Accepting request 1169631 from devel:languages:python

OBS-URL: https://build.opensuse.org/request/show/1169631 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-gunicorn?expand=0&rev=25
2024-04-23 16:55:05 +00:00 · 2024-04-23 16:55:05 +00:00 · 7fdea1bf6c
commit 7fdea1bf6c
parent fcb9121d5e 711614fd06
4 changed files with 49 additions and 9 deletions
--- a/gunicorn-21.2.0.tar.gz
+++ b/gunicorn-21.2.0.tar.gz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:88ec8bff1d634f98e61b9f65bc4bf3cd918a90806c6f5c48bc5603849ec81033
-size 3632557
--- a/gunicorn-22.0.0.tar.gz
+++ b/gunicorn-22.0.0.tar.gz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:4a0b436239ff76fb33f11c07a16482c521a7e09c1ce3cc293c2330afe01bec63
+size 3639760
--- a/python-gunicorn.changes
+++ b/python-gunicorn.changes
@ -1,3 +1,41 @@
+-------------------------------------------------------------------
+Wed Apr 17 12:43:25 UTC 2024 - Markéta Machová <mmachova@suse.com>
+
+- Update to 22.0.0
+  * use `utime` to notify workers liveness
+  * migrate setup to pyproject.toml
+  * fix numerous security vulnerabilities in HTTP parser (closing some 
+    request smuggling vectors)
+  * parsing additional requests is no longer attempted past unsupported 
+    request framing
+  * on HTTP versions < 1.1 support for chunked transfer is refused
+  * requests conflicting configured or passed SCRIPT_NAME now produce 
+    a verbose error
+  * Trailer fields are no longer inspected for headers indicating secure 
+    scheme
+  * support Python 3.12
+** Breaking changes **
+  * minimum version is Python 3.7
+  * the limitations on valid characters in the HTTP method have been bounded 
+    to Internet Standards
+  * requests specifying unsupported transfer coding (order) are refused by 
+    default (rare)
+  * HTTP methods are no longer casefolded by default (IANA method registry 
+    contains none affected)
+  * HTTP methods containing the number sign (#) are no longer accepted by 
+    default (rare)
+  * HTTP versions < 1.0 or >= 2.0 are no longer accepted by default (rare)
+  * HTTP versions consisting of multiple digits or containing a prefix/suffix 
+    are no longer accepted
+  * HTTP header field names Gunicorn cannot safely map to variables are silently 
+    dropped, as in other software
+  * HTTP headers with empty field name are refused by default
+  * requests with both Transfer-Encoding and Content-Length are refused by default 
+    (such a message might indicate an attempt to perform request smuggling)
+  * empty transfer codings are no longer permitted
+** SECURITY **
+  * fix CVE-2024-1135 (bsc#1222950)
+
 -------------------------------------------------------------------
 Mon Jan  8 23:05:51 UTC 2024 - Matej Cepl <mcepl@cepl.eu>

--- a/python-gunicorn.spec
+++ b/python-gunicorn.spec
@ -1,5 +1,5 @@
 #
-# spec file
+# spec file for package python-gunicorn
 #
 # Copyright (c) 2024 SUSE LLC
 #
@ -27,19 +27,20 @@
 %define skip_python2 1
 %{?sle15_python_module_pythons}
 Name:           python-gunicorn%{psuffix}
-Version:        21.2.0
+Version:        22.0.0
 Release:        0
 Summary:        WSGI HTTP Server for UNIX
 License:        MIT
 Group:          Development/Languages/Python
 URL:            https://gunicorn.org
 Source:         https://files.pythonhosted.org/packages/source/g/gunicorn/gunicorn-%{version}.tar.gz
-BuildRequires:  %{python_module importlib_metadata}
+BuildRequires:  %{python_module pip}
 BuildRequires:  %{python_module setuptools >= 3.0}
+BuildRequires:  %{python_module wheel}
 BuildRequires:  fdupes
 BuildRequires:  python-rpm-macros
 Requires(post): update-alternatives
-Requires(postun):update-alternatives
+Requires(postun): update-alternatives
 Suggests:       python-evenlet
 Suggests:       python-gevent
 Suggests:       python-gthread
@ -56,6 +57,7 @@ BuildRequires:  python3-Sphinx
 BuildRequires:  %{python_module eventlet}
 BuildRequires:  %{python_module gevent >= 1.4}
 BuildRequires:  %{python_module gunicorn}
+BuildRequires:  %{python_module pytest-cov}
 BuildRequires:  %{python_module pytest}
 %endif
 %python_subpackages
@ -95,11 +97,11 @@ sed -i -e 's/--cov[^ ]*//' -e 's/--cov-report[^ ]*//' setup.cfg
 %else  # without test

 %build
-%python_build
+%pyproject_wheel
 sphinx-build -b html -d docs/build/doctrees docs/source docs/build/html

 %install
-%python_install
+%pyproject_install
 %python_clone -a %{buildroot}%{_bindir}/gunicorn
 %python_expand %fdupes %{buildroot}%{$python_sitelib}