Fix patch

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python38?expand=0&rev=133

CVE-2023-27043-email-parsing-errors.patch

@@ -1,12 +1,14 @@
 ---
  Doc/library/email.utils.rst                                              |   26 +++
- Lib/email/utils.py                                                       |   63 +++++++
+ Lib/email/utils.py                                                       |   62 ++++++-
  Lib/test/test_email/test_email.py                                        |   81 +++++++++-
  Misc/NEWS.d/next/Security/2023-06-13-20-52-24.gh-issue-102988.Kei7Vf.rst |    4 
- 4 files changed, 164 insertions(+), 10 deletions(-)
+ 4 files changed, 163 insertions(+), 10 deletions(-)
 
---- a/Doc/library/email.utils.rst
-+++ b/Doc/library/email.utils.rst
+Index: Python-3.8.17/Doc/library/email.utils.rst
+===================================================================
+--- Python-3.8.17.orig/Doc/library/email.utils.rst
++++ Python-3.8.17/Doc/library/email.utils.rst
 @@ -67,6 +67,11 @@ of the new API.
     *email address* parts.  Returns a tuple of that information, unless the parse
     fails, in which case a 2-tuple of ``('', '')`` is returned.
@@ -54,12 +56,14 @@
  
  .. function:: parsedate(date)
  
---- a/Lib/email/utils.py
-+++ b/Lib/email/utils.py
-@@ -106,12 +106,54 @@ def formataddr(pair, charset='utf-8'):
+Index: Python-3.8.17/Lib/email/utils.py
+===================================================================
+--- Python-3.8.17.orig/Lib/email/utils.py
++++ Python-3.8.17/Lib/email/utils.py
+@@ -105,13 +105,54 @@ def formataddr(pair, charset='utf-8'):
+             return '%s%s%s <%s>' % (quotes, name, quotes, address)
      return address
  
- 
 +def _pre_parse_validation(email_header_fields):
 +    accepted_values = []
 +    for v in email_header_fields:
@@ -81,11 +85,11 @@
 +        accepted_values.append(v)
 +
 +    return accepted_values
-+
+ 
  
  def getaddresses(fieldvalues):
 -    """Return a list of (REALNAME, EMAIL) for each fieldvalue."""
--    all = COMMASPACE.join(str(v) for v in fieldvalues)
+-    all = COMMASPACE.join(fieldvalues)
 +    """Return a list of (REALNAME, EMAIL) or ('','') for each fieldvalue.
 +
 +    When parsing fails for a fieldvalue, a 2-tuple of ('', '') is returned in
@@ -114,7 +118,7 @@
  
  
  def _format_timetuple_and_zone(timetuple, zone):
-@@ -209,9 +251,18 @@ def parseaddr(addr):
+@@ -209,9 +250,18 @@ def parseaddr(addr):
      Return a tuple of realname and email address, unless the parse fails, in
      which case return a 2-tuple of ('', '').
      """
@@ -136,9 +140,11 @@
      return addrs[0]
  
  
---- a/Lib/test/test_email/test_email.py
-+++ b/Lib/test/test_email/test_email.py
-@@ -3263,15 +3263,90 @@ Foo
+Index: Python-3.8.17/Lib/test/test_email/test_email.py
+===================================================================
+--- Python-3.8.17.orig/Lib/test/test_email/test_email.py
++++ Python-3.8.17/Lib/test/test_email/test_email.py
+@@ -3248,15 +3248,90 @@ Foo
             [('Al Person', 'aperson@dom.ain'),
              ('Bud Person', 'bperson@dom.ain')])
  
@@ -232,8 +238,10 @@
  
      def test_getaddresses_embedded_comment(self):
          """Test proper handling of a nested comment"""
+Index: Python-3.8.17/Misc/NEWS.d/next/Security/2023-06-13-20-52-24.gh-issue-102988.Kei7Vf.rst
+===================================================================
 --- /dev/null
-+++ b/Misc/NEWS.d/next/Security/2023-06-13-20-52-24.gh-issue-102988.Kei7Vf.rst
++++ Python-3.8.17/Misc/NEWS.d/next/Security/2023-06-13-20-52-24.gh-issue-102988.Kei7Vf.rst
 @@ -0,0 +1,4 @@
 +CVE-2023-27043: Prevent :func:`email.utils.parseaddr`
 +and :func:`email.utils.getaddresses` from returning the realname portion of an