Accepting request 914454 from devel:languages:python:Factory

OBS-URL: https://build.opensuse.org/request/show/914454 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python?expand=0&rev=156
2021-08-28 20:28:52 +00:00 · 2021-08-28 20:28:52 +00:00 · 6c0d6bd722
commit 6c0d6bd722
parent 65ab37fec4 de8c3896ee
9 changed files with 128 additions and 19 deletions
--- a/CVE-2021-3733-fix-ReDoS-in-request.patch
+++ b/CVE-2021-3733-fix-ReDoS-in-request.patch
--- a/CVE-2021-3737-fix-HTTP-client-infinite-line-reading-after-a-HTTP-100-Continue.patch
+++ b/CVE-2021-3737-fix-HTTP-client-infinite-line-reading-after-a-HTTP-100-Continue.patch
@ -12,7 +12,7 @@
                     break
                 if self.debuglevel > 0:
                     print "header:", skip
-+                # bpo-44022: Fix http client infinite line reading (DoS) after a http 100
+                # CVE-2021-3737: Fix infinitely reading potential HTTP headers on a 100 Continue status response from the server
 +                header_count += 1
 +                if header_count > _MAXHEADERS:
 +                    raise HTTPException("got more than %d headers" % _MAXHEADERS)
--- a/python-base.changes
+++ b/python-base.changes
@ -1,3 +1,21 @@
+-------------------------------------------------------------------
+Thu Aug 26 15:35:10 UTC 2021 - Fusion Future <qydwhotmail@gmail.com>
+
+- Renamed patch for assigned CVE:
+  * bpo44022-fix-http-client-infinite-line-reading-after-a-HTTP-100-Continue.patch ->
+    CVE-2021-3737-fix-HTTP-client-infinite-line-reading-after-a-HTTP-100-Continue.patch
+    (boo#1189241, CVE-2021-3737)
+
+-------------------------------------------------------------------
+Mon Aug 23 11:16:24 UTC 2021 - Fusion Future <qydwhotmail@gmail.com>
+
+- Renamed patch for assigned CVE:
+  * bpo43075-fix-ReDoS-in-request.patch -> CVE-2021-3733-fix-ReDoS-in-request.patch
+    (boo#1189287, CVE-2021-3733)
+- Fix python-doc build (bpo#35293):
+  * sphinx-update-removed-function.patch
+- Update documentation formatting for Sphinx 3.0 (bpo#40204).
+
 -------------------------------------------------------------------
 Tue Aug 10 12:39:28 UTC 2021 - Fusion Future <qydwhotmail@gmail.com>

--- a/python-base.spec
+++ b/python-base.spec
@ -103,10 +103,12 @@ Patch61:        CVE-2021-3177-buf_ovrfl_PyCArg_repr.patch
 # PATCH-FIX-UPSTREAM CVE-2021-23336-only-amp-as-query-sep.patch bsc#[0-9]+ mcepl@suse.com
 # this patch makes things totally awesome
 Patch62:        CVE-2021-23336-only-amp-as-query-sep.patch
-# PATCH-FIX-UPSTREAM bpo44022-fix-http-client-infinite-line-reading-after-a-HTTP-100-Continue.patch boo#1189241 gh#python/cpython#25916
-Patch63:        bpo44022-fix-http-client-infinite-line-reading-after-a-HTTP-100-Continue.patch
-# PATCH-FIX-UPSTREAM bpo43075-fix-ReDoS-in-request.patch boo#1189287 gh#python/cpython#24391
-Patch64:        bpo43075-fix-ReDoS-in-request.patch
+# PATCH-FIX-UPSTREAM CVE-2021-3737-fix-HTTP-client-infinite-line-reading-after-a-HTTP-100-Continue.patch boo#1189241 gh#python/cpython#25916
+Patch63:        CVE-2021-3737-fix-HTTP-client-infinite-line-reading-after-a-HTTP-100-Continue.patch
+# PATCH-FIX-UPSTREAM CVE-2021-3733-fix-ReDoS-in-request.patch boo#1189287 gh#python/cpython#24391
+Patch64:        CVE-2021-3733-fix-ReDoS-in-request.patch
+# PATCH-FIX-UPSTREAM sphinx-update-removed-function.patch bpo#35293 gh#python/cpython#22198 -- fix doc build
+Patch65:        sphinx-update-removed-function.patch
 # COMMON-PATCH-END
 %define         python_version    %(echo %{tarversion} | head -c 3)
 BuildRequires:  automake
@ -236,6 +238,7 @@ other applications.
 %patch62 -p1
 %patch63 -p1
 %patch64 -p1
+%patch65 -p1

 # drop Autoconf version requirement
 sed -i 's/^version_required/dnl version_required/' configure.ac
--- a/python-doc.changes
+++ b/python-doc.changes
@ -1,3 +1,21 @@
+-------------------------------------------------------------------
+Thu Aug 26 15:35:10 UTC 2021 - Fusion Future <qydwhotmail@gmail.com>
+
+- Renamed patch for assigned CVE:
+  * bpo44022-fix-http-client-infinite-line-reading-after-a-HTTP-100-Continue.patch ->
+    CVE-2021-3737-fix-HTTP-client-infinite-line-reading-after-a-HTTP-100-Continue.patch
+    (boo#1189241, CVE-2021-3737)
+
+-------------------------------------------------------------------
+Mon Aug 23 11:16:24 UTC 2021 - Fusion Future <qydwhotmail@gmail.com>
+
+- Renamed patch for assigned CVE:
+  * bpo43075-fix-ReDoS-in-request.patch -> CVE-2021-3733-fix-ReDoS-in-request.patch
+    (boo#1189287, CVE-2021-3733)
+- Fix python-doc build (bpo#35293):
+  * sphinx-update-removed-function.patch
+- Update documentation formatting for Sphinx 3.0 (bpo#40204).
+
 -------------------------------------------------------------------
 Tue Aug 10 12:39:28 UTC 2021 - Fusion Future <qydwhotmail@gmail.com>

--- a/python-doc.spec
+++ b/python-doc.spec
@ -105,15 +105,17 @@ Patch61:        CVE-2021-3177-buf_ovrfl_PyCArg_repr.patch
 # PATCH-FIX-UPSTREAM CVE-2021-23336-only-amp-as-query-sep.patch bsc#[0-9]+ mcepl@suse.com
 # this patch makes things totally awesome
 Patch62:        CVE-2021-23336-only-amp-as-query-sep.patch
-# PATCH-FIX-UPSTREAM bpo44022-fix-http-client-infinite-line-reading-after-a-HTTP-100-Continue.patch boo#1189241 gh#python/cpython#25916
-Patch63:        bpo44022-fix-http-client-infinite-line-reading-after-a-HTTP-100-Continue.patch
-# PATCH-FIX-UPSTREAM bpo43075-fix-ReDoS-in-request.patch boo#1189287 gh#python/cpython#24391
-Patch64:        bpo43075-fix-ReDoS-in-request.patch
+# PATCH-FIX-UPSTREAM CVE-2021-3737-fix-HTTP-client-infinite-line-reading-after-a-HTTP-100-Continue.patch boo#1189241 gh#python/cpython#25916
+Patch63:        CVE-2021-3737-fix-HTTP-client-infinite-line-reading-after-a-HTTP-100-Continue.patch
+# PATCH-FIX-UPSTREAM CVE-2021-3733-fix-ReDoS-in-request.patch boo#1189287 gh#python/cpython#24391
+Patch64:        CVE-2021-3733-fix-ReDoS-in-request.patch
+# PATCH-FIX-UPSTREAM sphinx-update-removed-function.patch bpo#35293 gh#python/cpython#22198 -- fix doc build
+Patch65:        sphinx-update-removed-function.patch
 # COMMON-PATCH-END
-Provides:       pyth_doc
-Provides:       pyth_ps
-Obsoletes:      pyth_doc
-Obsoletes:      pyth_ps
+Provides:       pyth_doc = %{version}
+Provides:       pyth_ps = %{version}
+Obsoletes:      pyth_doc < %{version}
+Obsoletes:      pyth_ps < %{version}
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 BuildArch:      noarch
 Enhances:       python = %{version}
@ -127,8 +129,8 @@ Python, and Macintosh Module Reference in HTML format.
 %package pdf
 Summary:        Python PDF Documentation
 Group:          Development/Languages/Python
-Provides:       pyth_pdf
-Obsoletes:      pyth_pdf
+Provides:       pyth_pdf = %{version}
+Obsoletes:      pyth_pdf < %{version}
 Provides:       python2-doc-pdf = %{version}

 %description pdf
@ -180,9 +182,16 @@ Python, and Macintosh Module Reference in PDF format.
 %patch62 -p1
 %patch63 -p1
 %patch64 -p1
+%patch65 -p1

 # drop Autoconf version requirement
 sed -i 's/^version_required/dnl version_required/' configure.ac
+
+# Update documentation formatting for Sphinx 3.0 (bpo#40204)
+for i in `find Doc/ -type f -name "*.rst"`
+do
+  sed -i 's/:c:type:/:c:expr:/g' $i
+done
 # COMMON-PREP-END

 %build
--- a/python.changes
+++ b/python.changes
@ -1,3 +1,21 @@
+-------------------------------------------------------------------
+Thu Aug 26 15:35:10 UTC 2021 - Fusion Future <qydwhotmail@gmail.com>
+
+- Renamed patch for assigned CVE:
+  * bpo44022-fix-http-client-infinite-line-reading-after-a-HTTP-100-Continue.patch ->
+    CVE-2021-3737-fix-HTTP-client-infinite-line-reading-after-a-HTTP-100-Continue.patch
+    (boo#1189241, CVE-2021-3737)
+
+-------------------------------------------------------------------
+Mon Aug 23 11:16:24 UTC 2021 - Fusion Future <qydwhotmail@gmail.com>
+
+- Renamed patch for assigned CVE:
+  * bpo43075-fix-ReDoS-in-request.patch -> CVE-2021-3733-fix-ReDoS-in-request.patch
+    (boo#1189287, CVE-2021-3733)
+- Fix python-doc build (bpo#35293):
+  * sphinx-update-removed-function.patch
+- Update documentation formatting for Sphinx 3.0 (bpo#40204).
+
 -------------------------------------------------------------------
 Tue Aug 10 12:39:28 UTC 2021 - Fusion Future <qydwhotmail@gmail.com>

--- a/python.spec
+++ b/python.spec
@ -105,10 +105,12 @@ Patch61:        CVE-2021-3177-buf_ovrfl_PyCArg_repr.patch
 # PATCH-FIX-UPSTREAM CVE-2021-23336-only-amp-as-query-sep.patch bsc#[0-9]+ mcepl@suse.com
 # this patch makes things totally awesome
 Patch62:        CVE-2021-23336-only-amp-as-query-sep.patch
-# PATCH-FIX-UPSTREAM bpo44022-fix-http-client-infinite-line-reading-after-a-HTTP-100-Continue.patch boo#1189241 gh#python/cpython#25916
-Patch63:        bpo44022-fix-http-client-infinite-line-reading-after-a-HTTP-100-Continue.patch
-# PATCH-FIX-UPSTREAM bpo43075-fix-ReDoS-in-request.patch boo#1189287 gh#python/cpython#24391
-Patch64:        bpo43075-fix-ReDoS-in-request.patch
+# PATCH-FIX-UPSTREAM CVE-2021-3737-fix-HTTP-client-infinite-line-reading-after-a-HTTP-100-Continue.patch boo#1189241 gh#python/cpython#25916
+Patch63:        CVE-2021-3737-fix-HTTP-client-infinite-line-reading-after-a-HTTP-100-Continue.patch
+# PATCH-FIX-UPSTREAM CVE-2021-3733-fix-ReDoS-in-request.patch boo#1189287 gh#python/cpython#24391
+Patch64:        CVE-2021-3733-fix-ReDoS-in-request.patch
+# PATCH-FIX-UPSTREAM sphinx-update-removed-function.patch bpo#35293 gh#python/cpython#22198 -- fix doc build
+Patch65:        sphinx-update-removed-function.patch
 # COMMON-PATCH-END
 BuildRequires:  automake
 BuildRequires:  db-devel
@ -294,6 +296,7 @@ that rely on earlier non-verification behavior.
 %patch62 -p1
 %patch63 -p1
 %patch64 -p1
+%patch65 -p1

 # drop Autoconf version requirement
 sed -i 's/^version_required/dnl version_required/' configure.ac
--- a/sphinx-update-removed-function.patch
+++ b/sphinx-update-removed-function.patch
@ -0,0 +1,40 @@
+--- a/Doc/tools/extensions/pyspecific.py
+++ b/Doc/tools/extensions/pyspecific.py
+@@ -103,7 +103,11 @@ class ImplementationDetail(Directive):
+ # Support for documenting decorators
+ 
+ from sphinx import addnodes
+-from sphinx.domains.python import PyModulelevel, PyClassmember
+try:
+    from sphinx.domains.python import PyFunction, PyMethod
+except ImportError:
+    from sphinx.domains.python import PyClassmember as PyMethod
+    from sphinx.domains.python import PyModulelevel as PyFunction
+ 
+ class PyDecoratorMixin(object):
+     def handle_signature(self, sig, signode):
+@@ -114,16 +118,16 @@ class PyDecoratorMixin(object):
+     def needs_arglist(self):
+         return False
+ 
+-class PyDecoratorFunction(PyDecoratorMixin, PyModulelevel):
+class PyDecoratorFunction(PyDecoratorMixin, PyFunction):
+     def run(self):
+         # a decorator function is a function after all
+         self.name = 'py:function'
+-        return PyModulelevel.run(self)
+        return PyFunction.run(self)
+ 
+-class PyDecoratorMethod(PyDecoratorMixin, PyClassmember):
+class PyDecoratorMethod(PyDecoratorMixin, PyMethod):
+     def run(self):
+         self.name = 'py:method'
+-        return PyClassmember.run(self)
+        return PyMethod.run(self)
+ 
+ 
+ # Support for building "topic help" for pydoc
+--- /dev/null
+++ b/Misc/NEWS.d/next/Documentation/2020-09-12-17-37-13.bpo-35293._cOwPD.rst
+@@ -0,0 +1 @@
+Fix RemovedInSphinx40Warning when building the documentation. Patch by Dong-hee Na.