import UBI python-pip-9.0.3-23.el8_9.1
This commit is contained in:
		
							parent
							
								
									db5b778012
								
							
						
					
					
						commit
						535bf24126
					
				| @ -14,7 +14,7 @@ | |||||||
| Name:           python-%{srcname} | Name:           python-%{srcname} | ||||||
| # When updating, update the bundled libraries versions bellow! | # When updating, update the bundled libraries versions bellow! | ||||||
| Version:        9.0.3 | Version:        9.0.3 | ||||||
| Release:        23%{?dist} | Release:        23%{?dist}.1 | ||||||
| Summary:        A tool for installing and managing Python packages | Summary:        A tool for installing and managing Python packages | ||||||
| 
 | 
 | ||||||
| Group:          Development/Libraries | Group:          Development/Libraries | ||||||
| @ -171,6 +171,9 @@ Requires:  platform-python-setuptools | |||||||
| 
 | 
 | ||||||
| BuildRequires:  ca-certificates | BuildRequires:  ca-certificates | ||||||
| Requires:       ca-certificates | Requires:       ca-certificates | ||||||
|  | # pip has to require explicit version of platform-python that provides | ||||||
|  | # filters in tarfile module (fix for CVE-2007-4559). | ||||||
|  | Requires:       platform-python >= 3.6.8-55 | ||||||
| 
 | 
 | ||||||
| # Virtual provides for the packages bundled by pip. | # Virtual provides for the packages bundled by pip. | ||||||
| # See the python2 list above for instructions. | # See the python2 list above for instructions. | ||||||
| @ -223,6 +226,8 @@ A documentation for a tool for installing and managing Python packages | |||||||
| %if %{without bootstrap} | %if %{without bootstrap} | ||||||
| %package -n python3-%{srcname}-wheel | %package -n python3-%{srcname}-wheel | ||||||
| Summary:        The pip wheel | Summary:        The pip wheel | ||||||
|  | # Older Python does not provide tarfile filters (fix for CVE-2007-4559). | ||||||
|  | Conflicts:      platform-python < 3.6.8-55 | ||||||
| 
 | 
 | ||||||
| # Virtual provides for the packages bundled by pip. | # Virtual provides for the packages bundled by pip. | ||||||
| # You can find the versions in pip/_vendor/vendor.txt file. | # You can find the versions in pip/_vendor/vendor.txt file. | ||||||
| @ -394,6 +399,10 @@ py.test-%{python3_version} -m 'not network' | |||||||
| %endif | %endif | ||||||
| 
 | 
 | ||||||
| %changelog | %changelog | ||||||
|  | * Wed Feb 14 2024 Lumír Balhar <lbalhar@redhat.com> - 9.0.3-23.1 | ||||||
|  | - Require Python with tarfile filters | ||||||
|  | Resolves: RHEL-25449 | ||||||
|  | 
 | ||||||
| * Tue Aug 08 2023 Petr Viktorin <pviktori@redhat.com> - 9.0.3-23 | * Tue Aug 08 2023 Petr Viktorin <pviktori@redhat.com> - 9.0.3-23 | ||||||
| - Use tarfile.data_filter for extracting (CVE-2007-4559, PEP-721, PEP-706) | - Use tarfile.data_filter for extracting (CVE-2007-4559, PEP-721, PEP-706) | ||||||
| Resolves: RHBZ#2218241 | Resolves: RHBZ#2218241 | ||||||
|  | |||||||
		Loading…
	
		Reference in New Issue
	
	Block a user