Update to 1.26.19 to fix CVE-2024-37891

Resolves: RHEL-43171
2024-06-26 14:29:39 +02:00 · 2024-06-26 14:29:39 +02:00 · 7663694d96
commit 7663694d96
parent 9066dc8861
3 changed files with 8 additions and 3 deletions
--- a/.gitignore
+++ b/.gitignore
@ -40,3 +40,4 @@
 /urllib3-1.26.16.tar.gz
 /urllib3-1.26.17.tar.gz
 /urllib3-1.26.18.tar.gz
+/urllib3-1.26.19.tar.gz
--- a/python-urllib3.spec
+++ b/python-urllib3.spec
@ -9,8 +9,8 @@
 %endif

 Name:           python-urllib3
-Version:        1.26.18
-Release:        4%{?dist}
+Version:        1.26.19
+Release:        1%{?dist}
 Summary:        HTTP library with thread-safe connection pooling, file post, and more

 # SPDX
@ -168,6 +168,10 @@ ignore="${ignore-} --ignore=test/test_no_ssl.py"


 %changelog
+* Wed Jun 26 2024 Lumír Balhar <lbalhar@redhat.com> - 1.26.19-1
+- Update to 1.26.19 to fix CVE-2024-37891
+Resolves: RHEL-43171
+
 * Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 1.26.18-4
 - Bump release for June 2024 mass rebuild

--- a/2
+++ b/2
@ -1 +1 @@
-SHA512 (urllib3-1.26.18.tar.gz) = 62c0af4b11e797a85420ef3f0888f2e608334329eddd88b9fe563b5437189cbea8dbbcd53f999557d9828fcf4bf03b8ca9f6e3d401533bc4ae8ff96e3ece1557
+SHA512 (urllib3-1.26.19.tar.gz) = 6b72012dbd85434b2441229cbdea2a94583693f904dde349780e1290d581c8a5e10fe00a287a032ed1276349d0078b530f16a133e0f164dcea18105fa3dec79a