2 files changed, 45 insertions(+), 1 deletion(-)
 create mode 100644 CVE-2025-58068.patch

diff --git a/CVE-2025-58068.patch b/CVE-2025-58068.patch
new file mode 100644
index 0000000..21ec0b8
--- /dev/null
+++ b/CVE-2025-58068.patch
@@ -0,0 +1,40 @@
+From 0bfebd1117d392559e25b4bfbfcc941754de88fb Mon Sep 17 00:00:00 2001
+From: sebsrt <s@sebsrt.xyz>
+Date: Mon, 11 Aug 2025 11:46:28 +0200
+Subject: [PATCH] [SECURITY] Fix request smuggling vulnerability by discarding
+ trailers (#1062)
+
+The WSGI parser is vulnerable to a request smuggling vulnerability due to not parsing trailer sections of an HTTP request. This patch fix that by discarding trailers.
+
+Origin:
+https://github.com/eventlet/eventlet/commit/0bfebd1117d392559e25b4bfbfcc941754de88fb
+---
+ eventlet/wsgi.py | 8 +++++++-
+ 1 file changed, 7 insertions(+), 1 deletion(-)
+
+diff --git a/eventlet/wsgi.py b/eventlet/wsgi.py
+index 92d031797..b6b4d0ce8 100644
+--- a/eventlet/wsgi.py
++++ b/eventlet/wsgi.py
+@@ -152,6 +152,12 @@ def _do_read(self, reader, length=None):
+             read = b''
+         self.position += len(read)
+         return read
++    
++    def _discard_trailers(self, rfile):
++        while True:
++            line = rfile.readline()
++            if not line or line in (b'\r\n', b'\n', b''):
++                break
+ 
+     def _chunked_read(self, rfile, length=None, use_readline=False):
+         if self.should_send_hundred_continue:
+@@ -202,7 +208,7 @@ def _chunked_read(self, rfile, length=None, use_readline=False):
+                         raise ChunkReadError(err)
+                     self.position = 0
+                     if self.chunk_length == 0:
+-                        rfile.readline()
++                        self._discard_trailers(rfile)
+         except greenio.SSL.ZeroReturnError:
+             pass
+         return b''.join(response)
diff --git a/python-eventlet.spec b/python-eventlet.spec
index fc79c0b..2bb0edb 100644
--- a/python-eventlet.spec
+++ b/python-eventlet.spec
@@ -1,7 +1,7 @@
 %global _empty_manifest_terminate_build 0
 Name:           python-eventlet
 Version:        0.33.3
-Release:        2
+Release:        3
 Summary:        Highly concurrent networking library
 License:        MIT
 URL:            http://eventlet.net
@@ -9,6 +9,7 @@ Source0:        https://files.pythonhosted.org/packages/source/e/eventlet/eventl
 BuildArch:      noarch
 
 Patch0001:	Address-DoS-via-the-Tudoor-mechanism.patch
+Patch0002:	CVE-2025-58068.patch
 
 %description
 Eventlet is a concurrent networking library for Python that allows you to change how you run your code, not how you write it.
@@ -82,6 +83,9 @@ mv %{buildroot}/doclist.lst .
 %{_docdir}/*
 
 %changelog
+* Mon Sep 01 2025 yaoxin <1024769339@qq.com> - 0.33.3-3
+- Fix CVE-2025-58068
+
 * Sun Apr 28 2024 lilong <lilong@kylinos.cn> - 0.33.3-2
 - Address DoS via the Tudoor mechanism (CVE-2023-29483)
 
-- 
Gitee