Accepting request 1172259 from devel:languages:python

- update to 3.1.4 (bsc#1223980, CVE-2024-34064): * The xmlattr filter does not allow keys with / solidus, > greater-than sign, or = equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. OBS-URL: https://build.opensuse.org/request/show/1172259 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-Jinja2?expand=0&rev=53
2024-05-07 16:02:44 +00:00 · 2024-05-07 16:02:44 +00:00 · 7b8468f4cb
commit 7b8468f4cb
parent ad467f3c8d 3e785a3c5f
4 changed files with 24 additions and 14 deletions
--- a/Jinja2-3.1.3.tar.gz
+++ b/Jinja2-3.1.3.tar.gz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:ac8bd6544d4bb2c9792bf3a159e80bba8fda7f07e81bc3aed565432d5925ba90
-size 268261
--- a/jinja2-3.1.4.tar.gz
+++ b/jinja2-3.1.4.tar.gz
--- a/python-Jinja2.changes
+++ b/python-Jinja2.changes
@ -1,3 +1,13 @@
+-------------------------------------------------------------------
+Mon May  6 18:10:40 UTC 2024 - Dirk Müller <dmueller@suse.com>
+
+- update to 3.1.4 (bsc#1223980, CVE-2024-34064):
+  * The xmlattr filter does not allow keys with / solidus, >
+    greater-than sign, or = equals sign, in addition to disallowing
+    spaces. Regardless of any validation done by Jinja, user input
+    should never be used as keys to this filter, or must be separately
+    validated first.
+
 -------------------------------------------------------------------
 Mon Jan 29 10:10:29 UTC 2024 - Daniel Garcia <daniel.garcia@suse.com>

--- a/python-Jinja2.spec
+++ b/python-Jinja2.spec
@ -16,7 +16,6 @@
 #


-%define skip_python2 1
 %ifarch %{ix86} armv7l
 %bcond_with test
 %else
@ -24,16 +23,18 @@
 %endif
 %{?sle15_python_module_pythons}
 Name:           python-Jinja2
-Version:        3.1.3
+Version:        3.1.4
 Release:        0
 Summary:        A template engine written in pure Python
 License:        BSD-3-Clause
 URL:            https://jinja.palletsprojects.com
-Source:         https://files.pythonhosted.org/packages/source/J/Jinja2/Jinja2-%{version}.tar.gz
+Source:         https://files.pythonhosted.org/packages/source/J/Jinja2/jinja2-%{version}.tar.gz
 BuildRequires:  %{python_module MarkupSafe >= 0.23}
 BuildRequires:  %{python_module base >= 3.7}
+BuildRequires:  %{python_module flit-core}
+BuildRequires:  %{python_module pip}
 BuildRequires:  %{python_module pytest}
-BuildRequires:  %{python_module setuptools}
+BuildRequires:  %{python_module wheel}
 BuildRequires:  dos2unix
 BuildRequires:  fdupes
 BuildRequires:  python-rpm-macros
@ -51,14 +52,13 @@ inspired non-XML syntax but supports inline expressions and an optional
 sandboxed environment.

 %prep
-%setup -q -n Jinja2-%{version}
-dos2unix LICENSE.rst # Fix wrong EOL encoding
+%setup -q -n jinja2-%{version}

 %build
-%python_build
+%pyproject_wheel

 %install
-%python_install
+%pyproject_install
 %python_expand %fdupes %{buildroot}%{$python_sitelib}

 %check
@ -70,9 +70,9 @@ donttest="test_striptags"
 %endif

 %files %{python_files}
-%license LICENSE.rst
-%doc README.rst CHANGES.rst artwork examples
+%license LICENSE.txt
+%doc README.md docs/changes.rst docs/examples
 %{python_sitelib}/jinja2
-%{python_sitelib}/Jinja2-%{version}-py%{python_version}.egg-info
+%{python_sitelib}/jinja2-%{version}.dist-info

 %changelog