Update to 1.26.18.

Mitigates CVE-2023-45803 / GHSA-g4mx-q9vg-27p4. Ref: https://github.com/advisories/GHSA-g4mx-q9vg-27p4
2023-10-17 15:28:43 -05:00 · 2023-10-17 15:28:43 -05:00 · 0502dda222
commit 0502dda222
parent 3ddc523acd
3 changed files with 8 additions and 3 deletions
--- a/.gitignore
+++ b/.gitignore
@ -39,3 +39,4 @@
 /urllib3-1.26.15.tar.gz
 /urllib3-1.26.16.tar.gz
 /urllib3-1.26.17.tar.gz
+/urllib3-1.26.18.tar.gz
--- a/python-urllib3.spec
+++ b/python-urllib3.spec
@ -9,8 +9,8 @@
 %endif

 Name:           python-urllib3
-Version:        1.26.17
-Release:        2%{?dist}
+Version:        1.26.18
+Release:        1%{?dist}
 Summary:        HTTP library with thread-safe connection pooling, file post, and more

 # SPDX
@ -168,6 +168,10 @@ ignore="${ignore-} --ignore=test/test_no_ssl.py"


 %changelog
+* Tue Oct 17 2023 Maxwell G <maxwell@gtmx.me> - 1.26.18-1
+- Update to 1.26.18.
+- Mitigates CVE-2023-45803 / GHSA-g4mx-q9vg-27p4.
+
 * Mon Oct 09 2023 Miro Hrončok <mhroncok@redhat.com> - 1.26.17-2
 - Switch the hardcoded dependency on urllib3[socks] to a weak one

--- a/2
+++ b/2
@ -1 +1 @@
-SHA512 (urllib3-1.26.17.tar.gz) = ee235b2e31c34f26ab872623ef17a1119c9776c5a1bf0b4eb5ec92139de7c585dcf3cf90bfc2c6e1db5a1819aafbe6e732a8c540a4ae64ed7659267906c09768
+SHA512 (urllib3-1.26.18.tar.gz) = 62c0af4b11e797a85420ef3f0888f2e608334329eddd88b9fe563b5437189cbea8dbbcd53f999557d9828fcf4bf03b8ca9f6e3d401533bc4ae8ff96e3ece1557