From 0502dda22208c4e09903ec551f0f705ca23329b5 Mon Sep 17 00:00:00 2001
From: Maxwell G <maxwell@gtmx.me>
Date: Tue, 17 Oct 2023 15:28:43 -0500
Subject: [PATCH] Update to 1.26.18.

Mitigates CVE-2023-45803 / GHSA-g4mx-q9vg-27p4.

Ref: https://github.com/advisories/GHSA-g4mx-q9vg-27p4
---
 .gitignore          | 1 +
 python-urllib3.spec | 8 ++++++--
 sources             | 2 +-
 3 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/.gitignore b/.gitignore
index 67a6808..1a390e6 100644
--- a/.gitignore
+++ b/.gitignore
@@ -39,3 +39,4 @@
 /urllib3-1.26.15.tar.gz
 /urllib3-1.26.16.tar.gz
 /urllib3-1.26.17.tar.gz
+/urllib3-1.26.18.tar.gz
diff --git a/python-urllib3.spec b/python-urllib3.spec
index 39c7baa..cadf132 100644
--- a/python-urllib3.spec
+++ b/python-urllib3.spec
@@ -9,8 +9,8 @@
 %endif
 
 Name:           python-urllib3
-Version:        1.26.17
-Release:        2%{?dist}
+Version:        1.26.18
+Release:        1%{?dist}
 Summary:        HTTP library with thread-safe connection pooling, file post, and more
 
 # SPDX
@@ -168,6 +168,10 @@ ignore="${ignore-} --ignore=test/test_no_ssl.py"
 
 
 %changelog
+* Tue Oct 17 2023 Maxwell G <maxwell@gtmx.me> - 1.26.18-1
+- Update to 1.26.18.
+- Mitigates CVE-2023-45803 / GHSA-g4mx-q9vg-27p4.
+
 * Mon Oct 09 2023 Miro Hrončok <mhroncok@redhat.com> - 1.26.17-2
 - Switch the hardcoded dependency on urllib3[socks] to a weak one
 
diff --git a/sources b/sources
index 3272333..a21e385 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (urllib3-1.26.17.tar.gz) = ee235b2e31c34f26ab872623ef17a1119c9776c5a1bf0b4eb5ec92139de7c585dcf3cf90bfc2c6e1db5a1819aafbe6e732a8c540a4ae64ed7659267906c09768
+SHA512 (urllib3-1.26.18.tar.gz) = 62c0af4b11e797a85420ef3f0888f2e608334329eddd88b9fe563b5437189cbea8dbbcd53f999557d9828fcf4bf03b8ca9f6e3d401533bc4ae8ff96e3ece1557