- update to 1.8.11:

* fixed #5772, #5761 unhandled exception
  * fixed #5763 Can not perform sql blind injection again latest dvwa
  * fixed #5798 Some bugs with common tables and columns check
  * fixed #5767 direct connection to oracle database not working
  * update translations

OBS-URL: https://build.opensuse.org/package/show/security/sqlmap?expand=0&rev=33

.gitattributes

@@ -0,0 +1,23 @@
+## Default LFS
+*.7z filter=lfs diff=lfs merge=lfs -text
+*.bsp filter=lfs diff=lfs merge=lfs -text
+*.bz2 filter=lfs diff=lfs merge=lfs -text
+*.gem filter=lfs diff=lfs merge=lfs -text
+*.gz filter=lfs diff=lfs merge=lfs -text
+*.jar filter=lfs diff=lfs merge=lfs -text
+*.lz filter=lfs diff=lfs merge=lfs -text
+*.lzma filter=lfs diff=lfs merge=lfs -text
+*.obscpio filter=lfs diff=lfs merge=lfs -text
+*.oxt filter=lfs diff=lfs merge=lfs -text
+*.pdf filter=lfs diff=lfs merge=lfs -text
+*.png filter=lfs diff=lfs merge=lfs -text
+*.rpm filter=lfs diff=lfs merge=lfs -text
+*.tbz filter=lfs diff=lfs merge=lfs -text
+*.tbz2 filter=lfs diff=lfs merge=lfs -text
+*.tgz filter=lfs diff=lfs merge=lfs -text
+*.ttf filter=lfs diff=lfs merge=lfs -text
+*.txz filter=lfs diff=lfs merge=lfs -text
+*.whl filter=lfs diff=lfs merge=lfs -text
+*.xz filter=lfs diff=lfs merge=lfs -text
+*.zip filter=lfs diff=lfs merge=lfs -text
+*.zst filter=lfs diff=lfs merge=lfs -text

.gitignore

@@ -0,0 +1 @@
+.osc

fix_shebang.patch

@@ -0,0 +1,40 @@
+Only in sqlmap-1.5.ori/extra/icmpsh: icmpsh-m.c
+Only in sqlmap-1.5/extra/icmpsh: icmpsh-m.c.txt
+Only in sqlmap-1.5.ori/extra/icmpsh: icmpsh-s.c
+Only in sqlmap-1.5/extra/icmpsh: icmpsh-s.c.txt
+Only in sqlmap-1.5.ori/extra/runcmd/src/runcmd: runcmd.cpp
+Only in sqlmap-1.5/extra/runcmd/src/runcmd: runcmd.cpp.txt
+Only in sqlmap-1.5.ori/extra/runcmd/src/runcmd: stdafx.cpp
+Only in sqlmap-1.5/extra/runcmd/src/runcmd: stdafx.cpp.txt
+Only in sqlmap-1.5.ori/extra/runcmd/src/runcmd: stdafx.h
+Only in sqlmap-1.5/extra/runcmd/src/runcmd: stdafx.h.txt
+Index: sqlmap-1.8.11/extra/shutils/autocompletion.sh
+===================================================================
+--- sqlmap-1.8.11.orig/extra/shutils/autocompletion.sh
++++ sqlmap-1.8.11/extra/shutils/autocompletion.sh
+@@ -1,4 +1,4 @@
+-#/usr/bin/env bash
++#!/usr/bin/bash
+ 
+ # source ./extra/shutils/autocompletion.sh
+ 
+Index: sqlmap-1.8.11/sqlmapapi.py
+===================================================================
+--- sqlmap-1.8.11.orig/sqlmapapi.py
++++ sqlmap-1.8.11/sqlmapapi.py
+@@ -1,4 +1,4 @@
+-#!/usr/bin/env python
++#!/usr/bin/python3
+ 
+ """
+ Copyright (c) 2006-2024 sqlmap developers (https://sqlmap.org/)
+Index: sqlmap-1.8.11/sqlmap.py
+===================================================================
+--- sqlmap-1.8.11.orig/sqlmap.py
++++ sqlmap-1.8.11/sqlmap.py
+@@ -1,4 +1,4 @@
+-#!/usr/bin/env python
++#!/usr/bin/python3
+ 
+ """
+ Copyright (c) 2006-2024 sqlmap developers (https://sqlmap.org/)

sqlmap-1.8.11.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:e52ee3a3c1892745176f936fc16a7f761d690739afa4b7b01c64e9144849cbd9
+size 7251649

sqlmap-1.8.5.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:8135305a3e45ce7b29bae02bf77e318091b398703bf727c91ec4d2b375fe79d7
+size 7245377

sqlmap-1.8.8.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:3bab3fbe9903b5c335202a7bcfc52bfd05c66634dd9f19b8d5bfaefcc98c1fdf
+size 7249385

sqlmap.changes

@@ -0,0 +1,174 @@
+-------------------------------------------------------------------
+Wed Nov 27 15:56:23 UTC 2024 - Andrea Manzini <andrea.manzini@suse.com>
+
+- update to 1.8.11:
+  * fixed #5772, #5761 unhandled exception
+  * fixed #5763 Can not perform sql blind injection again latest dvwa
+  * fixed #5798 Some bugs with common tables and columns check
+  * fixed #5767 direct connection to oracle database not working
+  * update translations
+
+-------------------------------------------------------------------
+Mon Sep  2 15:16:10 UTC 2024 - Andrea Manzini <andrea.manzini@suse.com>
+
+- update to 1.8.8:
+  * fixed #5727 SQLAlchemy connection issue
+  * fixed #5725 Arbitrary Injection Point Not Working
+  * implements #5728 More error-based payloads
+  * fixed #5738 probing web services on non-standard ports
+  * fixed #5731 python 3.13 compatibility
+  * fixed #4613 Single column enumeration (-C) broken for Firebird backend
+  * fixed #5755, #5759 Unhandled exception
+
+-------------------------------------------------------------------
+Sat May 25 15:10:26 UTC 2024 - Andrea Manzini <andrea.manzini@suse.com>
+
+- update to 1.8.5:
+  * Patch related to the #5700 (Send raw binary data to postprocess function)
+
+- update to 1.8.4:
+  * Removing some obsolete code
+
+-------------------------------------------------------------------
+Sat Mar 16 19:41:22 UTC 2024 - Dirk Müller <dmueller@suse.com>
+
+- update to 1.8.3:
+  * Adding switch '--unsafe-naming'
+  * Fixes #5619
+  * Fixes #5590
+  * Add Patch related to empty multiform-data field value
+  * Fix Python 3.12 warnings
+
+-------------------------------------------------------------------
+Fri Jan  5 14:32:01 UTC 2024 - Andrea Manzini <andrea.manzini@suse.com>
+
+- update to 1.8:
+  * H2 queries to get data use wrong order for LIMIT and OFFSET (#5580)
+  * Cleaning some mess with limitQuery
+  * fix issue #5571, #5229, #5581, #5585
+  * update documentation and copyright year
+
+-------------------------------------------------------------------
+Fri Dec  1 15:04:41 UTC 2023 - Dirk Müller <dmueller@suse.com>
+
+- update to 1.7.12:
+  * Fixes #5567, #5566, #5574, #5576
+
+-------------------------------------------------------------------
+Sat Nov 25 16:49:38 UTC 2023 - Dirk Müller <dmueller@suse.com>
+
+- update to 1.7.11:
+  * Fixes: #5539, #5549, #5560, #5565
+
+-------------------------------------------------------------------
+Tue Oct 10 08:41:21 UTC 2023 - Paolo Stivanin <info@paolostivanin.com>
+
+- update to 1.7.10:
+  * Fixes: #5536, #5502, #5521
+
+-------------------------------------------------------------------
+Thu Sep 14 12:48:25 UTC 2023 - Andrea Manzini <andrea.manzini@suse.com>
+
+- update to 1.7.9:
+  * Removing support for lol FORKZ
+  * Fixes #5476
+  * Fixes #5481
+  * Fixes #5479
+  * Fixes #5477
+  * Potential fix for #5485
+  * Patch for #5485
+  * Fixes #5493
+  * Fixes #5492
+  * Fixes #5483
+  * Add SQLite AND boolean-based blind payload (#5501)
+  * Fixes #5510
+  * Implements option --union-values (#5508)
+
+-------------------------------------------------------------------
+Wed Jul 19 19:24:30 UTC 2023 - Dirk Müller <dmueller@suse.com>
+
+- update to 1.7.7:
+  * Fixes #5428
+  * Fixes #5431
+  * Fixes #5434
+  * Fixes #5444
+  * Fixes #5445
+  * Implements #5452
+
+-------------------------------------------------------------------
+Fri Jun 16 10:01:55 UTC 2023 - Andrea Manzini <andrea.manzini@suse.com>
+
+- update to 1.7.6:
+  * Bugfixes: #5428, #5409, #5381, #5358
+
+-------------------------------------------------------------------
+Mon Feb 13 09:28:29 UTC 2023 - Andrea Manzini <andrea.manzini@suse.com>
+
+- update to 1.7.2:
+  * Implements tamper script if2case
+  * Bugfixes
+
+-------------------------------------------------------------------
+Tue Dec  6 12:05:32 UTC 2022 - Dirk Müller <dmueller@suse.com>
+
+- update to 1.6.12:
+  * Better handling of CookieJar Runtime Exception
+  * Fixes #5216
+  * Fixes #5220
+  * Fixes #5233
+  * Fixes #5232
+  * Fixes #5240
+  * Fixes #5242
+  * Fixes #5252
+
+-------------------------------------------------------------------
+Sun Dec  4 13:58:09 UTC 2022 - Dirk Müller <dmueller@suse.com>
+
+- update to 1.6.11:
+  * Fixes #5190
+  * Fixes #5191
+  * Fixes #5192
+  * Implement --csrf-data
+  * Fix --cookie-del
+  * Fixes #5216
+
+-------------------------------------------------------------------
+Mon Oct 10 08:15:44 UTC 2022 - Dirk Müller <dmueller@suse.com>
+
+- update to 1.6.10:
+  * Fixes #5187
+  * Fixes #5182
+  * Fixes #5170
+  * Fixes #5165
+  * Fixes #5162
+  * Fixes #5154
+  * Fixes #5152
+  * Fixes #5147
+
+-------------------------------------------------------------------
+Wed Aug  3 22:05:25 UTC 2022 - Dirk Müller <dmueller@suse.com>
+
+- update to 1.6.7:
+  * https://github.com/sqlmapproject/sqlmap/compare/1.5.7...1.6.7
+
+-------------------------------------------------------------------
+Tue Aug 31 05:16:54 UTC 2021 - Steve Kowalik <steven.kowalik@suse.com>
+
+- Update fix_shebang.patch to switch Python scripts to calling
+  /usr/bin/python3.
+- Add Requires on python3 for full interpreter.
+
+-------------------------------------------------------------------
+Thu Jul 15 07:21:22 UTC 2021 - Paolo Stivanin <info@paolostivanin.com>
+
+- Update to 1.5.7:
+  * Fixed #4728 (https://github.com/sqlmapproject/sqlmap/issues/4728)
+  * Fixed #4664 (https://github.com/sqlmapproject/sqlmap/issues/4664)
+  * Fixed #4625 (https://github.com/sqlmapproject/sqlmap/issues/4625)
+  * Speedup of caching for char encoding (non-Unicode chars in page)
+  * Fixing HTTP chunking for Python2.6
+
+-------------------------------------------------------------------
+Thu Jul  1 15:38:57 UTC 2021 - Paolo Perego <paolo.perego@suse.com>
+
+- First import from upstream

sqlmap.spec

@@ -0,0 +1,82 @@
+#
+# spec file for package sqlmap
+#
+# Copyright (c) 2024 SUSE LLC
+#
+# All modifications and additions to the file contributed by third parties
+# remain the property of their copyright owners, unless otherwise agreed
+# upon. The license for this file, and modifications and additions to the
+# file, is the same license as for the pristine package itself (unless the
+# license for the pristine package is not an Open Source License, in which
+# case the license is the MIT License). An "Open Source License" is a
+# license that conforms to the Open Source Definition (Version 1.9)
+# published by the Open Source Initiative.
+
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
+#
+
+
+Name:           sqlmap
+Version:        1.8.11
+Release:        0
+Summary:        Automatic SQL injection and database takeover tool
+License:        GPL-2.0-or-later
+URL:            https://sqlmap.org/
+Source:         https://github.com/sqlmapproject/sqlmap/archive/refs/tags/%{version}.tar.gz#/%{name}-%{version}.tar.gz
+Patch0:         fix_shebang.patch
+BuildRequires:  %{python_module setuptools}
+BuildRequires:  fdupes
+BuildRequires:  python-rpm-macros
+Requires:       python3
+BuildArch:      noarch
+
+%description
+
+sqlmap is an open source penetration testing tool that automates the process of
+detecting and exploiting SQL injection flaws and taking over of database
+servers. It comes with a powerful detection engine, many niche features for the
+ultimate penetration tester, and a broad range of switches including database
+fingerprinting, over data fetching from the database, accessing the underlying
+file system, and executing commands on the operating system via out-of-band
+connections.
+
+%prep
+%autosetup -p1 -n sqlmap-%{version}
+find extra lib plugins tamper thirdparty -iname "*.py" -exec sed -i '1{/^#!/ d}' {} \;
+find extra lib plugins tamper thirdparty -iname "*.pl" -exec sed -i '1{/^#!/ d}' {} \;
+mv extra/icmpsh/icmpsh-m.c extra/icmpsh/icmpsh-m.c.txt
+mv extra/icmpsh/icmpsh-s.c extra/icmpsh/icmpsh-s.c.txt
+mv extra/runcmd/src/runcmd/runcmd.cpp extra/runcmd/src/runcmd/runcmd.cpp.txt
+mv extra/runcmd/src/runcmd/stdafx.cpp extra/runcmd/src/runcmd/stdafx.cpp.txt
+mv extra/runcmd/src/runcmd/stdafx.h extra/runcmd/src/runcmd/stdafx.h.txt
+chmod ugo-x extra/shutils/duplicates.py
+chmod ugo-x thirdparty/identywaf/identYwaf.py
+chmod ugo-x plugins/dbms/clickhouse/*.py
+
+%build
+
+%install
+mkdir -p %{buildroot}%{_datadir}/sqlmap
+cp -a * %{buildroot}%{_datadir}/sqlmap
+
+%python_expand %fdupes %{buildroot}%{_datadir}/sqlmap
+
+%post
+ln -s -f  %{_datadir}/sqlmap/sqlmap.py %{_bindir}
+ln -s -f  %{_datadir}/sqlmap/sqlmapapi.py %{_bindir}
+
+%postun
+case "$1" in
+  0) # last one out put out the lights
+    rm -f %{_bindir}/sqlmap.py
+    rm -f %{_bindir}/sqlmapapi.py
+  ;;
+esac
+
+%files
+%{_datadir}/sqlmap
+
+%license %{_datadir}/sqlmap/LICENSE
+%doc %{_datadir}/sqlmap/README.md
+
+%changelog