From 20e01faab849c3cb626aea93faec4db4db4f515d Mon Sep 17 00:00:00 2001 From: "Benjamin A. Beasley" Date: Mon, 2 Oct 2023 14:14:57 -0400 Subject: [PATCH] Update to 1.26.17: fix CVE-2023-43804 (GHSA-v845-jxx5-vc9f) --- .gitignore | 1 + python-urllib3.spec | 7 +++++-- sources | 2 +- 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index 282aa2f..67a6808 100644 --- a/.gitignore +++ b/.gitignore @@ -38,3 +38,4 @@ /urllib3-1.26.12.tar.gz /urllib3-1.26.15.tar.gz /urllib3-1.26.16.tar.gz +/urllib3-1.26.17.tar.gz diff --git a/python-urllib3.spec b/python-urllib3.spec index 3197ecc..59cf01b 100644 --- a/python-urllib3.spec +++ b/python-urllib3.spec @@ -7,8 +7,8 @@ %endif Name: python-urllib3 -Version: 1.26.16 -Release: 3%{?dist} +Version: 1.26.17 +Release: 1%{?dist} Summary: HTTP library with thread-safe connection pooling, file post, and more # SPDX @@ -154,6 +154,9 @@ ignore="${ignore-} --ignore=test/test_no_ssl.py" %changelog +* Mon Oct 02 2023 Benjamin A. Beasley - 1.26.17-1 +- Update to 1.26.17: fix CVE-2023-43804 (GHSA-v845-jxx5-vc9f) + * Wed Aug 30 2023 Yaakov Selkowitz - 1.26.16-3 - Use bundled six diff --git a/sources b/sources index 81f5417..3272333 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (urllib3-1.26.16.tar.gz) = 47cb993acabf169470448bc91b1a0d1fb4df6e60bf97ce6fb06f5397935f33f693cd0851a663fb36a7c5a4b19ed4dbcc0fcce9f45839315354a013f41d837f7a +SHA512 (urllib3-1.26.17.tar.gz) = ee235b2e31c34f26ab872623ef17a1119c9776c5a1bf0b4eb5ec92139de7c585dcf3cf90bfc2c6e1db5a1819aafbe6e732a8c540a4ae64ed7659267906c09768