diff --git a/32bit-handle-overflow.patch b/32bit-handle-overflow.patch new file mode 100644 index 0000000..315252c --- /dev/null +++ b/32bit-handle-overflow.patch @@ -0,0 +1,11 @@ +--- itsdangerous-2.1.1/src/itsdangerous/timed.py ++++ itsdangerous-2.1.1/src/itsdangerous/timed.py +@@ -126,7 +126,7 @@ + if ts_int is not None: + try: + ts_dt = self.timestamp_to_datetime(ts_int) +- except (ValueError, OSError) as exc: ++ except (OverflowError, ValueError, OSError) as exc: + # Windows raises OSError + raise BadTimeSignature( + "Malformed timestamp", payload=value diff --git a/itsdangerous-2.0.1.tar.gz b/itsdangerous-2.0.1.tar.gz deleted file mode 100644 index 7e09868..0000000 --- a/itsdangerous-2.0.1.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:9e724d68fc22902a1435351f84c3fb8623f303fffcc566a4cb952df8c572cff0 -size 59336 diff --git a/itsdangerous-2.1.1.tar.gz b/itsdangerous-2.1.1.tar.gz new file mode 100644 index 0000000..bae6a5a --- /dev/null +++ b/itsdangerous-2.1.1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:7b7d3023cd35d9cb0c1fd91392f8c95c6fa02c59bf8ad64b8849be3401b95afb +size 56217 diff --git a/python-itsdangerous.changes b/python-itsdangerous.changes index a0dddc3..531d3b3 100644 --- a/python-itsdangerous.changes +++ b/python-itsdangerous.changes @@ -1,3 +1,20 @@ +------------------------------------------------------------------- +Thu Mar 24 11:57:23 UTC 2022 - Dirk Müller + +- add 32bit-handle-overflow.patch + +------------------------------------------------------------------- +Mon Mar 21 08:11:18 UTC 2022 - Dirk Müller + +- update to 2.1.1: + * Handle date overflow in timed unsign. :pr:`296` + * Drop support for Python 3.6. :pr:`272` + * Remove previously deprecated code. :pr:`273` + * JWS functionality: Use a dedicated library such as Authlib + instead. + * ``import itsdangerous.json``: Import ``json`` from the standard + library instead. + ------------------------------------------------------------------- Sat Jun 19 07:34:21 UTC 2021 - Michael Ströder diff --git a/python-itsdangerous.spec b/python-itsdangerous.spec index 12c4f06..e8c5791 100644 --- a/python-itsdangerous.spec +++ b/python-itsdangerous.spec @@ -1,7 +1,7 @@ # # spec file for package python-itsdangerous # -# Copyright (c) 2021 SUSE LLC +# Copyright (c) 2022 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -16,17 +16,19 @@ # -%define oldpython python +%{?!python_module:%define python_module() python3-%{**}} %define skip_python2 1 -%{?!python_module:%define python_module() python-%{**} python3-%{**}} +%global skip_python36 1 Name: python-itsdangerous -Version: 2.0.1 +Version: 2.1.1 Release: 0 Summary: Various helpers to pass trusted data to untrusted environments and back License: BSD-3-Clause Group: Development/Languages/Python URL: https://itsdangerous.palletsprojects.com Source: https://files.pythonhosted.org/packages/source/i/itsdangerous/itsdangerous-%{version}.tar.gz +# https://github.com/pallets/itsdangerous/pull/299 +Patch1: 32bit-handle-overflow.patch BuildRequires: %{python_module freezegun} BuildRequires: %{python_module pytest} BuildRequires: %{python_module setuptools} @@ -50,6 +52,7 @@ Also I plan to add some extra things. Work in progress. %prep %setup -q -n itsdangerous-%{version} +%patch1 -p1 %build %python_build