9 changed files with 71 additions and 15 deletions
--- a/.fmf/version
+++ b/.fmf/version
@ -0,0 +1 @@
+1
--- a/.gitignore
+++ b/.gitignore
@ -1 +1,8 @@
-SOURCES/Pygments-2.2.0.tar.gz
+Pygments-1.3.1.tar.gz
+/Pygments-1.4.tar.gz
+/Pygments-1.6.tar.gz
+/Pygments-2.0.2.tar.gz
+/fix-shell-injection-in-font-manager.patch
+/Pygments-2.1.3.tar.gz
+/Pygments-2.2.0.tar.gz
+/import-directive.patch
--- a/.python-pygments.metadata
+++ b/.python-pygments.metadata
@ -1 +0,0 @@
-5c6714bd6fd950c1478889f7b72fc7f6771d5163 SOURCES/Pygments-2.2.0.tar.gz
--- a/CVE-2021-20270-infinite-loop-in-SML-lexer.patch
+++ b/CVE-2021-20270-infinite-loop-in-SML-lexer.patch
@ -0,0 +1,33 @@
+diff --git a/pygments/lexers/ml.py b/pygments/lexers/ml.py
+index f80d5bf..4fd2c58 100644
+--- a/pygments/lexers/ml.py
+++ b/pygments/lexers/ml.py
+@@ -142,7 +142,7 @@ class SMLLexer(RegexLexer):
+             (r'#\s+(%s)' % symbolicid_re, Name.Label),
+             # Some reserved words trigger a special, local lexer state change
+             (r'\b(datatype|abstype)\b(?!\')', Keyword.Reserved, 'dname'),
+-            (r'(?=\b(exception)\b(?!\'))', Text, ('ename')),
+            (r'\b(exception)\b(?!\')', Keyword.Reserved, 'ename'),
+             (r'\b(functor|include|open|signature|structure)\b(?!\')',
+              Keyword.Reserved, 'sname'),
+             (r'\b(type|eqtype)\b(?!\')', Keyword.Reserved, 'tname'),
+@@ -315,15 +315,14 @@ class SMLLexer(RegexLexer):
+         'ename': [
+             include('whitespace'),
+ 
+-            (r'(exception|and)\b(\s+)(%s)' % alphanumid_re,
+            (r'(and\b)(\s+)(%s)' % alphanumid_re,
+              bygroups(Keyword.Reserved, Text, Name.Class)),
+-            (r'(exception|and)\b(\s*)(%s)' % symbolicid_re,
+            (r'(and\b)(\s*)(%s)' % symbolicid_re,
+              bygroups(Keyword.Reserved, Text, Name.Class)),
+             (r'\b(of)\b(?!\')', Keyword.Reserved),
+            (r'(%s)|(%s)' % (alphanumid_re, symbolicid_re), Name.Class),
+ 
+-            include('breakout'),
+-            include('core'),
+-            (r'\S+', Error),
+            default('#pop'),
+         ],
+ 
+         'datcon': [
--- a/SOURCES/import-directive.patch
+++ b/SOURCES/import-directive.patch
@ -1,12 +0,0 @@
-diff -ur Pygments-2.2.0/pygments/sphinxext.py Pygments-2.2.0.patch/pygments/sphinxext.py
--- Pygments-2.2.0/pygments/sphinxext.py	2017-01-22 16:01:32.000000000 -0500
-+++ Pygments-2.2.0.patch/pygments/sphinxext.py	2018-03-19 12:57:52.099927570 -0400
-@@ -16,7 +16,7 @@
- 
- from docutils import nodes
- from docutils.statemachine import ViewList
-from sphinx.util.compat import Directive
-+from docutils.parsers.rst import Directive
- from sphinx.util.nodes import nested_parse_with_titles
- 
- 
--- a/ci.fmf
+++ b/ci.fmf
@ -0,0 +1,7 @@
+summary: Tier1 tests
+discover:
+    how: fmf
+    repository: git://pkgs.devel.redhat.com/tests/python-pygments
+    filter: 'tier:1'
+execute:
+    how: tmt
--- a/gating.yaml
+++ b/gating.yaml
@ -0,0 +1,6 @@
+--- !Policy
+product_versions:
+  - rhel-8
+decision_context: osci_compose_gate
+rules:
+  - !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.other.functional}
--- a/SPECS/python-pygments.spec
+++ b/SPECS/python-pygments.spec
@ -14,7 +14,7 @@

 Name:           python-pygments
 Version:        2.2.0
-Release:        12%{?dist}
+Release:        14%{?dist}
 Summary:        %{sum}

 License:        BSD
@ -23,6 +23,10 @@ Source0:        https://pypi.org/packages/source/P/%{upstream_name}/%{upstream_n
 Patch0:         import-directive.patch
 BuildArch:      noarch

+# Fix CVE-2021-20270: infinite loop in SML lexer which may lead to DoS
+# Resolved upstream: https://github.com/pygments/pygments/commit/f91804ff4772e3ab41f46e28d370f57898700333
+Patch1:         CVE-2021-20270-infinite-loop-in-SML-lexer.patch
+
 %description
 Pygments is a generic syntax highlighter for general use in all kinds
 of software such as forum systems, wikis or other applications that
@ -86,6 +90,7 @@ need to prettify source code. Highlights are:
 %prep
 %setup -q -n %{upstream_name}-%{version}
 %patch0 -p 1
+%patch1 -p1

 %build
 %{__sed} -i 's/\r//' LICENSE
@ -145,6 +150,14 @@ PYTHON=%{__python3} make test
 %endif

 %changelog
+* Tue Mar 09 2021 Charalampos Stratakis <cstratak@redhat.com> - 2.2.0-14
+- Bump release to fix issues with gating
+Resolves: rhbz#1933874
+
+* Wed Mar 03 2021 Charalampos Stratakis <cstratak@redhat.com> - 2.2.0-13
+- Fix CVE-2021-20270: infinite loop in SML lexer which may lead to DoS
+Resolves: rhbz#1933874
+
 * Thu Jun 14 2018 Charalampos Stratakis <cstratak@redhat.com> - 2.2.0-12
 - Conditionalize the python2 subpackage

--- a/2
+++ b/2
@ -0,0 +1,2 @@
+SHA512 (import-directive.patch) = a0ee6528a0a4ceba43c271bee25605f09729765c0cfbda73e70db4df107281bc0f59dc204796ef0cdb1369f156c44b3cfd103d7c6512dc38bd288a84b452e564
+SHA512 (Pygments-2.2.0.tar.gz) = cc0a4f73e19fa6cbf46314de2e809460c807c631e39ba05cbe5edb5f40db1a687aafcd9715585a0ed45f791710eb6038305e273f282f8682df76f30e63710b29
				`@ -1 +0,0 @@`
				`5c6714bd6fd950c1478889f7b72fc7f6771d5163 SOURCES/Pygments-2.2.0.tar.gz`