Accepting request 911127 from home:fusionfuture:branches:devel:languages:python:Factory

- Add bpo44022-fix-http-client-infinite-line-reading-after-a-HTTP-100-Continue.patch which fixes http client infinite line reading (DoS) after a http 100 (bpo#44022, boo#1189241). OBS-URL: https://build.opensuse.org/request/show/911127 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=296
2021-08-10 04:45:07 +00:00
parent 767f0ce31a
commit 3cfc9f2646
7 changed files with 51 additions and 0 deletions
--- a/python.spec
+++ b/python.spec
@@ -105,6 +105,8 @@ Patch61:        CVE-2021-3177-buf_ovrfl_PyCArg_repr.patch
 # PATCH-FIX-UPSTREAM CVE-2021-23336-only-amp-as-query-sep.patch bsc#[0-9]+ mcepl@suse.com
 # this patch makes things totally awesome
 Patch62:        CVE-2021-23336-only-amp-as-query-sep.patch
+# PATCH-FIX-UPSTREAM bpo44022-fix-http-client-infinite-line-reading-after-a-HTTP-100-Continue.patch boo#1189241 gh#python/cpython#25916
+Patch63:        bpo44022-fix-http-client-infinite-line-reading-after-a-HTTP-100-Continue.patch
 # COMMON-PATCH-END
 BuildRequires:  automake
 BuildRequires:  db-devel
@@ -288,6 +290,7 @@ that rely on earlier non-verification behavior.
 %patch60 -p1
 %patch61 -p1
 %patch62 -p1
+%patch63 -p1

 # drop Autoconf version requirement
 sed -i 's/^version_required/dnl version_required/' configure.ac