updating to pip 1.4.1 and removing old CVE patch that's not needed anymore
This commit is contained in:
		
							parent
							
								
									6064dd1ddb
								
							
						
					
					
						commit
						42d5421d50
					
				| @ -1,36 +0,0 @@ | ||||
| From ca207acb4fdea344bb3a775d44aa0d9f59ad31a1 Mon Sep 17 00:00:00 2001 | ||||
| From: Toshio Kuratomi <toshio@fedoraproject.org> | ||||
| Date: Mon, 15 Jul 2013 10:58:20 -0700 | ||||
| Subject: [PATCH] fix for http://bugs.python.org/issue17980 in code backported | ||||
|  from the python3 stdlib | ||||
| 
 | ||||
| ---
 | ||||
|  pip/backwardcompat/ssl_match_hostname.py | 10 +++++++++- | ||||
|  1 file changed, 9 insertions(+), 1 deletion(-) | ||||
| 
 | ||||
| diff --git a/pip/backwardcompat/ssl_match_hostname.py b/pip/backwardcompat/ssl_match_hostname.py
 | ||||
| index 5707649..a6fadf4 100644
 | ||||
| --- a/pip/backwardcompat/ssl_match_hostname.py
 | ||||
| +++ b/pip/backwardcompat/ssl_match_hostname.py
 | ||||
| @@ -7,9 +7,17 @@ __version__ = '3.2a3'
 | ||||
|  class CertificateError(ValueError): | ||||
|      pass | ||||
|   | ||||
| -def _dnsname_to_pat(dn):
 | ||||
| +def _dnsname_to_pat(dn, max_wildcards=1):
 | ||||
|      pats = [] | ||||
|      for frag in dn.split(r'.'): | ||||
| +        if frag.count('*') > max_wildcards:
 | ||||
| +            # Issue #17980: avoid denials of service by refusing more
 | ||||
| +            # than one wildcard per fragment.  A survery of established
 | ||||
| +            # policy among SSL implementations showed it to be a
 | ||||
| +            # reasonable choice.
 | ||||
| +            raise CertificateError(
 | ||||
| +                "too many wildcards in certificate DNS name: " + repr(dn))
 | ||||
| +
 | ||||
|          if frag == '*': | ||||
|              # When '*' is a fragment by itself, it matches a non-empty dotless | ||||
|              # fragment. | ||||
| -- 
 | ||||
| 1.7.11.7 | ||||
| 
 | ||||
| @ -8,16 +8,14 @@ | ||||
| %global srcname pip | ||||
| 
 | ||||
| Name:           python-%{srcname} | ||||
| Version:        1.3.1 | ||||
| Release:        5%{?dist} | ||||
| Version:        1.4.1 | ||||
| Release:        1%{?dist} | ||||
| Summary:        A tool for installing and managing Python packages | ||||
| 
 | ||||
| Group:          Development/Libraries | ||||
| License:        MIT | ||||
| URL:            http://www.pip-installer.org | ||||
| Source0:        http://pypi.python.org/packages/source/p/pip/%{srcname}-%{version}.tar.gz | ||||
| # Sent to dstufft (upstream) | ||||
| Patch0: 0001-fix-for-http-bugs.python.org-issue17980-in-code-back.patch | ||||
| BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) | ||||
| 
 | ||||
| BuildArch:      noarch | ||||
| @ -50,7 +48,6 @@ easy_installable should be pip-installable as well. | ||||
| 
 | ||||
| %prep | ||||
| %setup -q -n %{srcname}-%{version} | ||||
| %patch0 -p1 | ||||
| 
 | ||||
| %{__sed} -i '1d' pip/__init__.py | ||||
| 
 | ||||
| @ -136,6 +133,10 @@ popd | ||||
| %endif # with_python3 | ||||
| 
 | ||||
| %changelog | ||||
| * Mon Oct 14 2013 Tim Flink <tflink@fedoraproject.org> - 1.4.1-1 | ||||
| - Removed patch for CVE 2013-2099 as it has been included in the upstream 1.4.1 release | ||||
| - Updated version to 1.4.1 | ||||
| 
 | ||||
| * Sun Aug 04 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.3.1-5 | ||||
| - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild | ||||
| 
 | ||||
|  | ||||
		Loading…
	
		Reference in New Issue
	
	Block a user