From f77924eb95670fabdf934d7ac25ae31015821162 Mon Sep 17 00:00:00 2001
From: lipengyu <lipengyu@kylinos.cn>
Date: Mon, 18 Aug 2025 14:44:44 +0800
Subject: [PATCH] fix CVE-2025-50181

---
 ...0181-fix-suspend-redirec-ineffective.patch | 87 +++++++++++++++++++
 python-pip.spec                               |  6 +-
 2 files changed, 92 insertions(+), 1 deletion(-)
 create mode 100644 backport-CVE-2025-50181-fix-suspend-redirec-ineffective.patch

diff --git a/backport-CVE-2025-50181-fix-suspend-redirec-ineffective.patch b/backport-CVE-2025-50181-fix-suspend-redirec-ineffective.patch
new file mode 100644
index 0000000..1c18743
--- /dev/null
+++ b/backport-CVE-2025-50181-fix-suspend-redirec-ineffective.patch
@@ -0,0 +1,87 @@
+From f05b1329126d5be6de501f9d1e3e36738bc08857 Mon Sep 17 00:00:00 2001
+From: Illia Volochii <illia.volochii@gmail.com>
+Date: Wed, 18 Jun 2025 16:25:01 +0300
+Subject: [PATCH] Merge commit from fork
+
+* Apply Quentin's suggestion
+
+Co-authored-by: Quentin Pradet <quentin.pradet@gmail.com>
+
+* Add tests for disabled redirects in the pool manager
+
+* Add a possible fix for the issue with not raised `MaxRetryError`
+
+* Make urllib3 handle redirects instead of JS when JSPI is used
+
+* Fix info in the new comment
+
+* State that redirects with XHR are not controlled by urllib3
+
+* Remove excessive params from new test requests
+
+* Add tests reaching max non-0 redirects
+
+* Test redirects with Emscripten
+
+* Fix `test_merge_pool_kwargs`
+
+* Add a changelog entry
+
+* Parametrize tests
+
+* Drop a fix for Emscripten
+
+* Apply Seth's suggestion to docs
+
+Co-authored-by: Seth Michael Larson <sethmichaellarson@gmail.com>
+
+* Use a minor release instead of the patch one
+
+---------
+
+Co-authored-by: Quentin Pradet <quentin.pradet@gmail.com>
+Co-authored-by: Seth Michael Larson <sethmichaellarson@gmail.com>
+
+---
+ src/pip/_vendor/urllib3/poolmanager.py | 18 +++++++++++++++++-
+ 1 file changed, 17 insertions(+), 1 deletion(-)
+
+diff --git a/src/pip/_vendor/urllib3/poolmanager.py b/src/pip/_vendor/urllib3/poolmanager.py
+index 7d4c22c..573931f 100644
+--- a/src/pip/_vendor/urllib3/poolmanager.py
++++ b/src/pip/_vendor/urllib3/poolmanager.py
+@@ -169,6 +169,22 @@ class PoolManager(RequestMethods):
+ 
+     def __init__(self, num_pools=10, headers=None, **connection_pool_kw):
+         RequestMethods.__init__(self, headers)
++        if "retries" in connection_pool_kw:
++            retries = connection_pool_kw["retries"]
++            if not isinstance(retries, Retry):
++                # When Retry is initialized, raise_on_redirect is based
++                # on a redirect boolean value.
++                # But requests made via a pool manager always set
++                # redirect to False, and raise_on_redirect always ends
++                # up being False consequently.
++                # Here we fix the issue by setting raise_on_redirect to
++                # a value needed by the pool manager without considering
++                # the redirect boolean.
++                raise_on_redirect = retries is not False
++                retries = Retry.from_int(retries, redirect=False)
++                retries.raise_on_redirect = raise_on_redirect
++                connection_pool_kw = connection_pool_kw.copy()
++                connection_pool_kw["retries"] = retries        
+         self.connection_pool_kw = connection_pool_kw
+         self.pools = RecentlyUsedContainer(num_pools, dispose_func=lambda p: p.close())
+ 
+@@ -388,7 +404,7 @@ class PoolManager(RequestMethods):
+             kw["body"] = None
+             kw["headers"] = HTTPHeaderDict(kw["headers"])._prepare_for_method_change()
+ 
+-        retries = kw.get("retries")
++        retries = kw.get("retries", response.retries)
+         if not isinstance(retries, Retry):
+             retries = Retry.from_int(retries, redirect=redirect)
+ 
+-- 
+2.23.0
+
diff --git a/python-pip.spec b/python-pip.spec
index 01454ec..b903440 100644
--- a/python-pip.spec
+++ b/python-pip.spec
@@ -6,7 +6,7 @@ pip is the package installer for Python. You can use pip to install packages fro
 %global bashcompdir %(b=$(pkg-config --variable=completionsdir bash-completion 2>/dev/null); echo ${b:-%{_sysconfdir}/bash_completion.d})
 Name:           python-%{srcname}
 Version:        21.3.1
-Release:        9
+Release:        10
 Summary:        A tool for installing and managing Python packages
 License:        MIT and Python and ASL 2.0 and BSD and ISC and LGPLv2 and MPLv2.0 and (ASL 2.0 or BSD)
 URL:            http://www.pip-installer.org
@@ -27,6 +27,7 @@ Patch6007:      backport-CVE-2023-43804-added-the-Cookie-to-the-list-of-headers.
 Patch6008:      backport-CVE-2023-45803-Made-body-stripped-from-HTTP-requests.patch
 Patch6009:      backport-CVE-2024-37891-Strip-Proxy-Authorization-header-on-redirects.patch
 Patch6010:      backport-CVE-2024-47081.patch
+Patch6011:      backport-CVE-2025-50181-fix-suspend-redirec-ineffective.patch 
 
 Source10: 	pip-allow-older-versions.patch
 
@@ -136,6 +137,9 @@ install -D -m0644 %{SOURCE1} %{buildroot}%{_sysconfdir}/pip.conf
 %{python_wheeldir}/%{python_wheelname}
 
 %changelog
+* Mon Aug 18 2025 lipengyu <lipengyu@kylinos.cn> - 21.3.1-10
+- Fix CVE-2025-50181
+
 * Wed Jul 16 2025 xieyanlong <xieyanlong@kylinos.cn> - 21.3.1-9
 - Fix CVE-2024-47081
 
-- 
Gitee