SOURCES/0001-add-linetable-to-the-preserved-CodeType-attributes-1.patch

@@ -1,27 +0,0 @@
-From 9a99db929323f60553b391c80d0395821121d593 Mon Sep 17 00:00:00 2001
-From: Thomas Moschny <thomas.moschny@gmx.de>
-Date: Tue, 19 Jan 2021 21:01:18 +0100
-Subject: [PATCH] add 'linetable' to the preserved CodeType attributes (#1334)
-
-add 'linetable' to the preserved CodeType attributes
-
-co_linetable replaces co_lnotab as part of PEP 626 in Python 3.10.
----
- src/jinja2/debug.py | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/src/jinja2/debug.py b/src/jinja2/debug.py
-index 5d8aec3..e256617 100644
---- a/src/jinja2/debug.py
-+++ b/src/jinja2/debug.py
-@@ -137,6 +137,7 @@ def fake_traceback(exc_value, tb, filename, lineno):
-             "lnotab",
-             "freevars",
-             "cellvars",
-+            "linetable",  # Python 3.10
-         ):
-             if isinstance(attr, tuple):
-                 # Replace with given value.
--- 
-2.29.2
-

SOURCES/0002-native_concat-pass-only-strings-to-literal_eval.patch

@@ -1,49 +0,0 @@
-From 58250a709532ccb3e6d92ca65b3d305d1464cb68 Mon Sep 17 00:00:00 2001
-From: Martin Krizek <martin.krizek@gmail.com>
-Date: Thu, 28 Jan 2021 10:08:50 +0100
-Subject: [PATCH] native_concat: pass only strings to literal_eval
-
-If there is only single node and it is not a string, there is no point
-in passing it into ``literal_eval``, just return it immediately.
-
-One of the examples where passing a non-string node into
-``literal_eval`` would actually cause problems is when the node is
-``Undefined``. On Python 3.10 this would cause ``UndefinedError``
-instead of just ``Undefined`` being returned.
-
-Fixes #1335
----
- CHANGES.rst               | 3 +++
- src/jinja2/nativetypes.py | 2 ++
- 2 files changed, 5 insertions(+)
-
-diff --git a/CHANGES.rst b/CHANGES.rst
-index 511b22b..a8a66ea 100644
---- a/CHANGES.rst
-+++ b/CHANGES.rst
-@@ -8,6 +8,9 @@ Released 2021-01-31
- -   Improve the speed of the ``urlize`` filter by reducing regex
-     backtracking. Email matching requires a word character at the start
-     of the domain part, and only word characters in the TLD. :pr:`1343`
-+-   Fix UndefinedError incorrectly being thrown on an undefined variable
-+    instead of ``Undefined`` being returned on
-+    ``NativeEnvironment`` on Python 3.10. :issue:`1335`
- 
- 
- Version 2.11.2
-diff --git a/src/jinja2/nativetypes.py b/src/jinja2/nativetypes.py
-index a9ead4e..2fee17f 100644
---- a/src/jinja2/nativetypes.py
-+++ b/src/jinja2/nativetypes.py
-@@ -26,6 +26,8 @@ def native_concat(nodes):
- 
-     if len(head) == 1:
-         raw = head[0]
-+        if not isinstance(raw, str):
-+            return raw
-     else:
-         raw = u"".join([text_type(v) for v in chain(head, nodes)])
- 
--- 
-2.29.2
-

SOURCES/0003-CVE-2024-22195.patch

@@ -1,77 +0,0 @@
-From d9835bd39a630ea74f719e1c76765ca2ec89f2f2 Mon Sep 17 00:00:00 2001
-From: Calum Hutton <calum.hutton@snyk.io>
-Date: Thu, 26 Oct 2023 12:08:53 +0100
-Subject: [PATCH] xmlattr filter disallows keys with spaces
-
----
- src/jinja2/filters.py | 26 +++++++++++++++++++-------
- tests/test_filters.py |  6 ++++++
- 2 files changed, 25 insertions(+), 7 deletions(-)
-
-diff --git a/src/jinja2/filters.py b/src/jinja2/filters.py
-index 74b108d..49f7d39 100644
---- a/src/jinja2/filters.py
-+++ b/src/jinja2/filters.py
-@@ -205,11 +205,15 @@ def do_lower(s):
-     return soft_unicode(s).lower()
- 
- 
-+_space_re = re.compile(r"\s", flags=re.ASCII)
-+
-+
- @evalcontextfilter
- def do_xmlattr(_eval_ctx, d, autospace=True):
-     """Create an SGML/XML attribute string based on the items in a dict.
--    All values that are neither `none` nor `undefined` are automatically
--    escaped:
-+
-+    If any key contains a space, this fails with a ``ValueError``. Values that
-+    are neither ``none`` nor ``undefined`` are automatically escaped.
- 
-     .. sourcecode:: html+jinja
- 
-@@ -229,11 +233,19 @@ def do_xmlattr(_eval_ctx, d, autospace=True):
-     As you can see it automatically prepends a space in front of the item
-     if the filter returned something unless the second parameter is false.
-     """
--    rv = u" ".join(
--        u'%s="%s"' % (escape(key), escape(value))
--        for key, value in iteritems(d)
--        if value is not None and not isinstance(value, Undefined)
--    )
-+    items = []
-+
-+    for key, value in d.items():
-+        if value is None or isinstance(value, Undefined):
-+            continue
-+
-+        if _space_re.search(key) is not None:
-+            raise ValueError(f"Spaces are not allowed in attributes: '{key}'")
-+
-+        items.append(f'{escape(key)}="{escape(value)}"')
-+
-+    rv = " ".join(items)
-+
-     if autospace and rv:
-         rv = u" " + rv
-     if _eval_ctx.autoescape:
-diff --git a/tests/test_filters.py b/tests/test_filters.py
-index 388c346..6e697f3 100644
---- a/tests/test_filters.py
-+++ b/tests/test_filters.py
-@@ -440,6 +440,12 @@ class TestFilter(object):
-         assert 'bar="23"' in out
-         assert 'blub:blub="&lt;?&gt;"' in out
- 
-+    def test_xmlattr_key_with_spaces(self, env):
-+        with pytest.raises(ValueError, match="Spaces are not allowed"):
-+            env.from_string(
-+                "{{ {'src=1 onerror=alert(1)': 'my_class'}|xmlattr }}"
-+            ).render()
-+
-     def test_sort1(self, env):
-         tmpl = env.from_string("{{ [2, 3, 1]|sort }}|{{ [2, 3, 1]|sort(true) }}")
-         assert tmpl.render() == "[1, 2, 3]|[3, 2, 1]"
--- 
-2.43.0
-

SOURCES/0004-CVE-2024-34064.patch

@@ -1,77 +0,0 @@
-From 7597efd51e740313e7e1ad08c3600dc49ce3981d Mon Sep 17 00:00:00 2001
-From: David Lord <davidism@gmail.com>
-Date: Tue, 7 May 2024 14:56:46 +0200
-Subject: [PATCH] disallow invalid characters in keys to xmlattr filter
-
----
- src/jinja2/filters.py | 18 +++++++++++++-----
- tests/test_filters.py | 11 ++++++-----
- 2 files changed, 19 insertions(+), 10 deletions(-)
-
-diff --git a/src/jinja2/filters.py b/src/jinja2/filters.py
-index 49f7d39..6d4f348 100644
---- a/src/jinja2/filters.py
-+++ b/src/jinja2/filters.py
-@@ -205,15 +205,23 @@ def do_lower(s):
-     return soft_unicode(s).lower()
- 
- 
--_space_re = re.compile(r"\s", flags=re.ASCII)
-+# Check for characters that would move the parser state from key to value.
-+# https://html.spec.whatwg.org/#attribute-name-state
-+_attr_key_re = re.compile(r"[\s/>=]", flags=re.ASCII)
- 
- 
- @evalcontextfilter
- def do_xmlattr(_eval_ctx, d, autospace=True):
-     """Create an SGML/XML attribute string based on the items in a dict.
- 
--    If any key contains a space, this fails with a ``ValueError``. Values that
--    are neither ``none`` nor ``undefined`` are automatically escaped.
-+    **Values** that are neither ``none`` nor ``undefined`` are automatically
-+    escaped, safely allowing untrusted user input.
-+
-+    User input should not be used as **keys** to this filter. If any key
-+    contains a space, ``/`` solidus, ``>`` greater-than sign, or ``=`` equals
-+    sign, this fails with a ``ValueError``. Regardless of this, user input
-+    should never be used as keys to this filter, or must be separately validated
-+    first.
- 
-     .. sourcecode:: html+jinja
- 
-@@ -239,8 +247,8 @@ def do_xmlattr(_eval_ctx, d, autospace=True):
-         if value is None or isinstance(value, Undefined):
-             continue
- 
--        if _space_re.search(key) is not None:
--            raise ValueError(f"Spaces are not allowed in attributes: '{key}'")
-+        if _attr_key_re.search(key) is not None:
-+            raise ValueError(f"Invalid character in attribute name: {key!r}")
- 
-         items.append(f'{escape(key)}="{escape(value)}"')
- 
-diff --git a/tests/test_filters.py b/tests/test_filters.py
-index 6e697f3..f0dc1b1 100644
---- a/tests/test_filters.py
-+++ b/tests/test_filters.py
-@@ -440,11 +440,12 @@ class TestFilter(object):
-         assert 'bar="23"' in out
-         assert 'blub:blub="&lt;?&gt;"' in out
- 
--    def test_xmlattr_key_with_spaces(self, env):
--        with pytest.raises(ValueError, match="Spaces are not allowed"):
--            env.from_string(
--                "{{ {'src=1 onerror=alert(1)': 'my_class'}|xmlattr }}"
--            ).render()
-+    @pytest.mark.parametrize("sep", ("\t", "\n", "\f", " ", "/", ">", "="))
-+    def test_xmlattr_key_invalid(self, env: Environment, sep: str) -> None:
-+        with pytest.raises(ValueError, match="Invalid character"):
-+            env.from_string("{{ {key: 'my_class'}|xmlattr }}").render(
-+                key=f"class{sep}onclick=alert(1)"
-+            )
- 
-     def test_sort1(self, env):
-         tmpl = env.from_string("{{ [2, 3, 1]|sort }}|{{ [2, 3, 1]|sort(true) }}")
--- 
-2.45.0
-

SPECS/python-jinja2.spec

@@ -2,22 +2,12 @@
 
 Name:           python-jinja2
 Version:        2.11.3
-Release:        6%{?dist}
+Release:        1%{?dist}
 Summary:        General purpose template engine
 License:        BSD
 URL:            https://palletsprojects.com/p/jinja/
 Source0:        %{pypi_source}
-# cherry-picked patches to build with Python 3.10 (#1907442)
-Patch1:         0001-add-linetable-to-the-preserved-CodeType-attributes-1.patch
-Patch2:         0002-native_concat-pass-only-strings-to-literal_eval.patch
 
-# Security fix for CVE-2024-22195
-# Resolved upstream: https://github.com/pallets/jinja/commit/7dd3680e6eea0d77fde024763657aa4d884ddb23
-Patch3:         0003-CVE-2024-22195.patch
-
-# Security fix for CVE-2024-34064
-# Resolved upstream: https://github.com/pallets/jinja/commit/0668239dc6b44ef38e7a6c9f91f312fd4ca581cb
-Patch4:         0004-CVE-2024-34064.patch
 
 %if 0%{?fedora} || 0%{?rhel} > 7
 # Enable python3 build by default
@@ -26,14 +16,15 @@ Patch4:         0004-CVE-2024-34064.patch
 %bcond_with python3
 %endif
 
-%if 0%{?fedora} > 33 || 0%{?rhel} > 7
+%if 0%{?rhel} > 7
 # Disable python2 build by default
 %bcond_with python2
 %else
 %bcond_without python2
 %endif
 
-# No docs in RHEL 9: https://bugzilla.redhat.com/show_bug.cgi?id=1944567
+# Enable building without docs to avoid a circular dependency between this
+# and python-sphinx:
 %bcond_with docs
 
 %if 0%{?fedora} || 0%{?rhel} > 7
@@ -43,6 +34,10 @@ Patch4:         0004-CVE-2024-34064.patch
 %endif
 
 BuildArch:      noarch
+# Exclude i686 arch. Due to a modularity issue it's being added to the
+# x86_64 compose of CRB, but we don't want to ship it at all.
+# See: https://projects.engineering.redhat.com/browse/RCM-72605
+ExcludeArch:    i686
 
 %description
 Jinja2 is a template engine written in pure Python.  It provides a
@@ -82,26 +77,27 @@ environments.
 
 
 %if %{with python3}
-%package -n python3-jinja2
+%package -n python%{python3_pkgversion}-jinja2
 Summary:        General purpose template engine for python3
-BuildRequires:  python3-devel
-BuildRequires:  python3-setuptools
-BuildRequires:  python3-babel >= 0.8
-BuildRequires:  python3-markupsafe >= 0.23
-BuildRequires:  python3-pytest
+BuildRequires:  python%{python3_pkgversion}-devel
+BuildRequires:  python%{python3_pkgversion}-setuptools
+BuildRequires:  python%{python3_pkgversion}-babel >= 0.8
+BuildRequires:  python%{python3_pkgversion}-markupsafe >= 0.23
+BuildRequires:  python%{python3_pkgversion}-pytest
+BuildRequires:  python%{python3_pkgversion}-rpm-macros
 %if %{with docs}
-BuildRequires:  %{_bindir}/sphinx-build-3
+BuildRequires:  %{_bindir}/sphinx-build-3.8
 BuildRequires:  make
-BuildRequires:  python3-Pallets-Sphinx-Themes
-BuildRequires:  python3-sphinxcontrib-log-cabinet
-BuildRequires:  python3-sphinx-issues
+BuildRequires:  python%{python3_pkgversion}-Pallets-Sphinx-Themes
+BuildRequires:  python%{python3_pkgversion}-sphinxcontrib-log-cabinet
+BuildRequires:  python%{python3_pkgversion}-sphinx-issues
 %endif
-Requires:       python3-babel >= 0.8
-Requires:       python3-markupsafe >= 0.23
-Requires:       python3-setuptools
-%{?python_provide:%python_provide python3-jinja2}
+Requires:       python%{python3_pkgversion}-babel >= 0.8
+Requires:       python%{python3_pkgversion}-markupsafe >= 0.23
+Requires:       python%{python3_pkgversion}-setuptools
+%{?python_provide:%python_provide python%{python3_pkgversion}-jinja2}
 
-%description -n python3-jinja2
+%description -n python%{python3_pkgversion}-jinja2
 Jinja2 is a template engine written in pure Python.  It provides a
 Django inspired non-XML syntax but supports inline expressions and an
 optional sandboxed environment.
@@ -128,7 +124,7 @@ find . -name '*.pyo' -o -name '*.pyc' -delete
 %if %{with python3}
 %py3_build
 %if %{with docs}
-make -C docs html PYTHONPATH=$(pwd)/src SPHINXBUILD=sphinx-build-3
+make -C docs html PYTHONPATH=$(pwd) SPHINXBUILD=sphinx-build-3
 # remove hidden file
 rm -rf docs/_build/html/.buildinfo
 %endif # with docs
@@ -157,7 +153,7 @@ rm %{buildroot}%{python3_sitelib}/jinja2/asyncfilters.py
 
 %check
 %if %{with python3}
-PYTHONPATH=$(pwd)/src %{__python3} -m pytest tests
+PYTHONPATH=%{buildroot}%{python3_sitelib} %{__python3} -m pytest tests
 %endif # with python3
 
 
@@ -170,13 +166,13 @@ PYTHONPATH=$(pwd)/src %{__python3} -m pytest tests
 %if %{with docs}
 %doc docs/_build/html
 %endif
-%{python2_sitelib}/jinja2/
-%{python2_sitelib}/Jinja2-*.egg-info/
+%{python2_sitelib}/jinja2
+%{python2_sitelib}/Jinja2-%{version}-py?.?.egg-info
 %endif # with python2
 
 
 %if %{with python3}
-%files -n python3-jinja2
+%files -n python%{python3_pkgversion}-jinja2
 %doc CHANGES.rst
 %doc ext
 %doc examples
@@ -184,70 +180,27 @@ PYTHONPATH=$(pwd)/src %{__python3} -m pytest tests
 %if %{with docs}
 %doc docs/_build/html
 %endif
-%{python3_sitelib}/jinja2/
-%{python3_sitelib}/Jinja2-*.egg-info/
+%{python3_sitelib}/jinja2
+%{python3_sitelib}/Jinja2-%{version}-py?.?.egg-info
 %endif # with python3
 
 
 %changelog
-* Tue May 07 2024 Lumír Balhar <lbalhar@redhat.com> - 2.11.3-6
-- Security fix for CVE-2024-34064
-Resolves: RHEL-35653
-
-* Tue Jan 30 2024 Charalampos Stratakis <cstratak@redhat.com> - 2.11.3-5
-- Security fix for CVE-2024-22195
-Resolves: RHEL-21349
-
-* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 2.11.3-4
-- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
-  Related: rhbz#1991688
-
-* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 2.11.3-3
-- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
-
-* Tue Apr 13 2021 Miro Hrončok <mhroncok@redhat.com> - 2.11.3-2
-- Disable documentation
-- Resolves: rhbz#1944567
-
-* Sat Feb  6 2021 Thomas Moschny <thomas.moschny@gmx.de> - 2.11.3-1
+* Fri May 20 2022 Maxwell G <gotmax@e.email> - 2.11.3-1
 - Update to 2.11.3.
-- Add patches to build with Python 3.10 (#1907442).
+- Fix URL.
+- Remove patch that is included in this release.
+Resolves: rhbz#2086141.
 
-* Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.11.2-8
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
+* Fri Mar 12 2021 Lumír Balhar <lbalhar@redhat.com> - 2.10.3-5
+- Fix CVE-2020-28493: ReDOS vulnerability due to the sub-pattern
+Resolves: rhbz#1928707
 
-* Mon Dec 21 2020 Miro Hrončok <mhroncok@redhat.com> - 2.11.2-7
-- Drop python2-jinja2 on Fedora 34+
+* Fri Dec 13 2019 Tomas Orsava <torsava@redhat.com> - 2.10.3-4
+- Exclude unsupported i686 arch
 
-* Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.11.2-6
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
-
-* Sun May 24 2020 Miro Hrončok <mhroncok@redhat.com> - 2.11.2-5
-- Rebuilt for Python 3.9
-
-* Fri May 22 2020 Miro Hrončok <mhroncok@redhat.com> - 2.11.2-4
-- Bootstrap for Python 3.9
-
-* Fri May 22 2020 Thomas Moschny <thomas.moschny@gmx.de> - 2.11.2-3
-- Re-add python2 subpackage (#1832057).
-
-* Wed May  6 2020 Thomas Moschny <thomas.moschny@gmx.de> - 2.11.2-2
-- Drop python2 subpackage from F33 on (#1832057).
-
-* Wed Apr 15 2020 Thomas Moschny <thomas.moschny@gmx.de> - 2.11.2-1
-- Re-add dependency on python-setuptools.
-
-* Wed Apr 15 2020 Dan Horák <dan[at]danny.cz> - 2.11.2-1
-- Update to 2.11.2
-
-* Mon Apr 06 2020 Igor Raits <ignatenkobrain@fedoraproject.org> - 2.11.1-2
-- Drop unneeded R: pythonX-setuptools
-
-* Sat Feb  8 2020 Thomas Moschny <thomas.moschny@gmx.de> - 2.11.1-1
-- Update to 2.11.1.
-
-* Thu Jan 30 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.10.3-3
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
+* Wed Nov 20 2019 Lumír Balhar <lbalhar@redhat.com> - 2.10.3-3
+- Adjusted for Python 3.8 module in RHEL 8
 
 * Wed Nov 20 2019 Thomas Moschny <thomas.moschny@gmx.de> - 2.10.3-2
 - Add missing BR on make.