rpms/python-requests
6
0
Fork 0
Code Issues Pull Requests Releases Activity

Update to v2.20.0

Browse Source 
This fixes CVE-2018-18074.
This commit is contained in:
Jeremy Cline 2018-10-29 13:49:15 -04:00
parent a2a25ac328
commit ffc9beb883
No known key found for this signature in database
GPG Key ID: 9223308FA9B246DB
5 changed files with 15 additions and 47 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -39,3 +39,4 @@
/requests-v2.18.4.tar.gz /requests-v2.18.4.tar.gz
/requests-v2.19.0.tar.gz /requests-v2.19.0.tar.gz
/requests-v2.19.1.tar.gz /requests-v2.19.1.tar.gz
/requests-v2.20.0.tar.gz

28
dont-import-OrderedDict-from-urllib3.patch
View File

@ -1,28 +0,0 @@
From 152550287d6538e5cc7649bcf685a5a0b35058dd Mon Sep 17 00:00:00 2001
From: Jeremy Cline <jcline@redhat.com>
Date: Tue, 12 Jun 2018 14:06:00 -0400
Subject: [PATCH] Don't import OrderedDict from urllib3
We unbundle urllib3, just use collections (py2.7+)
Signed-off-by: Jeremy Cline <jcline@redhat.com>
---
requests/compat.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/requests/compat.py b/requests/compat.py
index 6b9c6fac..6ba6e460 100644
--- a/requests/compat.py
+++ b/requests/compat.py
@@ -45,7 +45,7 @@ if is_py2:
from StringIO import StringIO
from collections import Callable, Mapping, MutableMapping
- from urllib3.packages.ordered_dict import OrderedDict
+ from collections import OrderedDict # py2.7+
builtin_str = str
bytes = str
--
2.17.1

12
patch-requests-certs.py-to-use-the-system-CA-bundle.patch
View File

@ -1,4 +1,4 @@
From fd9ab446d8479360d2c1c8252508d97d58ed3e0e Mon Sep 17 00:00:00 2001 From a8ef690988f92a56226f8b688f1a3638346bca8e Mon Sep 17 00:00:00 2001
From: Jeremy Cline <jeremy@jcline.org> From: Jeremy Cline <jeremy@jcline.org>
Date: Mon, 19 Jun 2017 16:09:02 -0400 Date: Mon, 19 Jun 2017 16:09:02 -0400
Subject: [PATCH] Patch requests/certs.py to use the system CA bundle Subject: [PATCH] Patch requests/certs.py to use the system CA bundle
@ -10,7 +10,7 @@ Signed-off-by: Jeremy Cline <jeremy@jcline.org>
2 files changed, 10 insertions(+), 2 deletions(-) 2 files changed, 10 insertions(+), 2 deletions(-)
diff --git a/requests/certs.py b/requests/certs.py diff --git a/requests/certs.py b/requests/certs.py
index d1a378d..7b103ba 100644 index d1a378d7..7b103baf 100644
--- a/requests/certs.py --- a/requests/certs.py
+++ b/requests/certs.py +++ b/requests/certs.py
@@ -11,8 +11,17 @@ only one — the one from the certifi package. @@ -11,8 +11,17 @@ only one — the one from the certifi package.
@ -33,17 +33,17 @@ index d1a378d..7b103ba 100644
if __name__ == '__main__': if __name__ == '__main__':
print(where()) print(where())
diff --git a/setup.py b/setup.py diff --git a/setup.py b/setup.py
index 93a8507..2db9569 100755 index 4e2ad936..60de5861 100755
--- a/setup.py --- a/setup.py
+++ b/setup.py +++ b/setup.py
@@ -45,7 +45,6 @@ requires = [ @@ -45,7 +45,6 @@ requires = [
'chardet>=3.0.2,<3.1.0', 'chardet>=3.0.2,<3.1.0',
'idna>=2.5,<2.8', 'idna>=2.5,<2.8',
'urllib3>=1.21.1,<1.24', 'urllib3>=1.21.1,<1.25',
- 'certifi>=2017.4.17' - 'certifi>=2017.4.17'
] ]
test_requirements = ['pytest-httpbin==0.0.7', 'pytest-cov', 'pytest-mock', 'pytest-xdist', 'PySocks>=1.5.6, !=1.5.7', 'pytest>=2.8.0'] test_requirements = [
-- --
2.9.4 2.19.1

19
python-requests.spec
View File

@ -9,8 +9,8 @@
Name: python-requests Name: python-requests
Version: 2.19.1 Version: 2.20.0
Release: 3%{?dist} Release: 1%{?dist}
Summary: HTTP library, written in Python, for human beings Summary: HTTP library, written in Python, for human beings
License: ASL 2.0 License: ASL 2.0
@ -20,14 +20,6 @@ Source0: https://github.com/requests/requests/archive/v%{version}/request
# https://bugzilla.redhat.com/show_bug.cgi?id=904614 # https://bugzilla.redhat.com/show_bug.cgi?id=904614
Patch0: patch-requests-certs.py-to-use-the-system-CA-bundle.patch Patch0: patch-requests-certs.py-to-use-the-system-CA-bundle.patch
# Remove an unnecessary reference to a bundled compat lib in urllib3
# Some discussion with upstream:
# - https://twitter.com/sigmavirus24/status/529816751651819520
# - https://github.com/kennethreitz/requests/issues/1811
# - https://github.com/kennethreitz/requests/pull/1812
Patch1: dont-import-OrderedDict-from-urllib3.patch
# https://bugzilla.redhat.com/show_bug.cgi?id=1450608 # https://bugzilla.redhat.com/show_bug.cgi?id=1450608
Patch2: Remove-tests-that-use-the-tarpit.patch Patch2: Remove-tests-that-use-the-tarpit.patch
@ -135,18 +127,21 @@ PYTHONPATH=%{buildroot}%{python3_sitelib} %{__python3} -m pytest -v
%files -n python2-requests %files -n python2-requests
%license LICENSE %license LICENSE
%doc README.rst HISTORY.rst %doc README.md HISTORY.md
%{python2_sitelib}/*.egg-info %{python2_sitelib}/*.egg-info
%{python2_sitelib}/requests/ %{python2_sitelib}/requests/
%files -n python%{python3_pkgversion}-requests %files -n python%{python3_pkgversion}-requests
%license LICENSE %license LICENSE
%doc README.rst HISTORY.rst %doc README.md HISTORY.md
%{python3_sitelib}/*.egg-info %{python3_sitelib}/*.egg-info
%{python3_sitelib}/requests/ %{python3_sitelib}/requests/
%changelog %changelog
* Mon Oct 29 2018 Jeremy Cline <jeremy@jcline.org> - 2.20.0-1
- Update to v2.20.0
* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.19.1-3 * Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.19.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild

2
sources
View File

@ -1 +1 @@
SHA512 (requests-v2.19.1.tar.gz) = 00adbbe63c88117fce25e4e2de4ddfb62f87276d627f97aaf8bc4afbf59a921cac57b87f51a0d99167b42d311fe8ca9723b2c5d3a9e04fb0ee318bf90fd9d4ed SHA512 (requests-v2.20.0.tar.gz) = 766c69d1778e7286232fcd750842e89cd9bb6637076e80fe95fb67f3ccb14049bf74a533de91ef9451ac6f397ad0a6d148eb444009f501178138cdeffc5ee7c4