Update to 2.32.4
- Security fix for CVE-2024-47081: .netrc credentials leak via malicious URLs (cherry picked from Fedora commit 8607c2fb6581a3f649be34ed5adb77bd1c67fc6d) Resolves: RHEL-105460
This commit is contained in:
parent
935c98f0c6
commit
f0b8efe222
1
.gitignore
vendored
1
.gitignore
vendored
@ -53,3 +53,4 @@
|
||||
/requests-v2.28.2.tar.gz
|
||||
/requests-v2.31.0.tar.gz
|
||||
/requests-v2.32.3.tar.gz
|
||||
/requests-v2.32.4.tar.gz
|
||||
|
@ -5,8 +5,8 @@
|
||||
%bcond extras %{undefined rhel}
|
||||
|
||||
Name: python-requests
|
||||
Version: 2.32.3
|
||||
Release: 2%{?dist}
|
||||
Version: 2.32.4
|
||||
Release: 1%{?dist}
|
||||
Summary: HTTP library, written in Python, for human beings
|
||||
|
||||
License: Apache-2.0
|
||||
@ -94,6 +94,11 @@ sed -i 's/ --doctest-modules//' pyproject.toml
|
||||
|
||||
|
||||
%changelog
|
||||
* Mon Jul 07 2025 Miro Hrončok <mhroncok@redhat.com> - 2.32.4-1
|
||||
- Update to 2.32.4
|
||||
- Security fix for CVE-2024-47081: .netrc credentials leak via malicious URLs
|
||||
Resolves: RHEL-105460
|
||||
|
||||
* Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 2.32.3-2
|
||||
- Bump release for October 2024 mass rebuild:
|
||||
Resolves: RHEL-64018
|
||||
|
2
sources
2
sources
@ -1 +1 @@
|
||||
SHA512 (requests-v2.32.3.tar.gz) = ea3e85e035efed0fe22bf8640491ffb20c2ac50359bb1e11c9147ed850cac5e4a6a36ab58a48fc6c6d6a44df2b511e8a5d902444c034da6baa6adc5f9417697f
|
||||
SHA512 (requests-v2.32.4.tar.gz) = 7638061283a5e66c51f26107f5a88d090d35feecbf5a9075af842b67c0abd727af855346e2385130fa79738395a3821107be300e3de60a9a0e84fe69904288cd
|
||||
|
@ -1,7 +1,7 @@
|
||||
From bb733473e91e71b812ada46bc110f607630f9327 Mon Sep 17 00:00:00 2001
|
||||
From e0ce6c20989a205489df47f8abaff5369ed588ca Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Hrn=C4=8Diar?= <thrnciar@redhat.com>
|
||||
Date: Thu, 30 May 2024 11:10:29 +0200
|
||||
Subject: [PATCH 1/2] system certs
|
||||
Subject: [PATCH] system certs
|
||||
|
||||
Co-authored-by: Lumir Balhar <lbalhar@redhat.com>
|
||||
---
|
||||
@ -23,17 +23,17 @@ index 8d44e0e..fa10a53 100644
|
||||
idna>=2.5,<4
|
||||
urllib3>=1.21.1,<3
|
||||
diff --git a/setup.py b/setup.py
|
||||
index 1b0eb37..03d19b0 100755
|
||||
index 7d9b52b..17da826 100755
|
||||
--- a/setup.py
|
||||
+++ b/setup.py
|
||||
@@ -62,7 +62,6 @@ requires = [
|
||||
@@ -37,7 +37,6 @@ requires = [
|
||||
"charset_normalizer>=2,<4",
|
||||
"idna>=2.5,<4",
|
||||
"urllib3>=1.21.1,<3",
|
||||
- "certifi>=2017.4.17",
|
||||
]
|
||||
test_requirements = [
|
||||
"pytest-httpbin==2.0.0",
|
||||
"pytest-httpbin==2.1.0",
|
||||
diff --git a/src/requests/certs.py b/src/requests/certs.py
|
||||
index be422c3..9aee713 100644
|
||||
--- a/src/requests/certs.py
|
||||
@ -55,5 +55,5 @@ index be422c3..9aee713 100644
|
||||
if __name__ == "__main__":
|
||||
print(where())
|
||||
--
|
||||
2.45.1
|
||||
2.50.0
|
||||
|
||||
|
@ -52,8 +52,8 @@ rlJournalStart
|
||||
|
||||
# pip-install libraries not in the repos
|
||||
# pytest is installed in fmf requirement
|
||||
rlRun "$PYTHON -m pip install pytest-mock==3.12.0 trustme==1.1.0 werkzeug==3.0.3 \
|
||||
httpbin==0.10.2 pytest-httpbin==2.0.0"
|
||||
rlRun "$PYTHON -m pip install pytest-mock==3.14.0 trustme==1.2.0 werkzeug==3.1.3 \
|
||||
pytest-httpbin==2.1.0"
|
||||
|
||||
# Move to test dir, print what is there
|
||||
rlRun "cd $(dirname $TmpDir/BUILD/*requests*/tests)"
|
||||
|
Loading…
Reference in New Issue
Block a user