From 20e09191ee022be7e1f54630f89a8ceed482310784072b5a0772bda58e0943f8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Julio=20Gonz=C3=A1lez=20Gil?= <jgonzalez@suse.com>
Date: Mon, 25 Sep 2023 15:35:04 +0000
Subject: [PATCH] Accepting request 1113507 from
 home:juliogonzalezgil:branches:devel:languages:python

- Fix API Key leak
- Add:
  * 188-fix-api-key-leak.diff

OBS-URL: https://build.opensuse.org/request/show/1113507
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bugzilla?expand=0&rev=58
---
 188-fix-api-key-leak.diff | 23 +++++++++++++++++++++++
 python-bugzilla.changes   |  7 +++++++
 python-bugzilla.spec      |  5 ++++-
 3 files changed, 34 insertions(+), 1 deletion(-)
 create mode 100644 188-fix-api-key-leak.diff

diff --git a/188-fix-api-key-leak.diff b/188-fix-api-key-leak.diff
new file mode 100644
index 0000000..446b0b4
--- /dev/null
+++ b/188-fix-api-key-leak.diff
@@ -0,0 +1,23 @@
+--- a/bugzilla/_session.py  2021-10-05 22:49:16.000000000 +0200
++++ b/bugzilla/_session.py  2023-09-25 17:22:39.763856790 +0200
+@@ -97,14 +97,14 @@
+         if "timeout" not in kwargs:
+             kwargs["timeout"] = timeout
+ 
+-        response = self._session.request(*args, **kwargs)
++        try:
++            response = self._session.request(*args, **kwargs)
+ 
+-        if self._is_xmlrpc:
+-            # Yes this still appears to matter for properly decoding unicode
+-            # code points in bugzilla.redhat.com content
+-            response.encoding = "UTF-8"
++            if self._is_xmlrpc:
++                # Yes this still appears to matter for properly decoding unicode
++                # code points in bugzilla.redhat.com content
++                response.encoding = "UTF-8"
+ 
+-        try:
+             response.raise_for_status()
+         except Exception as e:
+             # Scrape the api key out of the returned exception string
diff --git a/python-bugzilla.changes b/python-bugzilla.changes
index 160c74f..437eb5f 100644
--- a/python-bugzilla.changes
+++ b/python-bugzilla.changes
@@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Mon Sep 25 14:57:10 UTC 2023 - Julio González Gil <jgonzalez@suse.com>
+
+- Fix API Key leak
+- Add:
+  * 188-fix-api-key-leak.diff
+
 -------------------------------------------------------------------
 Wed Dec 21 08:41:46 UTC 2022 - Julio González Gil <jgonzalez@suse.com>
 
diff --git a/python-bugzilla.spec b/python-bugzilla.spec
index bd5e323..6d7cc50 100644
--- a/python-bugzilla.spec
+++ b/python-bugzilla.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package python-bugzilla
 #
-# Copyright (c) 2022 SUSE LLC
+# Copyright (c) 2023 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -29,6 +29,9 @@ Source:         https://files.pythonhosted.org/packages/source/p/python-bugzilla
 # PATCH-FIX-UPSTREAM 106-basic-auth.diff bsc#1098219 mcepl@suse.com
 # Fix basic authentication on bugzilla.suse.com
 Patch0:         106-basic-auth.diff
+# PATCH-FIX-UPSTREAM pending https://github.com/python-bugzilla/python-bugzilla/pull/188
+# Fix API Key leak
+Patch1:         188-fix-api-key-leak.diff
 BuildRequires:  %{python_module pytest}
 BuildRequires:  %{python_module requests}
 BuildRequires:  %{python_module setuptools}