Update to v2.20.0
This fixes CVE-2018-18074.
This commit is contained in:
Jeremy Cline
parent
a2a25ac328
commit
ffc9beb883
1
.gitignore
vendored
1
.gitignore
vendored
@ -39,3 +39,4 @@
|
||||
/requests-v2.18.4.tar.gz
|
||||
/requests-v2.19.0.tar.gz
|
||||
/requests-v2.19.1.tar.gz
|
||||
/requests-v2.20.0.tar.gz
|
||||
|
||||
@ -1,28 +0,0 @@
|
||||
From 152550287d6538e5cc7649bcf685a5a0b35058dd Mon Sep 17 00:00:00 2001
|
||||
From: Jeremy Cline <jcline@redhat.com>
|
||||
Date: Tue, 12 Jun 2018 14:06:00 -0400
|
||||
Subject: [PATCH] Don't import OrderedDict from urllib3
|
||||
|
||||
We unbundle urllib3, just use collections (py2.7+)
|
||||
|
||||
Signed-off-by: Jeremy Cline <jcline@redhat.com>
|
||||
---
|
||||
requests/compat.py | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/requests/compat.py b/requests/compat.py
|
||||
index 6b9c6fac..6ba6e460 100644
|
||||
--- a/requests/compat.py
|
||||
+++ b/requests/compat.py
|
||||
@@ -45,7 +45,7 @@ if is_py2:
|
||||
from StringIO import StringIO
|
||||
from collections import Callable, Mapping, MutableMapping
|
||||
|
||||
- from urllib3.packages.ordered_dict import OrderedDict
|
||||
+ from collections import OrderedDict # py2.7+
|
||||
|
||||
builtin_str = str
|
||||
bytes = str
|
||||
--
|
||||
2.17.1
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From fd9ab446d8479360d2c1c8252508d97d58ed3e0e Mon Sep 17 00:00:00 2001
|
||||
From a8ef690988f92a56226f8b688f1a3638346bca8e Mon Sep 17 00:00:00 2001
|
||||
From: Jeremy Cline <jeremy@jcline.org>
|
||||
Date: Mon, 19 Jun 2017 16:09:02 -0400
|
||||
Subject: [PATCH] Patch requests/certs.py to use the system CA bundle
|
||||
@ -10,7 +10,7 @@ Signed-off-by: Jeremy Cline <jeremy@jcline.org>
|
||||
2 files changed, 10 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/requests/certs.py b/requests/certs.py
|
||||
index d1a378d..7b103ba 100644
|
||||
index d1a378d7..7b103baf 100644
|
||||
--- a/requests/certs.py
|
||||
+++ b/requests/certs.py
|
||||
@@ -11,8 +11,17 @@ only one — the one from the certifi package.
|
||||
@ -33,17 +33,17 @@ index d1a378d..7b103ba 100644
|
||||
if __name__ == '__main__':
|
||||
print(where())
|
||||
diff --git a/setup.py b/setup.py
|
||||
index 93a8507..2db9569 100755
|
||||
index 4e2ad936..60de5861 100755
|
||||
--- a/setup.py
|
||||
+++ b/setup.py
|
||||
@@ -45,7 +45,6 @@ requires = [
|
||||
'chardet>=3.0.2,<3.1.0',
|
||||
'idna>=2.5,<2.8',
|
||||
'urllib3>=1.21.1,<1.24',
|
||||
'urllib3>=1.21.1,<1.25',
|
||||
- 'certifi>=2017.4.17'
|
||||
|
||||
]
|
||||
test_requirements = ['pytest-httpbin==0.0.7', 'pytest-cov', 'pytest-mock', 'pytest-xdist', 'PySocks>=1.5.6, !=1.5.7', 'pytest>=2.8.0']
|
||||
test_requirements = [
|
||||
--
|
||||
2.9.4
|
||||
2.19.1
|
||||
|
||||
|
||||
@ -9,8 +9,8 @@
|
||||
|
||||
|
||||
Name: python-requests
|
||||
Version: 2.19.1
|
||||
Release: 3%{?dist}
|
||||
Version: 2.20.0
|
||||
Release: 1%{?dist}
|
||||
Summary: HTTP library, written in Python, for human beings
|
||||
|
||||
License: ASL 2.0
|
||||
@ -20,14 +20,6 @@ Source0: https://github.com/requests/requests/archive/v%{version}/request
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=904614
|
||||
Patch0: patch-requests-certs.py-to-use-the-system-CA-bundle.patch
|
||||
|
||||
# Remove an unnecessary reference to a bundled compat lib in urllib3
|
||||
# Some discussion with upstream:
|
||||
# - https://twitter.com/sigmavirus24/status/529816751651819520
|
||||
# - https://github.com/kennethreitz/requests/issues/1811
|
||||
# - https://github.com/kennethreitz/requests/pull/1812
|
||||
Patch1: dont-import-OrderedDict-from-urllib3.patch
|
||||
|
||||
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=1450608
|
||||
Patch2: Remove-tests-that-use-the-tarpit.patch
|
||||
|
||||
@ -135,18 +127,21 @@ PYTHONPATH=%{buildroot}%{python3_sitelib} %{__python3} -m pytest -v
|
||||
|
||||
%files -n python2-requests
|
||||
%license LICENSE
|
||||
%doc README.rst HISTORY.rst
|
||||
%doc README.md HISTORY.md
|
||||
%{python2_sitelib}/*.egg-info
|
||||
%{python2_sitelib}/requests/
|
||||
|
||||
%files -n python%{python3_pkgversion}-requests
|
||||
%license LICENSE
|
||||
%doc README.rst HISTORY.rst
|
||||
%doc README.md HISTORY.md
|
||||
%{python3_sitelib}/*.egg-info
|
||||
%{python3_sitelib}/requests/
|
||||
|
||||
|
||||
%changelog
|
||||
* Mon Oct 29 2018 Jeremy Cline <jeremy@jcline.org> - 2.20.0-1
|
||||
- Update to v2.20.0
|
||||
|
||||
* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.19.1-3
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
|
||||
|
||||
|
||||
2
sources
2
sources
@ -1 +1 @@
|
||||
SHA512 (requests-v2.19.1.tar.gz) = 00adbbe63c88117fce25e4e2de4ddfb62f87276d627f97aaf8bc4afbf59a921cac57b87f51a0d99167b42d311fe8ca9723b2c5d3a9e04fb0ee318bf90fd9d4ed
|
||||
SHA512 (requests-v2.20.0.tar.gz) = 766c69d1778e7286232fcd750842e89cd9bb6637076e80fe95fb67f3ccb14049bf74a533de91ef9451ac6f397ad0a6d148eb444009f501178138cdeffc5ee7c4
|
||||
|
||||
Loading…
Reference in New Issue
Block a user