From 32c2c2c7da8e3be36bda2d60cefc29e9ccd400ce Mon Sep 17 00:00:00 2001
From: chenyaqiang <chenyaqiang@huawei.com>
Date: Wed, 2 Sep 2020 07:27:56 +0000
Subject: [PATCH 1/2] convert format

---
 CVE-2019-9674.patch | 178 ++++++++++++++++++++++----------------------
 1 file changed, 89 insertions(+), 89 deletions(-)

diff --git a/CVE-2019-9674.patch b/CVE-2019-9674.patch
index dd00183..978d98d 100644
--- a/CVE-2019-9674.patch
+++ b/CVE-2019-9674.patch
@@ -1,89 +1,89 @@
-From 7c1b25f7c1e9381fa4b96b4fc489e4bbbe065f02 Mon Sep 17 00:00:00 2001
-From: JunWei Song <sungboss2004@gmail.com>
-Date: Wed, 11 Sep 2019 23:04:12 +0800
-Subject: [PATCH] bpo-36260: Add pitfalls to zipfile module documentation
- (#13378)
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-* bpo-36260: Add pitfalls to zipfile module documentation
-
-We saw vulnerability warning description (including zip bomb) in Doc/library/xml.rst file.
-This gave us the idea of documentation improvement.
-
-So, we moved a little bit forward :P
-And the doc patch can be found (pr).
-
-* fix trailing whitespace
-
-* 📜 🤖  Added by blurb_it.
-
-* Reformat text for consistency.
-
----
- Doc/library/zipfile.rst                       | 40 +++++++++++++++++++
- .../2019-06-04-09-29-00.bpo-36260.WrGuc-.rst  |  1 +
- 2 files changed, 41 insertions(+)
- create mode 100644 Misc/NEWS.d/next/Documentation/2019-06-04-09-29-00.bpo-36260.WrGuc-.rst
-
-diff --git a/Doc/library/zipfile.rst b/Doc/library/zipfile.rst
-index 6fb03a0..6fa0a28 100644
---- a/Doc/library/zipfile.rst
-+++ b/Doc/library/zipfile.rst
-@@ -730,5 +730,45 @@ Command-line options
- 
-    Test whether the zipfile is valid or not.
- 
-+Decompression pitfalls
-+----------------------
-+
-+The extraction in zipfile module might fail due to some pitfalls listed below.
-+
-+From file itself
-+~~~~~~~~~~~~~~~~
-+
-+Decompression may fail due to incorrect password / CRC checksum / ZIP format or
-+unsupported compression method / decryption.
-+
-+File System limitations
-+~~~~~~~~~~~~~~~~~~~~~~~
-+
-+Exceeding limitations on different file systems can cause decompression failed.
-+Such as allowable characters in the directory entries, length of the file name,
-+length of the pathname, size of a single file, and number of files, etc.
-+
-+Resources limitations
-+~~~~~~~~~~~~~~~~~~~~~
-+
-+The lack of memory or disk volume would lead to decompression
-+failed. For example, decompression bombs (aka `ZIP bomb`_)
-+apply to zipfile library that can cause disk volume exhaustion.
-+
-+Interruption
-+~~~~~~~~~~~~
-+
-+Interruption during the decompression, such as pressing control-C or killing the
-+decompression process may result in incomplete decompression of the archive.
-+
-+Default behaviors of extraction
-+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-+
-+Not knowing the default extraction behaviors
-+can cause unexpected decompression results.
-+For example, when extracting the same archive twice,
-+it overwrites files without asking.
-+
- 
-+.. _ZIP bomb: https://en.wikipedia.org/wiki/Zip_bomb
- .. _PKZIP Application Note: https://pkware.cachefly.net/webdocs/casestudies/APPNOTE.TXT
-diff --git a/Misc/NEWS.d/next/Documentation/2019-06-04-09-29-00.bpo-36260.WrGuc-.rst b/Misc/NEWS.d/next/Documentation/2019-06-04-09-29-00.bpo-36260.WrGuc-.rst
-new file mode 100644
-index 0000000..9276516
---- /dev/null
-+++ b/Misc/NEWS.d/next/Documentation/2019-06-04-09-29-00.bpo-36260.WrGuc-.rst
-@@ -0,0 +1 @@
-+Add decompression pitfalls to zipfile module documentation.
-\ No newline at end of file
---
-2.23.0
+From 7c1b25f7c1e9381fa4b96b4fc489e4bbbe065f02 Mon Sep 17 00:00:00 2001
+From: JunWei Song <sungboss2004@gmail.com>
+Date: Wed, 11 Sep 2019 23:04:12 +0800
+Subject: [PATCH] bpo-36260: Add pitfalls to zipfile module documentation
+ (#13378)
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+* bpo-36260: Add pitfalls to zipfile module documentation
+
+We saw vulnerability warning description (including zip bomb) in Doc/library/xml.rst file.
+This gave us the idea of documentation improvement.
+
+So, we moved a little bit forward :P
+And the doc patch can be found (pr).
+
+* fix trailing whitespace
+
+* 📜 🤖  Added by blurb_it.
+
+* Reformat text for consistency.
+
+---
+ Doc/library/zipfile.rst                       | 40 +++++++++++++++++++
+ .../2019-06-04-09-29-00.bpo-36260.WrGuc-.rst  |  1 +
+ 2 files changed, 41 insertions(+)
+ create mode 100644 Misc/NEWS.d/next/Documentation/2019-06-04-09-29-00.bpo-36260.WrGuc-.rst
+
+diff --git a/Doc/library/zipfile.rst b/Doc/library/zipfile.rst
+index 6fb03a0..6fa0a28 100644
+--- a/Doc/library/zipfile.rst
++++ b/Doc/library/zipfile.rst
+@@ -730,5 +730,45 @@ Command-line options
+ 
+    Test whether the zipfile is valid or not.
+ 
++Decompression pitfalls
++----------------------
++
++The extraction in zipfile module might fail due to some pitfalls listed below.
++
++From file itself
++~~~~~~~~~~~~~~~~
++
++Decompression may fail due to incorrect password / CRC checksum / ZIP format or
++unsupported compression method / decryption.
++
++File System limitations
++~~~~~~~~~~~~~~~~~~~~~~~
++
++Exceeding limitations on different file systems can cause decompression failed.
++Such as allowable characters in the directory entries, length of the file name,
++length of the pathname, size of a single file, and number of files, etc.
++
++Resources limitations
++~~~~~~~~~~~~~~~~~~~~~
++
++The lack of memory or disk volume would lead to decompression
++failed. For example, decompression bombs (aka `ZIP bomb`_)
++apply to zipfile library that can cause disk volume exhaustion.
++
++Interruption
++~~~~~~~~~~~~
++
++Interruption during the decompression, such as pressing control-C or killing the
++decompression process may result in incomplete decompression of the archive.
++
++Default behaviors of extraction
++~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
++
++Not knowing the default extraction behaviors
++can cause unexpected decompression results.
++For example, when extracting the same archive twice,
++it overwrites files without asking.
++
+ 
++.. _ZIP bomb: https://en.wikipedia.org/wiki/Zip_bomb
+ .. _PKZIP Application Note: https://pkware.cachefly.net/webdocs/casestudies/APPNOTE.TXT
+diff --git a/Misc/NEWS.d/next/Documentation/2019-06-04-09-29-00.bpo-36260.WrGuc-.rst b/Misc/NEWS.d/next/Documentation/2019-06-04-09-29-00.bpo-36260.WrGuc-.rst
+new file mode 100644
+index 0000000..9276516
+--- /dev/null
++++ b/Misc/NEWS.d/next/Documentation/2019-06-04-09-29-00.bpo-36260.WrGuc-.rst
+@@ -0,0 +1 @@
++Add decompression pitfalls to zipfile module documentation.
+\ No newline at end of file
+--
+2.23.0
-- 
Gitee


From 57ab11d0e1b5e517a4c2fb7cd0d45da328155131 Mon Sep 17 00:00:00 2001
From: chenyaqiang <chenyaqiang@huawei.com>
Date: Wed, 2 Sep 2020 07:32:19 +0000
Subject: [PATCH 2/2] convert format

---
 python3.spec | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/python3.spec b/python3.spec
index 340dbf9..7548de4 100644
--- a/python3.spec
+++ b/python3.spec
@@ -3,7 +3,7 @@ Summary: Interpreter of the Python3 programming language
 URL: https://www.python.org/
 
 Version: 3.7.9
-Release: 1
+Release: 2
 License: Python
 
 %global branchversion 3.7
@@ -797,6 +797,12 @@ export BEP_GTDLIST="$BEP_GTDLIST_TMP"
 %{_mandir}/*/*
 
 %changelog
+* Wed Sep 2 2020 tianwei<tianwei12@huawei.com> - 3.7.9-2
+- Type:NA
+- ID:NA
+- SUG:NA
+- DESC:convert format for CVE
+
 * Mon Aug 31 2020 shixuantong<shixuantong@huawei.com> - 3.7.9-1
 - Type:NA
 - ID:NA
-- 
Gitee