pool/python
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Forgot to run pre_checkin.sh

Browse Source 
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=313
This commit is contained in:
Matej Cepl 2022-02-09 16:55:07 +00:00 committed by Git OBS Bridge
parent e29abdcb89
commit 510e372768
4 changed files with 24 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
python-doc.changes
View File

@ -1,3 +1,10 @@
-------------------------------------------------------------------
Wed Feb 9 16:49:52 UTC 2022 - Matej Cepl <mcepl@suse.com>
- Add CVE-2022-0391-urllib_parse-newline-parsing.patch
(bsc#1195396, CVE-2022-0391, bpo#43882) sanitizing URLs
containing ASCII newline and tabs in urlparse.
------------------------------------------------------------------- -------------------------------------------------------------------
Sun Feb 6 07:43:11 UTC 2022 - Matej Cepl <mcepl@suse.com> Sun Feb 6 07:43:11 UTC 2022 - Matej Cepl <mcepl@suse.com>

5
python-doc.spec
View File

@ -124,6 +124,10 @@ Patch67: CVE-2020-26116-httplib-header-injection.patch
# PATCH-FIX-UPSTREAM CVE-2021-4189-ftplib-trust-PASV-resp.patch bsc#1194146 mcepl@suse.com # PATCH-FIX-UPSTREAM CVE-2021-4189-ftplib-trust-PASV-resp.patch bsc#1194146 mcepl@suse.com
# Make ftplib not trust the PASV response. (gh#python/cpython#24838) # Make ftplib not trust the PASV response. (gh#python/cpython#24838)
Patch68: CVE-2021-4189-ftplib-trust-PASV-resp.patch Patch68: CVE-2021-4189-ftplib-trust-PASV-resp.patch
# PATCH-FIX-UPSTREAM CVE-2022-0391-urllib_parse-newline-parsing.patch bsc#1195396 mcepl@suse.com
# whole long discussion is on bpo#43882
# fix for santization URLs containing ASCII newline and tabs in urllib.parse
Patch69: CVE-2022-0391-urllib_parse-newline-parsing.patch
# COMMON-PATCH-END # COMMON-PATCH-END
Provides: pyth_doc = %{version} Provides: pyth_doc = %{version}
Provides: pyth_ps = %{version} Provides: pyth_ps = %{version}
@ -199,6 +203,7 @@ Python, and Macintosh Module Reference in PDF format.
%patch66 -p1 %patch66 -p1
%patch67 -p1 %patch67 -p1
%patch68 -p1 %patch68 -p1
%patch69 -p1
# For patch 66 # For patch 66
cp -v %{SOURCE66} Lib/test/recursion.tar cp -v %{SOURCE66} Lib/test/recursion.tar

7
python.changes
View File

@ -1,3 +1,10 @@
-------------------------------------------------------------------
Wed Feb 9 16:49:52 UTC 2022 - Matej Cepl <mcepl@suse.com>
- Add CVE-2022-0391-urllib_parse-newline-parsing.patch
(bsc#1195396, CVE-2022-0391, bpo#43882) sanitizing URLs
containing ASCII newline and tabs in urlparse.
------------------------------------------------------------------- -------------------------------------------------------------------
Sun Feb 6 07:43:11 UTC 2022 - Matej Cepl <mcepl@suse.com> Sun Feb 6 07:43:11 UTC 2022 - Matej Cepl <mcepl@suse.com>

5
python.spec
View File

@ -124,6 +124,10 @@ Patch67: CVE-2020-26116-httplib-header-injection.patch
# PATCH-FIX-UPSTREAM CVE-2021-4189-ftplib-trust-PASV-resp.patch bsc#1194146 mcepl@suse.com # PATCH-FIX-UPSTREAM CVE-2021-4189-ftplib-trust-PASV-resp.patch bsc#1194146 mcepl@suse.com
# Make ftplib not trust the PASV response. (gh#python/cpython#24838) # Make ftplib not trust the PASV response. (gh#python/cpython#24838)
Patch68: CVE-2021-4189-ftplib-trust-PASV-resp.patch Patch68: CVE-2021-4189-ftplib-trust-PASV-resp.patch
# PATCH-FIX-UPSTREAM CVE-2022-0391-urllib_parse-newline-parsing.patch bsc#1195396 mcepl@suse.com
# whole long discussion is on bpo#43882
# fix for santization URLs containing ASCII newline and tabs in urllib.parse
Patch69: CVE-2022-0391-urllib_parse-newline-parsing.patch
# COMMON-PATCH-END # COMMON-PATCH-END
BuildRequires: automake BuildRequires: automake
BuildRequires: db-devel BuildRequires: db-devel
@ -313,6 +317,7 @@ that rely on earlier non-verification behavior.
%patch66 -p1 %patch66 -p1
%patch67 -p1 %patch67 -p1
%patch68 -p1 %patch68 -p1
%patch69 -p1
# For patch 66 # For patch 66
cp -v %{SOURCE66} Lib/test/recursion.tar cp -v %{SOURCE66} Lib/test/recursion.tar