python-defusedxml/python-defusedxml.spec

#
# spec file for package python-py
#
# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via http://bugs.opensuse.org/
#


Name:           python-defusedxml
Version:        0.4.1
Release:        0
Summary:        XML bomb protection for Python stdlib modules
License:        Python-2.0
Group:          Development/Languages/Python
Url:            https://pypi.python.org/pypi/defusedxml
Source:         https://pypi.python.org/packages/source/d/defusedxml/defusedxml-%{version}.tar.gz
BuildRequires:  python-devel
BuildRequires:  python-setuptools
BuildRequires:  python-xml
Requires:  python-xml
BuildRoot:      %{_tmppath}/%{name}-%{version}-build
%if 0%{?suse_version} && 0%{?suse_version} <= 1110
%{!?python_sitelib: %global python_sitelib %(python -c "from distutils.sysconfig import get_python_lib; print get_python_lib()")}
%else
BuildArch:      noarch
%endif

%description
The results of an attack on a vulnerable XML library can be fairly dramatic.
With just a few hundred bytes of XML data an attacker can occupy several
gigabytes of memory within seconds. An attacker can also keep
CPUs busy for a long time with a small to medium size request.

This library allows for XML to be parsed in a manner that avoids these
pitfalls.


%prep
%setup -q -n defusedxml-%{version}

%build
python setup.py build

%install
python setup.py install --prefix=%{_prefix} --root=%{buildroot}

%check
python setup.py test

%files
%defattr(-,root,root,-)
%doc LICENSE README.txt CHANGES.txt
%{python_sitelib}/*

%changelog
Accepting request 220844 from home:Nijel:branches:devel:languages:python New package defusedxml Needed for example for tastypie's XML API OBS-URL: https://build.opensuse.org/request/show/220844 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-defusedxml?expand=0&rev=1 2014-02-04 16:50:02 +01:00			`#`
			`# spec file for package python-py`
			`#`
			`# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.`
			`#`
			`# All modifications and additions to the file contributed by third parties`
			`# remain the property of their copyright owners, unless otherwise agreed`
			`# upon. The license for this file, and modifications and additions to the`
			`# file, is the same license as for the pristine package itself (unless the`
			`# license for the pristine package is not an Open Source License, in which`
			`# case the license is the MIT License). An "Open Source License" is a`
			`# license that conforms to the Open Source Definition (Version 1.9)`
			`# published by the Open Source Initiative.`

			`# Please submit bugfixes or comments via http://bugs.opensuse.org/`
			`#`


			`Name: python-defusedxml`
			`Version: 0.4.1`
			`Release: 0`
			`Summary: XML bomb protection for Python stdlib modules`
			`License: Python-2.0`
			`Group: Development/Languages/Python`
			`Url: https://pypi.python.org/pypi/defusedxml`
			`Source: https://pypi.python.org/packages/source/d/defusedxml/defusedxml-%{version}.tar.gz`
			`BuildRequires: python-devel`
			`BuildRequires: python-setuptools`
			`BuildRequires: python-xml`
			`Requires: python-xml`
			`BuildRoot: %{_tmppath}/%{name}-%{version}-build`
			`%if 0%{?suse_version} && 0%{?suse_version} <= 1110`
			`%{!?python_sitelib: %global python_sitelib %(python -c "from distutils.sysconfig import get_python_lib; print get_python_lib()")}`
			`%else`
			`BuildArch: noarch`
			`%endif`

			`%description`
			`The results of an attack on a vulnerable XML library can be fairly dramatic.`
			`With just a few hundred bytes of XML data an attacker can occupy several`
			`gigabytes of memory within seconds. An attacker can also keep`
			`CPUs busy for a long time with a small to medium size request.`

			`This library allows for XML to be parsed in a manner that avoids these`
			`pitfalls.`



			`%prep`
			`%setup -q -n defusedxml-%{version}`

			`%build`
			`python setup.py build`

			`%install`
			`python setup.py install --prefix=%{_prefix} --root=%{buildroot}`

			`%check`
			`python setup.py test`

			`%files`
			`%defattr(-,root,root,-)`
			`%doc LICENSE README.txt CHANGES.txt`
			`%{python_sitelib}/*`

			`%changelog`