Update to 2.32.4

- Security fix for CVE-2024-47081: .netrc credentials leak via malicious URLs (cherry picked from Fedora commit 8607c2fb6581a3f649be34ed5adb77bd1c67fc6d) Resolves: RHEL-105460
2025-07-07 12:12:42 +02:00 · 2025-07-07 12:12:42 +02:00 · f0b8efe222
commit f0b8efe222
parent 935c98f0c6
5 changed files with 17 additions and 11 deletions
--- a/.gitignore
+++ b/.gitignore
@ -53,3 +53,4 @@
 /requests-v2.28.2.tar.gz
 /requests-v2.31.0.tar.gz
 /requests-v2.32.3.tar.gz
+/requests-v2.32.4.tar.gz
--- a/python-requests.spec
+++ b/python-requests.spec
@ -5,8 +5,8 @@
 %bcond extras   %{undefined rhel}

 Name:           python-requests
-Version:        2.32.3
-Release:        2%{?dist}
+Version:        2.32.4
+Release:        1%{?dist}
 Summary:        HTTP library, written in Python, for human beings

 License:        Apache-2.0
@ -94,6 +94,11 @@ sed -i 's/ --doctest-modules//' pyproject.toml


 %changelog
+* Mon Jul 07 2025 Miro Hrončok <mhroncok@redhat.com> - 2.32.4-1
+- Update to 2.32.4
+- Security fix for CVE-2024-47081: .netrc credentials leak via malicious URLs
+Resolves: RHEL-105460
+
 * Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 2.32.3-2
 - Bump release for October 2024 mass rebuild:
  Resolves: RHEL-64018
--- a/2
+++ b/2
@ -1 +1 @@
-SHA512 (requests-v2.32.3.tar.gz) = ea3e85e035efed0fe22bf8640491ffb20c2ac50359bb1e11c9147ed850cac5e4a6a36ab58a48fc6c6d6a44df2b511e8a5d902444c034da6baa6adc5f9417697f
+SHA512 (requests-v2.32.4.tar.gz) = 7638061283a5e66c51f26107f5a88d090d35feecbf5a9075af842b67c0abd727af855346e2385130fa79738395a3821107be300e3de60a9a0e84fe69904288cd
--- a/system-certs.patch
+++ b/system-certs.patch
@ -1,7 +1,7 @@
-From bb733473e91e71b812ada46bc110f607630f9327 Mon Sep 17 00:00:00 2001
+From e0ce6c20989a205489df47f8abaff5369ed588ca Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Hrn=C4=8Diar?= <thrnciar@redhat.com>
 Date: Thu, 30 May 2024 11:10:29 +0200
-Subject: [PATCH 1/2] system certs
+Subject: [PATCH] system certs

 Co-authored-by: Lumir Balhar <lbalhar@redhat.com>
 ---
@ -23,17 +23,17 @@ index 8d44e0e..fa10a53 100644
     idna>=2.5,<4
     urllib3>=1.21.1,<3
 diff --git a/setup.py b/setup.py
-index 1b0eb37..03d19b0 100755
+index 7d9b52b..17da826 100755
 --- a/setup.py
 +++ b/setup.py
-@@ -62,7 +62,6 @@ requires = [
+@@ -37,7 +37,6 @@ requires = [
     "charset_normalizer>=2,<4",
     "idna>=2.5,<4",
     "urllib3>=1.21.1,<3",
 -    "certifi>=2017.4.17",
 ]
 test_requirements = [
-     "pytest-httpbin==2.0.0",
+     "pytest-httpbin==2.1.0",
 diff --git a/src/requests/certs.py b/src/requests/certs.py
 index be422c3..9aee713 100644
 --- a/src/requests/certs.py
@ -55,5 +55,5 @@ index be422c3..9aee713 100644
 if __name__ == "__main__":
     print(where())
 -- 
-2.45.1
+2.50.0

--- a/tests/upstream/runtest.sh
+++ b/tests/upstream/runtest.sh
@ -52,8 +52,8 @@ rlJournalStart

        # pip-install libraries not in the repos
        # pytest is installed in fmf requirement
-        rlRun "$PYTHON -m pip install pytest-mock==3.12.0 trustme==1.1.0 werkzeug==3.0.3 \
-                httpbin==0.10.2 pytest-httpbin==2.0.0"
+        rlRun "$PYTHON -m pip install pytest-mock==3.14.0 trustme==1.2.0 werkzeug==3.1.3 \
+                pytest-httpbin==2.1.0"

        # Move to test dir, print what is there
        rlRun "cd $(dirname $TmpDir/BUILD/*requests*/tests)"