- Modify CVE-2023-27043-email-parsing-errors.patch to fix the

unicode string handling in email.utils.parseaddr() (bsc#1222537). OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=407
2024-04-16 20:26:40 +00:00
parent c8f2c7a003
commit 7ccba948f3
8 changed files with 302 additions and 342 deletions
--- a/python.spec
+++ b/python.spec
@@ -150,7 +150,8 @@ Patch75:        CVE-2023-24329-blank-URL-bypass.patch
 Patch76:        PygmentsBridge-trime_doctest_flags.patch
 # PATCH-FIX-UPSTREAM CVE-2023-27043-email-parsing-errors.patch bsc#1210638 mcepl@suse.com
 # Detect email address parsing errors and return empty tuple to
-# indicate the parsing error (old API)
+# indicate the parsing error (old API), modified for fixing bsc#1222537,
+# so that email.utils.parseaddr accepts unicode string
 Patch77:        CVE-2023-27043-email-parsing-errors.patch
 # PATCH-FIX-UPSTREAM CVE-2022-48565-plistlib-XML-vulns.patch bsc#1214685 mcepl@suse.com
 # Reject entity declarations in plists
@@ -163,9 +164,6 @@ Patch80:        CVE-2022-48566-compare_digest-more-constant.patch
 # PATCH-FIX-UPSTREAM CVE-2022-48560-after-free-heappushpop.patch bsc#1214675 mcepl@suse.com
 # fix use after free in heapq.heappushpop()
 Patch81:        CVE-2022-48560-after-free-heappushpop.patch
-# PATCH-FIX-UPSTREAM bsc1222537-py2-email-addr-parse.patch bsc#1222537 mcepl@suse.com
-# email.utils.parseaddr should accept unicode string
-Patch82:        bsc1222537-py2-email-addr-parse.patch
 # COMMON-PATCH-END
 BuildRequires:  automake
 BuildRequires:  db-devel
@@ -378,7 +376,6 @@ that rely on earlier non-verification behavior.
 %patch -P 79 -p1
 %patch -P 80 -p1
 %patch -P 81 -p1
-%patch -P 82 -p1

 # For patch 66
 cp -v %{SOURCE66} Lib/test/recursion.tar