rpms/python-urllib3
6
0
Fork 0
Code Issues Pull Requests Releases Activity

Compare commits

base: rpms:imports/c10s/python-urllib3-1.26.19-1.el10
Branches Tags
rpms:c8
rpms:c9
rpms:c10s
rpms:c9-beta
rpms:c8s
rpms:c9s
rpms:c8-stream-3.9
rpms:c8-beta-stream-3.9
rpms:c8-beta-stream-2.7
rpms:c8-beta
rpms:stream-python39-3.9-rhel-8.10.0
rpms:stream-python27-2.7-rhel-8.10.0
rpms:stream-python39-3.9-rhel-8.9.0
rpms:stream-python38-3.8-rhel-8.10.0
rpms:stream-python38-3.8-rhel-8.9.0
rpms:stream-python27-2.7-rhel-8.9.0
rpms:stream-python39-3.9-bootstrap-rhel-8.9.0
rpms:stream-python38-3.8-bootstrap-rhel-8.9.0
rpms:c8-stream-3.8
rpms:c8-beta-stream-3.8
rpms:c8s-stream-3.9
rpms:c8s-stream-3.8
rpms:c8s-stream-2.7
rpms:c8-stream-2.7
rpms:imports/c9/python-urllib3-1.26.5-6.el9
rpms:imports/c10s/python-urllib3-1.26.19-2.el10
rpms:imports/c9-beta/python-urllib3-1.26.5-6.el9
rpms:imports/c9/python-urllib3-1.26.5-5.el9_4.1
rpms:imports/c8/python-urllib3-1.24.2-8.el8_10
rpms:imports/c10s/python-urllib3-1.26.19-1.el10
rpms:imports/c8/python-urllib3-1.24.2-7.el8
rpms:imports/c8-stream-3.9/python-urllib3-1.25.10-5.module_el8.10.0+3765+2f9a457d
rpms:imports/c9/python-urllib3-1.26.5-5.el9
rpms:imports/c9/python-urllib3-1.26.5-3.el9_3.1
rpms:imports/c8/python-urllib3-1.24.2-5.el8_9.2
rpms:imports/c9/python-urllib3-1.26.5-3.el9
rpms:imports/c9-beta/python-urllib3-1.26.5-3.el9
rpms:imports/c9-beta/python-urllib3-1.26.5-2.el9
rpms:imports/c8-stream-3.9/python-urllib3-1.25.10-4.module+el8.5.0+11712+ea2d2be1
rpms:imports/c8-stream-3.8/python-urllib3-1.25.7-5.module+el8.5.0+11639+ea5b349d
rpms:imports/c8-beta-stream-3.9/python-urllib3-1.25.10-4.module+el8.5.0+11712+ea2d2be1
rpms:imports/c8-beta-stream-3.9/python-urllib3-1.25.10-3.module+el8.4.0+9822+20bf1249
rpms:imports/c8-beta-stream-3.8/python-urllib3-1.25.7-5.module+el8.5.0+11639+ea5b349d
rpms:imports/c8-beta-stream-3.8/python-urllib3-1.25.7-4.module+el8.4.0+8888+89bc7e79
rpms:imports/c8-beta-stream-3.8/python-urllib3-1.25.7-4.module+el8.2.0+5234+f98739b6
rpms:imports/c8-beta-stream-2.7/python-urllib3-1.24.2-3.module+el8.4.0+9193+f3daf6ef
rpms:imports/c8-beta-stream-2.7/python-urllib3-1.24.2-1.module+el8.1.0+3280+19512f10
rpms:imports/c8-beta/python-urllib3-1.24.2-5.el8
rpms:imports/c8-beta/python-urllib3-1.24.2-4.el8
rpms:imports/c8-beta/python-urllib3-1.24.2-2.el8
rpms:imports/c8s-stream-3.9/python-urllib3-1.25.10-4.module+el8.5.0+11712+ea2d2be1
rpms:imports/c8s-stream-3.9/python-urllib3-1.25.10-3.module+el8.4.0+9540+56f9cecb
rpms:imports/c8s-stream-3.8/python-urllib3-1.25.7-5.module+el8.5.0+11639+ea5b349d
rpms:imports/c8s-stream-3.8/python-urllib3-1.25.7-4.module+el8.4.0+8888+89bc7e79
rpms:imports/c8s-stream-2.7/python-urllib3-1.24.2-3.module+el8.4.0+9193+f3daf6ef
rpms:imports/c8s/python-urllib3-1.24.2-5.el8
rpms:imports/c8s/python-urllib3-1.24.2-4.el8
rpms:imports/c8-stream-3.9/python-urllib3-1.25.10-3.module+el8.4.0+9822+20bf1249
rpms:imports/c8-stream-3.8/python-urllib3-1.25.7-4.module+el8.4.0+8888+89bc7e79
rpms:imports/c8-stream-3.8/python-urllib3-1.25.7-4.module+el8.2.0+5234+f98739b6
rpms:imports/c8-stream-2.7/python-urllib3-1.24.2-3.module+el8.4.0+9193+f3daf6ef
rpms:imports/c8-stream-2.7/python-urllib3-1.24.2-1.module+el8.1.0+3280+19512f10
rpms:imports/c8-stream-2.7/python-urllib3-1.23-7.1.module+el8.0.0+4028+a686efca
rpms:imports/c8-stream-2.7/python-urllib3-1.23-7.module+el8.0.0+2961+596d0223
rpms:imports/c8-stream-2.7/python-urllib3-1.23-7.module+el8.0.0.z+3358+99b46920
rpms:imports/c8/python-urllib3-1.24.2-5.el8
rpms:imports/c8/python-urllib3-1.24.2-4.el8
rpms:imports/c8/python-urllib3-1.24.2-2.el8
rpms:imports/c8/python-urllib3-1.23-5.el8
...
compare: rpms:c8
Branches Tags
rpms:c9
rpms:c10s
rpms:c9-beta
rpms:c8
rpms:c8s
rpms:c9s
rpms:c8-stream-3.9
rpms:c8-beta-stream-3.9
rpms:c8-beta-stream-2.7
rpms:c8-beta
rpms:stream-python39-3.9-rhel-8.10.0
rpms:stream-python27-2.7-rhel-8.10.0
rpms:stream-python39-3.9-rhel-8.9.0
rpms:stream-python38-3.8-rhel-8.10.0
rpms:stream-python38-3.8-rhel-8.9.0
rpms:stream-python27-2.7-rhel-8.9.0
rpms:stream-python39-3.9-bootstrap-rhel-8.9.0
rpms:stream-python38-3.8-bootstrap-rhel-8.9.0
rpms:c8-stream-3.8
rpms:c8-beta-stream-3.8
rpms:c8s-stream-3.9
rpms:c8s-stream-3.8
rpms:c8s-stream-2.7
rpms:c8-stream-2.7
rpms:imports/c9/python-urllib3-1.26.5-6.el9
rpms:imports/c10s/python-urllib3-1.26.19-2.el10
rpms:imports/c9-beta/python-urllib3-1.26.5-6.el9
rpms:imports/c9/python-urllib3-1.26.5-5.el9_4.1
rpms:imports/c8/python-urllib3-1.24.2-8.el8_10
rpms:imports/c10s/python-urllib3-1.26.19-1.el10
rpms:imports/c8/python-urllib3-1.24.2-7.el8
rpms:imports/c8-stream-3.9/python-urllib3-1.25.10-5.module_el8.10.0+3765+2f9a457d
rpms:imports/c9/python-urllib3-1.26.5-5.el9
rpms:imports/c9/python-urllib3-1.26.5-3.el9_3.1
rpms:imports/c8/python-urllib3-1.24.2-5.el8_9.2
rpms:imports/c9/python-urllib3-1.26.5-3.el9
rpms:imports/c9-beta/python-urllib3-1.26.5-3.el9
rpms:imports/c9-beta/python-urllib3-1.26.5-2.el9
rpms:imports/c8-stream-3.9/python-urllib3-1.25.10-4.module+el8.5.0+11712+ea2d2be1
rpms:imports/c8-stream-3.8/python-urllib3-1.25.7-5.module+el8.5.0+11639+ea5b349d
rpms:imports/c8-beta-stream-3.9/python-urllib3-1.25.10-4.module+el8.5.0+11712+ea2d2be1
rpms:imports/c8-beta-stream-3.9/python-urllib3-1.25.10-3.module+el8.4.0+9822+20bf1249
rpms:imports/c8-beta-stream-3.8/python-urllib3-1.25.7-5.module+el8.5.0+11639+ea5b349d
rpms:imports/c8-beta-stream-3.8/python-urllib3-1.25.7-4.module+el8.4.0+8888+89bc7e79
rpms:imports/c8-beta-stream-3.8/python-urllib3-1.25.7-4.module+el8.2.0+5234+f98739b6
rpms:imports/c8-beta-stream-2.7/python-urllib3-1.24.2-3.module+el8.4.0+9193+f3daf6ef
rpms:imports/c8-beta-stream-2.7/python-urllib3-1.24.2-1.module+el8.1.0+3280+19512f10
rpms:imports/c8-beta/python-urllib3-1.24.2-5.el8
rpms:imports/c8-beta/python-urllib3-1.24.2-4.el8
rpms:imports/c8-beta/python-urllib3-1.24.2-2.el8
rpms:imports/c8s-stream-3.9/python-urllib3-1.25.10-4.module+el8.5.0+11712+ea2d2be1
rpms:imports/c8s-stream-3.9/python-urllib3-1.25.10-3.module+el8.4.0+9540+56f9cecb
rpms:imports/c8s-stream-3.8/python-urllib3-1.25.7-5.module+el8.5.0+11639+ea5b349d
rpms:imports/c8s-stream-3.8/python-urllib3-1.25.7-4.module+el8.4.0+8888+89bc7e79
rpms:imports/c8s-stream-2.7/python-urllib3-1.24.2-3.module+el8.4.0+9193+f3daf6ef
rpms:imports/c8s/python-urllib3-1.24.2-5.el8
rpms:imports/c8s/python-urllib3-1.24.2-4.el8
rpms:imports/c8-stream-3.9/python-urllib3-1.25.10-3.module+el8.4.0+9822+20bf1249
rpms:imports/c8-stream-3.8/python-urllib3-1.25.7-4.module+el8.4.0+8888+89bc7e79
rpms:imports/c8-stream-3.8/python-urllib3-1.25.7-4.module+el8.2.0+5234+f98739b6
rpms:imports/c8-stream-2.7/python-urllib3-1.24.2-3.module+el8.4.0+9193+f3daf6ef
rpms:imports/c8-stream-2.7/python-urllib3-1.24.2-1.module+el8.1.0+3280+19512f10
rpms:imports/c8-stream-2.7/python-urllib3-1.23-7.1.module+el8.0.0+4028+a686efca
rpms:imports/c8-stream-2.7/python-urllib3-1.23-7.module+el8.0.0+2961+596d0223
rpms:imports/c8-stream-2.7/python-urllib3-1.23-7.module+el8.0.0.z+3358+99b46920
rpms:imports/c8/python-urllib3-1.24.2-5.el8
rpms:imports/c8/python-urllib3-1.24.2-4.el8
rpms:imports/c8/python-urllib3-1.24.2-2.el8
rpms:imports/c8/python-urllib3-1.23-5.el8

No commits in common. "imports/c10s/python-urllib3-1.26.19-1.el10" and "c8" have entirely different histories.
imports/c1 ... c8

12 changed files with 828 additions and 583 deletions
Show Stats Expand all files Collapse all files

44
.gitignore vendored
View File

@ -1,43 +1 @@
/urllib3-1.5.tar.gz
/urllib3-1.7.tar.gz
/urllib3-1.7.1.tar.gz
/urllib3-1.8.2.tar.gz
/urllib3-1.9.1.tar.gz
/urllib3-1.10.tar.gz
/urllib3-1.10.1.tar.gz
/urllib3-1.10.2.tar.gz
/urllib3-1.10.3.tar.gz
/urllib3-585983ab3f7fb7a0e0b223ebdab1b45471dbefe4.tar.gz
/urllib3-a91975b77a2e28394859487fe5ebbf4a3a74e634.tar.gz
/urllib3-1.10.4.tar.gz
/urllib3-1.12.tar.gz
/urllib3-1.13.tar.gz
/urllib3-1.13.1.tar.gz
/urllib3-1.15.1.tar.gz
/urllib3-1.16.tar.gz
/urllib3-1.19.1.tar.gz
/urllib3-1.20.tar.gz
/urllib3-1.21.1.tar.gz
/urllib3-1.22.tar.gz
/urllib3-1.23.tar.gz
/urllib3-1.24.tar.gz
/urllib3-1.24.1.tar.gz
/urllib3-1.24.2.tar.gz
/urllib3-1.25.2.tar.gz
/urllib3-1.25.3.tar.gz
/urllib3-1.25.6.tar.gz
/urllib3-1.25.7.tar.gz
/urllib3-1.25.8.tar.gz
/urllib3-1.25.10.tar.gz
/urllib3-1.26.4.tar.gz
/urllib3-1.26.5.tar.gz
/urllib3-1.26.6.tar.gz
/urllib3-1.26.7.tar.gz
/urllib3-1.26.8.tar.gz
/urllib3-1.26.9.tar.gz
/urllib3-1.26.12.tar.gz
/urllib3-1.26.15.tar.gz
/urllib3-1.26.16.tar.gz
/urllib3-1.26.17.tar.gz
/urllib3-1.26.18.tar.gz
/urllib3-1.26.19.tar.gz
SOURCES/urllib3-1.24.2.tar.gz

1
.python-urllib3.metadata Normal file
View File

@ -0,0 +1 @@
02f5f10287e42a0e9d8666bbec9c51c4aec5bfc7 SOURCES/urllib3-1.24.2.tar.gz

162
SOURCES/CVE-2019-11236.patch Normal file
View File

@ -0,0 +1,162 @@
From 9f6aa6b5f06ecfcfea2084d88f377c6e9dba5ce2 Mon Sep 17 00:00:00 2001
From: Ryan Petrello <rpetrell@redhat.com>
Date: Tue, 30 Apr 2019 12:36:48 -0400
Subject: [PATCH 1/3] prevent CVE-2019-9740 in 1.24.x
adapted from https://github.com/python/cpython/pull/12755
---
test/test_util.py | 5 +++++
src/urllib3/util/url.py | 8 ++++++++
2 files changed, 13 insertions(+)
diff --git a/test/test_util.py b/test/test_util.py
index 73d9452..dc6ffd0 100644
--- a/test/test_util.py
+++ b/test/test_util.py
@@ -200,6 +200,11 @@ class TestUtil(object):
with pytest.raises(ValueError):
parse_url('[::1')
+ def test_parse_url_contains_control_characters(self):
+ # see CVE-2019-9740
+ with pytest.raises(LocationParseError):
+ parse_url('http://localhost:8000/ HTTP/1.1\r\nHEADER: INJECTED\r\nIgnore:')
+
def test_Url_str(self):
U = Url('http', host='google.com')
assert str(U) == U.url
diff --git a/src/urllib3/util/url.py b/src/urllib3/util/url.py
index 6b6f996..e8e1bd7 100644
--- a/src/urllib3/util/url.py
+++ b/src/urllib3/util/url.py
@@ -1,5 +1,6 @@
from __future__ import absolute_import
from collections import namedtuple
+import re
from ..exceptions import LocationParseError
@@ -10,6 +11,8 @@ url_attrs = ['scheme', 'auth', 'host', 'port', 'path', 'query', 'fragment']
# urllib3 infers URLs without a scheme (None) to be http.
NORMALIZABLE_SCHEMES = ('http', 'https', None)
+_contains_disallowed_url_pchar_re = re.compile('[\x00-\x20\x7f]')
+
class Url(namedtuple('Url', url_attrs)):
"""
@@ -155,6 +158,11 @@ def parse_url(url):
# Empty
return Url()
+ # Prevent CVE-2019-9740.
+ # adapted from https://github.com/python/cpython/pull/12755
+ if _contains_disallowed_url_pchar_re.search(url):
+ raise LocationParseError("URL can't contain control characters. {!r}".format(url))
+
scheme = None
auth = None
host = None
--
2.20.1
From ecc15bd412354ad916712113b0e426f8bc6cf52d Mon Sep 17 00:00:00 2001
From: Ryan Petrello <lists@ryanpetrello.com>
Date: Wed, 1 May 2019 16:46:44 -0400
Subject: [PATCH 2/3] avoid CVE-2019-9740 by percent-encoding invalid path
characters
this is to avoid breaking changes in downstream libraries like requests
---
test/test_util.py | 4 ++--
src/urllib3/util/url.py | 4 ++--
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/test/test_util.py b/test/test_util.py
index dc6ffd0..d139329 100644
--- a/test/test_util.py
+++ b/test/test_util.py
@@ -202,8 +202,8 @@ class TestUtil(object):
def test_parse_url_contains_control_characters(self):
# see CVE-2019-9740
- with pytest.raises(LocationParseError):
- parse_url('http://localhost:8000/ HTTP/1.1\r\nHEADER: INJECTED\r\nIgnore:')
+ url = parse_url('http://localhost:8000/ HTTP/1.1\r\nHEADER: INJECTED\r\nIgnore:')
+ assert url.path == '/%20HTTP/1.1%0D%0AHEADER:%20INJECTED%0D%0AIgnore:'
def test_Url_str(self):
U = Url('http', host='google.com')
diff --git a/src/urllib3/util/url.py b/src/urllib3/util/url.py
index e8e1bd7..12b8d55 100644
--- a/src/urllib3/util/url.py
+++ b/src/urllib3/util/url.py
@@ -3,6 +3,7 @@ from collections import namedtuple
import re
from ..exceptions import LocationParseError
+from ..packages.six.moves.urllib.parse import quote
url_attrs = ['scheme', 'auth', 'host', 'port', 'path', 'query', 'fragment']
@@ -160,8 +161,7 @@ def parse_url(url):
# Prevent CVE-2019-9740.
# adapted from https://github.com/python/cpython/pull/12755
- if _contains_disallowed_url_pchar_re.search(url):
- raise LocationParseError("URL can't contain control characters. {!r}".format(url))
+ url = _contains_disallowed_url_pchar_re.sub(lambda match: quote(match.group()), url)
scheme = None
auth = None
--
2.20.1
From 6cda449df587fd37135ee76a9253dc8e12e53c05 Mon Sep 17 00:00:00 2001
From: Seth Michael Larson <sethmichaellarson@gmail.com>
Date: Thu, 2 May 2019 09:02:24 -0500
Subject: [PATCH 3/3] Also test unicode and query
---
test/test_util.py | 22 +++++++++++++++++++---
1 file changed, 19 insertions(+), 3 deletions(-)
diff --git a/test/test_util.py b/test/test_util.py
index d139329..fa53aaf 100644
--- a/test/test_util.py
+++ b/test/test_util.py
@@ -200,10 +200,26 @@ class TestUtil(object):
with pytest.raises(ValueError):
parse_url('[::1')
- def test_parse_url_contains_control_characters(self):
+ @pytest.mark.parametrize('url, expected_url', [
+ (
+ 'http://localhost/ HTTP/1.1\r\nHEADER: INJECTED\r\nIgnore:',
+ Url('http', host='localhost', port=None,
+ path='/%20HTTP/1.1%0D%0AHEADER:%20INJECTED%0D%0AIgnore:')
+ ),
+ (
+ u'http://localhost/ HTTP/1.1\r\nHEADER: INJECTED\r\nIgnore:',
+ Url('http', host='localhost', port=None,
+ path='/%20HTTP/1.1%0D%0AHEADER:%20INJECTED%0D%0AIgnore:')
+ ),
+ (
+ 'http://localhost/ ?q=\r\n',
+ Url('http', host='localhost', path='/%20', query='q=%0D%0A')
+ ),
+ ])
+ def test_parse_url_contains_control_characters(self, url, expected_url):
# see CVE-2019-9740
- url = parse_url('http://localhost:8000/ HTTP/1.1\r\nHEADER: INJECTED\r\nIgnore:')
- assert url.path == '/%20HTTP/1.1%0D%0AHEADER:%20INJECTED%0D%0AIgnore:'
+ url = parse_url(url)
+ assert url == expected_url
def test_Url_str(self):
U = Url('http', host='google.com')
--
2.20.1

37
SOURCES/CVE-2020-26137.patch Normal file
View File

@ -0,0 +1,37 @@
diff --git a/src/urllib3/connection.py b/src/urllib3/connection.py
index 02b3665..1ab1890 100644
--- a/src/urllib3/connection.py
+++ b/src/urllib3/connection.py
@@ -1,4 +1,5 @@
from __future__ import absolute_import
+import re
import datetime
import logging
import os
@@ -61,6 +62,8 @@ port_by_scheme = {
# after 2016-01-01 (today - 2 years) AND before 2017-07-01 (today - 6 months)
RECENT_DATE = datetime.date(2017, 6, 30)
+_CONTAINS_CONTROL_CHAR_RE = re.compile(r"[^-!#$%&'*+.^_`|~0-9a-zA-Z]")
+
class DummyConnection(object):
"""Used to detect a failed ConnectionCls import."""
@@ -181,6 +184,17 @@ class HTTPConnection(_HTTPConnection, object):
conn = self._new_conn()
self._prepare_conn(conn)
+ def putrequest(self, method, url, *args, **kwargs):
+ """Send a request to the server"""
+ match = _CONTAINS_CONTROL_CHAR_RE.search(method)
+ if match:
+ raise ValueError(
+ "Method cannot contain non-token characters %r (found at least %r)"
+ % (method, match.group())
+ )
+
+ return _HTTPConnection.putrequest(self, method, url, *args, **kwargs)
+
def request_chunked(self, method, url, body=None, headers=None):
"""
Alternative to the common request method, which sends the

39
SOURCES/CVE-2023-43804.patch Normal file
View File

@ -0,0 +1,39 @@
From 24603488c43a7cbaffcff7e69a72ad9bb4604acf Mon Sep 17 00:00:00 2001
From: Lumir Balhar <lbalhar@redhat.com>
Date: Thu, 12 Oct 2023 14:08:31 +0200
Subject: [PATCH] CVE-2023-43804
---
src/urllib3/util/retry.py | 2 +-
test/test_retry.py | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/urllib3/util/retry.py b/src/urllib3/util/retry.py
index 02429ee..c4a687c 100644
--- a/src/urllib3/util/retry.py
+++ b/src/urllib3/util/retry.py
@@ -151,7 +151,7 @@ class Retry(object):
RETRY_AFTER_STATUS_CODES = frozenset([413, 429, 503])
- DEFAULT_REDIRECT_HEADERS_BLACKLIST = frozenset(['Authorization'])
+ DEFAULT_REDIRECT_HEADERS_BLACKLIST = frozenset(['Cookie', 'Authorization'])
#: Maximum backoff time.
BACKOFF_MAX = 120
diff --git a/test/test_retry.py b/test/test_retry.py
index 7546c43..b6d52bf 100644
--- a/test/test_retry.py
+++ b/test/test_retry.py
@@ -253,7 +253,7 @@ class TestRetry(object):
def test_retry_default_remove_headers_on_redirect(self):
retry = Retry()
- assert list(retry.remove_headers_on_redirect) == ['authorization']
+ assert retry.remove_headers_on_redirect == {'authorization', 'cookie'}
def test_retry_set_remove_headers_on_redirect(self):
retry = Retry(remove_headers_on_redirect=['x-api-secret'])
--
2.41.0

94
SOURCES/CVE-2023-45803.patch Normal file
View File

@ -0,0 +1,94 @@
From 6f6011442b255b6c135c294500cf4d404f594d8a Mon Sep 17 00:00:00 2001
From: Lumir Balhar <lbalhar@redhat.com>
Date: Tue, 12 Dec 2023 10:21:34 +0100
Subject: [PATCH] Security fix for CVE-2023-45803
---
src/urllib3/_collections.py | 18 ++++++++++++++++++
src/urllib3/connectionpool.py | 5 +++++
src/urllib3/poolmanager.py | 7 +++++--
3 files changed, 28 insertions(+), 2 deletions(-)
diff --git a/src/urllib3/_collections.py b/src/urllib3/_collections.py
index 34f2381..86fc900 100644
--- a/src/urllib3/_collections.py
+++ b/src/urllib3/_collections.py
@@ -260,6 +260,24 @@ class HTTPHeaderDict(MutableMapping):
else:
return vals[1:]
+ def _prepare_for_method_change(self):
+ """
+ Remove content-specific header fields before changing the request
+ method to GET or HEAD according to RFC 9110, Section 15.4.
+ """
+ content_specific_headers = [
+ "Content-Encoding",
+ "Content-Language",
+ "Content-Location",
+ "Content-Type",
+ "Content-Length",
+ "Digest",
+ "Last-Modified",
+ ]
+ for header in content_specific_headers:
+ self.discard(header)
+ return self
+
# Backwards compatibility for httplib
getheaders = getlist
getallmatchingheaders = getlist
diff --git a/src/urllib3/connectionpool.py b/src/urllib3/connectionpool.py
index f7a8f19..ad6303c 100644
--- a/src/urllib3/connectionpool.py
+++ b/src/urllib3/connectionpool.py
@@ -32,6 +32,7 @@ from .connection import (
HTTPConnection, HTTPSConnection, VerifiedHTTPSConnection,
HTTPException, BaseSSLError,
)
+from ._collections import HTTPHeaderDict
from .request import RequestMethods
from .response import HTTPResponse
@@ -679,7 +680,11 @@ class HTTPConnectionPool(ConnectionPool, RequestMethods):
redirect_location = redirect and response.get_redirect_location()
if redirect_location:
if response.status == 303:
+ # Change the method according to RFC 9110, Section 15.4.4.
method = 'GET'
+ # And lose the body not to transfer anything sensitive.
+ body = None
+ headers = HTTPHeaderDict(headers)._prepare_for_method_change()
try:
retries = retries.increment(method, url, response=response, _pool=self)
diff --git a/src/urllib3/poolmanager.py b/src/urllib3/poolmanager.py
index 32bd973..37557f9 100644
--- a/src/urllib3/poolmanager.py
+++ b/src/urllib3/poolmanager.py
@@ -3,7 +3,7 @@ import collections
import functools
import logging
-from ._collections import RecentlyUsedContainer
+from ._collections import HTTPHeaderDict, RecentlyUsedContainer
from .connectionpool import HTTPConnectionPool, HTTPSConnectionPool
from .connectionpool import port_by_scheme
from .exceptions import LocationValueError, MaxRetryError, ProxySchemeUnknown
@@ -330,9 +330,12 @@ class PoolManager(RequestMethods):
# Support relative URLs for redirecting.
redirect_location = urljoin(url, redirect_location)
- # RFC 7231, Section 6.4.4
if response.status == 303:
+ # Change the method according to RFC 9110, Section 15.4.4.
method = 'GET'
+ # And lose the body not to transfer anything sensitive.
+ kw["body"] = None
+ kw["headers"] = HTTPHeaderDict(kw["headers"])._prepare_for_method_change()
retries = kw.get('retries')
if not isinstance(retries, Retry):
--
2.43.0

39
SOURCES/CVE-2024-37891.patch Normal file
View File

@ -0,0 +1,39 @@
From 584378407efb03cef247320b541388f460cb72a2 Mon Sep 17 00:00:00 2001
From: Lumir Balhar <lbalhar@redhat.com>
Date: Mon, 1 Jul 2024 12:40:39 +0200
Subject: [PATCH] CVE-2024-37891
---
src/urllib3/util/retry.py | 2 +-
test/test_retry.py | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/urllib3/util/retry.py b/src/urllib3/util/retry.py
index c4a687c..8b86956 100644
--- a/src/urllib3/util/retry.py
+++ b/src/urllib3/util/retry.py
@@ -151,7 +151,7 @@ class Retry(object):
RETRY_AFTER_STATUS_CODES = frozenset([413, 429, 503])
- DEFAULT_REDIRECT_HEADERS_BLACKLIST = frozenset(['Cookie', 'Authorization'])
+ DEFAULT_REDIRECT_HEADERS_BLACKLIST = frozenset(['Cookie', 'Authorization', 'Proxy-Authorization'])
#: Maximum backoff time.
BACKOFF_MAX = 120
diff --git a/test/test_retry.py b/test/test_retry.py
index c6bba74..a525028 100644
--- a/test/test_retry.py
+++ b/test/test_retry.py
@@ -253,7 +253,7 @@ class TestRetry(object):
def test_retry_default_remove_headers_on_redirect(self):
retry = Retry()
- assert retry.remove_headers_on_redirect == {'authorization', 'cookie'}
+ assert retry.remove_headers_on_redirect == {'authorization', 'proxy-authorization', 'cookie'}
def test_retry_set_remove_headers_on_redirect(self):
retry = Retry(remove_headers_on_redirect=['x-api-secret'])
--
2.45.2

56
SOURCES/Enable_TLS_1.3_post-handshake_authentication.patch Normal file
View File

@ -0,0 +1,56 @@
From c9ed53c284a6747f17366eab71ba8922e33910e2 Mon Sep 17 00:00:00 2001
From: Lumir Balhar <lbalhar@redhat.com>
Date: Wed, 28 Aug 2019 14:55:26 +0200
Subject: [PATCH] Backported patch from:
https://github.com/urllib3/urllib3/commit/6a626be4ff623c25270e20db9002705bf4504e4e
Enable TLS 1.3 post-handshake authentication
---
src/urllib3/util/ssl_.py | 7 +++++++
test/test_ssl.py | 15 +++++++++++++++
2 files changed, 22 insertions(+)
diff --git a/src/urllib3/util/ssl_.py b/src/urllib3/util/ssl_.py
index 5ae4358..7dc4a5a 100644
--- a/src/urllib3/util/ssl_.py
+++ b/src/urllib3/util/ssl_.py
@@ -280,6 +280,13 @@ def create_urllib3_context(ssl_version=None, cert_reqs=None,
context.options |= options
+ # Enable post-handshake authentication for TLS 1.3, see GH #1634. PHA is
+ # necessary for conditional client cert authentication with TLS 1.3.
+ # The attribute is None for OpenSSL <= 1.1.0 or does not exist in older
+ # versions of Python.
+ if getattr(context, "post_handshake_auth", None) is not None:
+ context.post_handshake_auth = True
+
context.verify_mode = cert_reqs
if getattr(context, 'check_hostname', None) is not None: # Platform-specific: Python 3.2
# We do our own verification, including fingerprints and alternative
diff --git a/test/test_ssl.py b/test/test_ssl.py
index 6a46b4f..3a99522 100644
--- a/test/test_ssl.py
+++ b/test/test_ssl.py
@@ -125,3 +125,18 @@ def test_wrap_socket_default_loads_default_certs(monkeypatch):
ssl_.ssl_wrap_socket(sock)
context.load_default_certs.assert_called_with()
+
+
+@pytest.mark.parametrize(
+ ["pha", "expected_pha"], [(None, None), (False, True), (True, True)]
+)
+def test_create_urllib3_context_pha(monkeypatch, pha, expected_pha):
+ context = mock.create_autospec(ssl_.SSLContext)
+ context.set_ciphers = mock.Mock()
+ context.options = 0
+ context.post_handshake_auth = pha
+ monkeypatch.setattr(ssl_, "SSLContext", lambda *_, **__: context)
+
+ assert ssl_.create_urllib3_context() is context
+
+ assert context.post_handshake_auth == expected_pha
--
2.21.0

1
SOURCES/ssl_match_hostname_py3.py Normal file
View File

@ -0,0 +1 @@
from ssl import match_hostname, CertificateError

398
SPECS/python-urllib3.spec Normal file
View File

@ -0,0 +1,398 @@
%global srcname urllib3
Name: python-%{srcname}
Version: 1.24.2
Release: 8%{?dist}
Summary: Python HTTP library with thread-safe connection pooling and file post
License: MIT
URL: https://github.com/shazow/urllib3
Source0: %{url}/archive/%{version}/%{srcname}-%{version}.tar.gz
# Used with Python 3.5+
Source1: ssl_match_hostname_py3.py
BuildArch: noarch
# CVE-2019-11236 python-urllib3:
# - CRLF injection due to not encoding the '\r\n' sequence leading to
# possible attack on internal service.
# - Also known as CVE-2019-9740 (duplicate entry)
# Backported from:
# * https://github.com/urllib3/urllib3/pull/1591
# - Superfluous commits were omitted (flake8 checks, travis settings, macos patch)
# * https://github.com/urllib3/urllib3/pull/1593
Patch1: CVE-2019-11236.patch
# Enable post-handshake authentication for TLS 1.3
# - https://github.com/urllib3/urllib3/issues/1634
# - https://bugzilla.redhat.com/show_bug.cgi?id=1726743
Patch2: Enable_TLS_1.3_post-handshake_authentication.patch
# CVE-2020-26137
# CRLF injection via HTTP request method
# Resolved upstream: https://github.com/urllib3/urllib3/pull/1800
Patch3: CVE-2020-26137.patch
# CVE-2023-43804
# Added the `Cookie` header to the list of headers to strip from
# requests when redirecting to a different host. As before, different headers
# can be set via `Retry.remove_headers_on_redirect`.
# Tests backported only partially as we don't use the whole part of
# testing with dummyserver.
# Tracking bug: https://bugzilla.redhat.com/show_bug.cgi?id=2242493
# Upstream fix: https://github.com/urllib3/urllib3/commit/01220354d389cd05474713f8c982d05c9b17aafb
Patch4: CVE-2023-43804.patch
# CVE-2023-45803
# Remove HTTP request body when request method is changed.
# Tracking bug: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2023-45803
# Upstream fix: https://github.com/urllib3/urllib3/commit/4e98d57809dacab1cbe625fddeec1a290c478ea9
Patch5: CVE-2023-45803.patch
# CVE-2024-37891
# Added the `Proxy-Authorization` header to the list of headers to strip from requests
# when redirecting to a different host.
# Tracking bug: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2024-37891
# Upstream fix: https://github.com/urllib3/urllib3/commit/40b6d1605814dd1db0a46e202d6e56f2e4c9a468
Patch6: CVE-2024-37891.patch
%description
Python HTTP module with connection pooling and file POST abilities.
%package -n python3-%{srcname}
Summary: Python3 HTTP library with thread-safe connection pooling and file post
BuildRequires: python3-devel
# For unittests
BuildRequires: python3-nose
BuildRequires: python3-mock
BuildRequires: python3-six
BuildRequires: python3-pysocks
BuildRequires: python3-pytest
Requires: ca-certificates
Requires: python3-six
Requires: python3-pysocks
%description -n python3-%{srcname}
Python3 HTTP module with connection pooling and file POST abilities.
%prep
%setup -q -n %{srcname}-%{version}
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch6 -p1
# Make sure that the RECENT_DATE value doesn't get too far behind what the current date is.
# RECENT_DATE must not be older that 2 years from the build time, or else test_recent_date
# (from test/test_connection.py) would fail. However, it shouldn't be to close to the build time either,
# since a user's system time could be set to a little in the past from what build time is (because of timezones,
# corner cases, etc). As stated in the comment in src/urllib3/connection.py:
# When updating RECENT_DATE, move it to within two years of the current date,
# and not less than 6 months ago.
# Example: if Today is 2018-01-01, then RECENT_DATE should be any date on or
# after 2016-01-01 (today - 2 years) AND before 2017-07-01 (today - 6 months)
# There is also a test_ssl_wrong_system_time test (from test/with_dummyserver/test_https.py) that tests if
# user's system time isn't set as too far in the past, because it could lead to SSL verification errors.
# That is why we need RECENT_DATE to be set at most 2 years ago (or else test_ssl_wrong_system_time would
# result in false positive), but before at least 6 month ago (so this test could tolerate user's system time being
# set to some time in the past, but not to far away from the present).
# Next few lines update RECENT_DATE dynamically.
recent_date=$(date --date "7 month ago" +"%Y, %_m, %_d")
sed -i "s/^RECENT_DATE = datetime.date(.*)/RECENT_DATE = datetime.date($recent_date)/" src/urllib3/connection.py
# Drop the dummyserver tests in koji.
# These require tornado, a Web framework otherwise unused in the distro.
rm -rf test/with_dummyserver/
rm -rf test/test_connectionpool.py
rm -rf dummyserver/
# Don't run the Google App Engine tests
rm -rf test/appengine/
# Lots of these tests started failing, even for old versions, so it has something
# to do with Fedora in particular. They don't fail in upstream build infrastructure
rm -rf test/contrib/
# Tests for Python built without SSL, but RHEL builds with SSL. These tests
# fail when combined with the unbundling of backports-ssl_match_hostname
rm -f test/test_no_ssl.py
%build
%py3_build
%install
%py3_install
# Unbundle the Python 3 build
rm -rf %{buildroot}/%{python3_sitelib}/urllib3/packages/six.py*
rm -rf %{buildroot}/%{python3_sitelib}/urllib3/packages/__pycache__/six*
rm -rf %{buildroot}/%{python3_sitelib}/urllib3/packages/ssl_match_hostname/
mkdir -p %{buildroot}/%{python3_sitelib}/urllib3/packages/
ln -s %{python3_sitelib}/six.py \
%{buildroot}/%{python3_sitelib}/urllib3/packages/six.py
ln -s %{python3_sitelib}/__pycache__/six.cpython-%{python3_version_nodots}.opt-1.pyc \
%{buildroot}/%{python3_sitelib}/urllib3/packages/__pycache__/
ln -s %{python3_sitelib}/__pycache__/six.cpython-%{python3_version_nodots}.pyc \
%{buildroot}/%{python3_sitelib}/urllib3/packages/__pycache__/
# urllib3 requires Python 3.5 to use the standard library's match_hostname,
# which we ship in RHEL8, so we can safely replace the bundled version with
# this stub which imports the necessary objects.
cp %{SOURCE1} %{buildroot}/%{python3_sitelib}/urllib3/packages/ssl_match_hostname.py
%check
pushd test
PYTHONPATH=%{buildroot}%{python3_sitelib}:%{python3_sitelib} %{__python3} -m pytest -v
popd
%files -n python3-%{srcname}
%license LICENSE.txt
%doc CHANGES.rst README.rst CONTRIBUTORS.txt
%{python3_sitelib}/urllib3/
%{python3_sitelib}/urllib3-*.egg-info
%changelog
* Mon Jul 01 2024 Lumír Balhar <lbalhar@redhat.com> - 1.24.2-8
- Security fix for CVE-2024-37891
Resolves: RHEL-45334
* Tue Dec 12 2023 Lumír Balhar <lbalhar@redhat.com> - 1.24.2-7
- Security fix for CVE-2023-45803
Resolves: RHEL-16872
* Thu Oct 12 2023 Lumír Balhar <lbalhar@redhat.com> - 1.24.2-6
- Security fix for CVE-2023-43804
Resolves: RHEL-11992
* Mon Nov 09 2020 Charalampos Stratakis <cstratak@redhat.com> - 1.24.2-5
- Security fix for CVE-2020-26137
Resolves: rhbz#1883889
* Wed Oct 30 2019 Anna Khaitovich <akhaitov@redhat.com> - 1.24.2-4
- Update RECENT_DATE dynamically
Resolves: rhbz#1761380
* Wed Aug 28 2019 Lumír Balhar <lbalhar@redhat.com> - 1.24.2-3
- Enable TLS 1.3 post-handshake authentication
- Adjust RECENT_DATE variable according to rules
Resolves: rhbz#1726743
* Wed May 22 2019 Tomas Orsava <torsava@redhat.com> - 1.24.2-2
- Rebuilding after gating was enabled
- Resolves: rhbz#1703361 rhbz#1706026
* Fri May 03 2019 Tomas Orsava <torsava@redhat.com> - 1.24.2-1
- Rebased to 1.24.2 to fix CVE-2019-11324
- Added patches for CVE-2019-11236 (AKA CVE-2019-9740)
- Resolves: rhbz#1703361 rhbz#1706026
* Wed Jul 11 2018 Petr Viktorin <pviktori@redhat.com> - 1.23-5
- Remove the Python 2 subpackage
https://bugzilla.redhat.com/show_bug.cgi?id=1590400
* Mon Jun 25 2018 Lumír Balhar <lbalhar@redhat.com> - 1.23-4
- Allow build with Python 2
* Wed Jun 20 2018 Petr Viktorin <pviktori@redhat.com> - 1.23-3
- Skip tests that require tornado
* Wed Jun 20 2018 Lumír Balhar <lbalhar@redhat.com> - 1.23-2
- Remove unneeded python3-psutil dependency
* Tue Jun 05 2018 Jeremy Cline <jeremy@jcline.org> - 1.23-1
- Update to the latest upstream release (rhbz 1586072)
* Tue May 22 2018 Petr Viktorin <pviktori@redhat.com> - 1.22-10
- Skip tests for python2 subpackage, due to missing dependencies (rhbz 1580882)
* Thu May 03 2018 Lukas Slebodnik <lslebodn@fedoraproject.org> - 1.22-9
- Do not lowercase hostnames with custom-protocol (rhbz 1567862)
- upstream: https://github.com/urllib3/urllib3/issues/1267
* Wed Apr 18 2018 Jeremy Cline <jeremy@jcline.org> - 1.22-8
- Drop the dependency on idna and cryptography (rhbz 1567862)
* Mon Apr 16 2018 Jeremy Cline <jeremy@jcline.org> - 1.22-7
- Drop the dependency on PyOpenSSL, it's not needed (rhbz 1567862)
* Fri Feb 09 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.22-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Wed Jan 31 2018 Iryna Shcherbina <ishcherb@redhat.com> - 1.22-5
- Update Python 2 dependency declarations to new packaging standards
(See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3)
* Thu Jan 25 2018 Tomas Hoger <thoger@redhat.com> - 1.22-4
- Fix FTBFS - Move RECENT_DATE to 2017-06-30
* Fri Dec 01 2017 Jeremy Cline <jeremy@jcline.org> - 1.22-3
- Symlink the Python 3 bytecode for six (rbhz 1519147)
* Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.22-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Fri Jul 21 2017 Jeremy Cline <jeremy@jcline.org> - 1.22-1
- Update to 1.22 (#1473293)
* Wed May 17 2017 Jeremy Cline <jeremy@jcline.org> - 1.21.1-1
- Update to 1.21.1 (#1445280)
* Thu Feb 09 2017 Jeremy Cline <jeremy@jcline.org> - 1.20-1
- Update to 1.20 (#1414775)
* Tue Dec 13 2016 Stratakis Charalampos <cstratak@redhat.com> - 1.19.1-2
- Rebuild for Python 3.6
* Thu Nov 17 2016 Jeremy Cline <jeremy@jcline.org> 1.19.1-1
- Update to 1.19.1
- Clean up the specfile to only support Fedora 26
* Wed Aug 10 2016 Kevin Fenzi <kevin@scrye.com> - 1.16-3
- Rebuild now that python-requests is ready to update.
* Tue Jul 19 2016 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.16-2
- https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages
* Wed Jun 15 2016 Kevin Fenzi <kevin@scrye.com> - 1.16-1
- Update to 1.16
* Thu Jun 02 2016 Ralph Bean <rbean@redhat.com> - 1.15.1-3
- Create python2 subpackage to comply with guidelines.
* Wed Jun 01 2016 Ralph Bean <rbean@redhat.com> - 1.15.1-2
- Remove broken symlinks to unbundled python3-six files
https://bugzilla.redhat.com/show_bug.cgi?id=1295015
* Fri Apr 29 2016 Ralph Bean <rbean@redhat.com> - 1.15.1-1
- Removed patch for ipv6 support, now applied upstream.
- Latest version.
- New dep on pysocks.
* Fri Feb 26 2016 Ralph Bean <rbean@redhat.com> - 1.13.1-3
- Apply patch from upstream to fix ipv6.
* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 1.13.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
* Mon Dec 21 2015 Ralph Bean <rbean@redhat.com> - 1.13.1-1
- new version
* Fri Dec 18 2015 Ralph Bean <rbean@redhat.com> - 1.13-1
- new version
* Mon Dec 14 2015 Ralph Bean <rbean@redhat.com> - 1.12-1
- new version
* Thu Oct 15 2015 Robert Kuska <rkuska@redhat.com> - 1.10.4-7
- Rebuilt for Python3.5 rebuild
* Sat Oct 10 2015 Ralph Bean <rbean@redhat.com> - 1.10.4-6
- Sync from PyPI instead of a git checkout.
* Tue Sep 08 2015 Ralph Bean <rbean@redhat.com> - 1.10.4-5.20150503gita91975b
- Drop requirement on python-backports-ssl_match_hostname on F22 and newer.
* Thu Jun 18 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.10.4-4.20150503gita91975b
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
* Mon Jun 08 2015 Ralph Bean <rbean@redhat.com> - 1.10.4-3.20150503gita91975b
- Apply pyopenssl injection for an outdated cpython as per upstream advice
https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning
https://urllib3.readthedocs.org/en/latest/security.html#pyopenssl
* Tue May 19 2015 Ralph Bean <rbean@redhat.com> - 1.10.4-2.20150503gita91975b
- Specify symlinks for six.py{c,o}, fixing rhbz #1222142.
* Sun May 03 2015 Ralph Bean <rbean@redhat.com> - 1.10.4-1.20150503gita91975b
- Latest release for python-requests-2.7.0
* Wed Apr 29 2015 Ralph Bean <rbean@redhat.com> - 1.10.3-2.20150429git585983a
- Grab a git snapshot to get around this chunked encoding failure.
* Wed Apr 22 2015 Ralph Bean <rbean@redhat.com> - 1.10.3-1
- new version
* Thu Feb 26 2015 Ralph Bean <rbean@redhat.com> - 1.10.2-1
- new version
* Wed Feb 18 2015 Ralph Bean <rbean@redhat.com> - 1.10.1-1
- new version
* Wed Feb 18 2015 Ralph Bean <rbean@redhat.com> - 1.10.1-1
- new version
* Mon Jan 05 2015 Ralph Bean <rbean@redhat.com> - 1.10-2
- Copy in a shim for ssl_match_hostname on python3.
* Sun Dec 14 2014 Ralph Bean <rbean@redhat.com> - 1.10-1
- Latest upstream 1.10, for python-requests-2.5.0.
- Re-do unbundling without patch, with symlinks.
- Modernize python2 macros.
- Remove the with_dummyserver tests which fail only sometimes.
* Wed Nov 05 2014 Ralph Bean <rbean@redhat.com> - 1.9.1-1
- Latest upstream, 1.9.1 for latest python-requests.
* Mon Aug 4 2014 Tom Callaway <spot@fedoraproject.org> - 1.8.2-4
- fix license handling
* Sun Jun 08 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.8.2-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Wed May 14 2014 Bohuslav Kabrda <bkabrda@redhat.com> - 1.8.2-2
- Rebuilt for https://fedoraproject.org/wiki/Changes/Python_3.4
* Mon Apr 21 2014 Arun S A G <sagarun@gmail.com> - 1.8.2-1
- Update to latest upstream version
* Mon Oct 28 2013 Ralph Bean <rbean@redhat.com> - 1.7.1-2
- Update patch to find ca_certs in the correct location.
* Wed Sep 25 2013 Ralph Bean <rbean@redhat.com> - 1.7.1-1
- Latest upstream with support for a new timeout class and py3.4.
* Wed Aug 28 2013 Ralph Bean <rbean@redhat.com> - 1.7-3
- Bump release again, just to push an unpaired update.
* Mon Aug 26 2013 Ralph Bean <rbean@redhat.com> - 1.7-2
- Bump release to pair an update with python-requests.
* Thu Aug 22 2013 Ralph Bean <rbean@redhat.com> - 1.7-1
- Update to latest upstream.
- Removed the accept-header proxy patch which is included in upstream now.
- Removed py2.6 compat patch which is included in upstream now.
* Sun Aug 04 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.5-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Tue Jun 11 2013 Toshio Kuratomi <toshio@fedoraproject.org> - 1.5-6
- Fix Requires of python-ordereddict to only apply to RHEL
* Fri Mar 1 2013 Toshio Kuratomi <toshio@fedoraproject.org> - 1.5-5
- Unbundling finished!
* Fri Mar 01 2013 Ralph Bean <rbean@redhat.com> - 1.5-4
- Upstream patch to fix Accept header when behind a proxy.
- Reorganize patch numbers to more clearly distinguish them.
* Wed Feb 27 2013 Ralph Bean <rbean@redhat.com> - 1.5-3
- Renamed patches to python-urllib3-*
- Fixed ssl check patch to use the correct cert path for Fedora.
- Included dependency on ca-certificates
- Cosmetic indentation changes to the .spec file.
* Tue Feb 5 2013 Toshio Kuratomi <toshio@fedoraproject.org> - 1.5-2
- python3-tornado BR and run all unittests on python3
* Mon Feb 04 2013 Toshio Kuratomi <toshio@fedoraproject.org> 1.5-1
- Initial fedora build.

539
python-urllib3.spec
View File

@ -1,539 +0,0 @@
# When bootstrapping Python, we cannot test this yet
# RHEL does not include the test dependencies and the dependencies for extras
%if 0%{?rhel}
%bcond_with tests
%bcond_with extras
%else
%bcond_without tests
%bcond_without extras
%endif
Name: python-urllib3
Version: 1.26.19
Release: 1%{?dist}
Summary: HTTP library with thread-safe connection pooling, file post, and more
# SPDX
License: MIT
URL: https://github.com/urllib3/urllib3
Source: %{url}/archive/%{version}/urllib3-%{version}.tar.gz
BuildArch: noarch
BuildRequires: python3-devel
%if %{with tests}
# Test dependencies are listed only in dev-requirements.txt. Because there are
# linters and coverage tools mixed in, and exact versions are pinned, we resort
# to manual listing.
# mock==3.0.5: patched out in %%prep
# coverage~=6.0;python_version>="3.6": omitted linter/coverage tool
# tornado==6.1.0;python_version>="3.6"
BuildRequires: %{py3_dist tornado} >= 6.1
# PySocks==1.7.1
BuildRequires: %{py3_dist PySocks} >= 1.7.1
# win-inet-pton==1.1.0: Windows-only workaround
# pytest==6.2.4; python_version>="3.10"
BuildRequires: %{py3_dist pytest} >= 6.2.4
# pytest-timeout==1.4.2
BuildRequires: %{py3_dist pytest-timeout} >= 1.4.2
# pytest-freezegun==0.4.2
BuildRequires: %{py3_dist pytest-freezegun} >= 0.4.2
# flaky==3.7.0: not really required
# trustme==0.7.0
BuildRequires: %{py3_dist trustme} >= 0.7
# cryptography==38.0.3;python_version>="3.6": associated with the deprecated
# “secure” extra
# python-dateutil==2.8.1
BuildRequires: %{py3_dist python-dateutil} >= 2.8.1
# gcp-devrel-py-tools==0.0.16: not used in offline testing
%endif
%global _description %{expand:
urllib3 is a powerful, user-friendly HTTP client for Python. urllib3 brings
many critical features that are missing from the Python standard libraries:
Thread safety.
Connection pooling.
Client-side SSL/TLS verification.
File uploads with multipart encoding.
Helpers for retrying requests and dealing with HTTP redirects.
Support for gzip, deflate, brotli, and zstd encoding.
Proxy support for HTTP and SOCKS.
100% test coverage.}
%description %{_description}
%package -n python3-urllib3
Summary: %{summary}
BuildRequires: ca-certificates
Requires: ca-certificates
# There has historically been a manual hard dependency on python3-idna.
BuildRequires: %{py3_dist idna}
Requires: %{py3_dist idna}
# grep __version__ src/urllib3/packages/six.py
Provides: bundled(python3dist(six)) = 1.16.0
%if %{with extras}
# There has historically been a manual hard dependency on python3-pysocks;
# since bringing it in is the sole function of python3-urllib3+socks,
# we recommend it, so it is installed by default.
Recommends: python3-urllib3+socks
%endif
%description -n python3-urllib3 %{_description}
%if %{with extras}
# We do NOT package the “secure” extra because it is deprecated; see:
# “Deprecate the pyOpenSSL TLS implementation and [secure] extra”
# https://github.com/urllib3/urllib3/issues/2680
%pyproject_extras_subpkg -n python3-urllib3 brotli socks
%endif
%prep
%autosetup -n urllib3-%{version}
# Make sure that the RECENT_DATE value doesn't get too far behind what the current date is.
# RECENT_DATE must not be older that 2 years from the build time, or else test_recent_date
# (from test/test_connection.py) would fail. However, it shouldn't be to close to the build time either,
# since a user's system time could be set to a little in the past from what build time is (because of timezones,
# corner cases, etc). As stated in the comment in src/urllib3/connection.py:
# When updating RECENT_DATE, move it to within two years of the current date,
# and not less than 6 months ago.
# Example: if Today is 2018-01-01, then RECENT_DATE should be any date on or
# after 2016-01-01 (today - 2 years) AND before 2017-07-01 (today - 6 months)
# There is also a test_ssl_wrong_system_time test (from test/with_dummyserver/test_https.py) that tests if
# user's system time isn't set as too far in the past, because it could lead to SSL verification errors.
# That is why we need RECENT_DATE to be set at most 2 years ago (or else test_ssl_wrong_system_time would
# result in false positive), but before at least 6 month ago (so this test could tolerate user's system time being
# set to some time in the past, but not to far away from the present).
# Next few lines update RECENT_DATE dynamically.
recent_date=$(date --date "7 month ago" +"%Y, %_m, %_d")
sed -i "s/^RECENT_DATE = datetime.date(.*)/RECENT_DATE = datetime.date($recent_date)/" src/urllib3/connection.py
# Use the standard library instead of a backport
sed -i -e 's/^import mock/from unittest import mock/' \
-e 's/^from mock import /from unittest.mock import /' \
test/*.py docs/conf.py
%generate_buildrequires
# Generate BRs from packaged extras even when tests are disabled, to ensure
# the extras metapackages are installable if the build succeeds.
%pyproject_buildrequires %{?with_extras:-x brotli,socks}
%build
%pyproject_wheel
%install
%pyproject_install
%pyproject_save_files urllib3
%check
# urllib3.contrib.socks requires urllib3[socks]
# urllib3.contrib.ntlmpool is deprecated and requires ntlm
# urllib3.contrib.securetransport is macOS only
# urllib3.contrib.pyopenssl requires urllib3[secure]
%{pyproject_check_import %{!?with_extras:-e urllib3.contrib.socks}
-e urllib3.contrib.ntlmpool
-e urllib3.contrib.securetransport
-e urllib3.contrib.pyopenssl}
%if %{with tests}
# Drop the dummyserver tests in koji. They fail there in real builds, but not
# in scratch builds (weird).
ignore="${ignore-} --ignore=test/with_dummyserver/"
# Don't run the Google App Engine tests
ignore="${ignore-} --ignore=test/appengine/"
# Lots of these tests started failing, even for old versions, so it has something
# to do with Fedora in particular. They don't fail in upstream build infrastructure
ignore="${ignore-} --ignore=test/contrib/"
# Tests for Python built without SSL, but Fedora builds with SSL. These tests
# fail when combined with the unbundling of backports-ssl_match_hostname
ignore="${ignore-} --ignore=test/test_no_ssl.py"
%pytest -v ${ignore-}
%endif
%files -n python3-urllib3 -f %{pyproject_files}
%doc CHANGES.rst README.rst
%changelog
* Wed Jun 26 2024 Lumír Balhar <lbalhar@redhat.com> - 1.26.19-1
- Update to 1.26.19 to fix CVE-2024-37891
Resolves: RHEL-43171
* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 1.26.18-4
- Bump release for June 2024 mass rebuild
* Fri Jan 26 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1.26.18-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Mon Jan 22 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1.26.18-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Tue Oct 17 2023 Maxwell G <maxwell@gtmx.me> - 1.26.18-1
- Update to 1.26.18.
- Mitigates CVE-2023-45803 / GHSA-g4mx-q9vg-27p4.
* Mon Oct 09 2023 Miro Hrončok <mhroncok@redhat.com> - 1.26.17-2
- Switch the hardcoded dependency on urllib3[socks] to a weak one
* Mon Oct 02 2023 Benjamin A. Beasley <code@musicinmybrain.net> - 1.26.17-1
- Update to 1.26.17: fix CVE-2023-43804 (GHSA-v845-jxx5-vc9f)
* Wed Aug 30 2023 Yaakov Selkowitz <yselkowi@redhat.com> - 1.26.16-3
- Use bundled six
* Fri Jul 21 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1.26.16-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Sat Jul 01 2023 Benjamin A. Beasley <code@musicinmybrain.net> - 1.26.16-1
- Update to 1.26.16
* Sat Jul 01 2023 Python Maint <python-maint@redhat.com> - 1.26.15-3
- Rebuilt for Python 3.12
* Tue Jun 13 2023 Python Maint <python-maint@redhat.com> - 1.26.15-2
- Bootstrap for Python 3.12
* Thu May 18 2023 Benjamin A. Beasley <code@musicinmybrain.net> - 1.26.15-1
- Update to 1.26.15
* Thu May 18 2023 Benjamin A. Beasley <code@musicinmybrain.net> - 1.26.12-5
- Confirm the License is SPDX MIT
- Update Summary and description based on upstream
- Add metapackages for brotli and socks extras
- Port to pyproject-rpm-macros
* Tue May 16 2023 Yaakov Selkowitz <yselkowi@redhat.com> - 1.26.12-4
- Disable tests by default in RHEL builds
* Tue May 16 2023 Tomáš Hrnčiar <thrnciar@redhat.com> - 1.26.12-3
- Accomodate the test to the changed behavior of SSLContext.shared_ciphers() in CPython
- Fixes: rhbz#2203773
* Fri Jan 20 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1.26.12-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Thu Sep 15 2022 Kevin Fenzi <kevin@scrye.com> - 1.26.12-1
- Update to 1.26.12. Fixes rhbz#2104964
* Fri Jul 22 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1.26.9-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Tue Jun 14 2022 Python Maint <python-maint@redhat.com> - 1.26.9-3
- Rebuilt for Python 3.11
* Mon Jun 13 2022 Python Maint <python-maint@redhat.com> - 1.26.9-2
- Bootstrap for Python 3.11
* Mon May 30 2022 Kevin Fenzi <kevin@scrye.com> - 1.26.9-1
- Update to 1.26.9. fixes rhbz#2064777
* Fri Jan 21 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1.26.8-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Sat Jan 08 2022 Kevin Fenzi <kevin@scrye.com> - 1.26.8-1
- Update to 1.26.8. Fixes rhbz#2038246
* Tue Jan 04 2022 Adam Williamson <awilliam@redhat.com> - 1.26.7-2
- Stop unbundling ssl.match_hostname, it's deprecated upstream (#2009550)
* Sun Sep 26 2021 Kevin Fenzi <kevin@scrye.com> - 1.26.7-1
- Update to 1.26.7. Fixes rhbz#2006973
* Fri Jul 23 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.26.6-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Sun Jul 11 2021 Kevin Fenzi <kevin@scrye.com> - 1.26.6-1
- Update to 1.26.1. Fixes rhbz#1976190
- Fix FTBFS. Fixes rhbz#1966120
* Wed Jun 30 2021 Yatin Karel <ykarel@redhat.com> - 1.26.5-2
- Update minimal requirement of six to >= 1.16.0
* Wed Jun 16 2021 Karolina Surma <ksurma@redhat.com> - 1.26.5-1
- Update to 1.26.5
- Fixes rhbz#1965056
* Fri Jun 04 2021 Python Maint <python-maint@redhat.com> - 1.26.4-3
- Rebuilt for Python 3.10
* Wed Jun 02 2021 Python Maint <python-maint@redhat.com> - 1.26.4-2
- Bootstrap for Python 3.10
* Tue May 18 2021 Miro Hrončok <mhroncok@redhat.com> - 1.26.4-1
- Update to 1.26.4
- Fixes rhbz#1889391
* Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.25.10-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Fri Jan 15 2021 Miro Hrončok <mhroncok@redhat.com> - 1.25.10-3
- Drop redundant BuildRequires for nose
- Instead of the mock backport, use unittest.mock from the standard library
* Tue Jan 05 2021 Anna Khaitovich <akhaitov@redhat.com> - 1.25.10-2
- Update RECENT_DATE dynamically
* Sun Sep 27 2020 Kevin Fenzi <kevin@scrye.com> - 1.25.10-1
- Update to 1.25.10. Fixed bug #1824900
* Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.25.8-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Sun May 24 2020 Miro Hrončok <mhroncok@redhat.com> - 1.25.8-3
- Rebuilt for Python 3.9
* Fri May 22 2020 Miro Hrončok <mhroncok@redhat.com> - 1.25.8-2
- Bootstrap for Python 3.9
* Sun Mar 22 2020 Carl George <carl@george.computer> - 1.25.8-1
- Latest upstream rhbz#1771186
* Thu Jan 30 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.25.7-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Mon Nov 18 2019 Miro Hrončok <mhroncok@redhat.com> - 1.25.7-2
- Subpackage python2-urllib3 has been removed
See https://fedoraproject.org/wiki/Changes/Mass_Python_2_Package_Removal
* Tue Oct 15 2019 Jeremy Cline <jcline@redhat.com> - 1.25.6-1
- Update to v1.25.6
* Thu Oct 03 2019 Miro Hrončok <mhroncok@redhat.com> - 1.25.3-7
- Rebuilt for Python 3.8.0rc1 (#1748018)
* Sun Aug 18 2019 Miro Hrončok <mhroncok@redhat.com> - 1.25.3-6
- Rebuilt for Python 3.8
* Thu Aug 15 2019 Miro Hrončok <mhroncok@redhat.com> - 1.25.3-5
- Bootstrap for Python 3.8
* Fri Jul 26 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.25.3-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Mon Jul 08 2019 Miro Hrončok <mhroncok@redhat.com> - 1.25.3-3
- Set RECENT_DATE not to be older than 2 years (#1727796)
* Tue May 28 2019 Jeremy Cline <jcline@redhat.com> - 1.25.3-2
- Drop the Python 2 tests since Tornado is going away
* Tue May 28 2019 Jeremy Cline <jcline@redhat.com> - 1.25.3-1
- Update to 1.25.3
* Sat Feb 02 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.24.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Tue Nov 13 2018 Jeremy Cline <jeremy@jcline.org> - 1.24.1-2
- Adjust unbundling of ssl_match_hostname
* Mon Oct 29 2018 Jeremy Cline <jeremy@jcline.org> - 1.24.1-1
- Update to v1.24.1
* Wed Jun 20 2018 Lumír Balhar <lbalhar@redhat.com> - 1.23-4
- Removed unneeded dependency python[23]-psutil
* Mon Jun 18 2018 Miro Hrončok <mhroncok@redhat.com> - 1.23-3
- Rebuilt for Python 3.7
* Thu Jun 14 2018 Miro Hrončok <mhroncok@redhat.com> - 1.23-2
- Bootstrap for Python 3.7
* Tue Jun 05 2018 Jeremy Cline <jeremy@jcline.org> - 1.23-1
- Update to the latest upstream release (rhbz 1586072)
* Wed May 30 2018 Jeremy Cline <jeremy@jcline.org> - 1.22-10
- Backport patch to support Python 3.7 (rhbz 1584112)
* Thu May 03 2018 Lukas Slebodnik <lslebodn@fedoraproject.org> - 1.22-9
- Do not lowercase hostnames with custom-protocol (rhbz 1567862)
- upstream: https://github.com/urllib3/urllib3/issues/1267
* Wed Apr 18 2018 Jeremy Cline <jeremy@jcline.org> - 1.22-8
- Drop the dependency on idna and cryptography (rhbz 1567862)
* Mon Apr 16 2018 Jeremy Cline <jeremy@jcline.org> - 1.22-7
- Drop the dependency on PyOpenSSL, it's not needed (rhbz 1567862)
* Fri Feb 09 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.22-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Wed Jan 31 2018 Iryna Shcherbina <ishcherb@redhat.com> - 1.22-5
- Update Python 2 dependency declarations to new packaging standards
(See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3)
* Thu Jan 25 2018 Tomas Hoger <thoger@redhat.com> - 1.22-4
- Fix FTBFS - Move RECENT_DATE to 2017-06-30
* Fri Dec 01 2017 Jeremy Cline <jeremy@jcline.org> - 1.22-3
- Symlink the Python 3 bytecode for six (rbhz 1519147)
* Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.22-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Fri Jul 21 2017 Jeremy Cline <jeremy@jcline.org> - 1.22-1
- Update to 1.22 (#1473293)
* Wed May 17 2017 Jeremy Cline <jeremy@jcline.org> - 1.21.1-1
- Update to 1.21.1 (#1445280)
* Thu Feb 09 2017 Jeremy Cline <jeremy@jcline.org> - 1.20-1
- Update to 1.20 (#1414775)
* Tue Dec 13 2016 Stratakis Charalampos <cstratak@redhat.com> - 1.19.1-2
- Rebuild for Python 3.6
* Thu Nov 17 2016 Jeremy Cline <jeremy@jcline.org> 1.19.1-1
- Update to 1.19.1
- Clean up the specfile to only support Fedora 26
* Wed Aug 10 2016 Kevin Fenzi <kevin@scrye.com> - 1.16-3
- Rebuild now that python-requests is ready to update.
* Tue Jul 19 2016 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.16-2
- https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages
* Wed Jun 15 2016 Kevin Fenzi <kevin@scrye.com> - 1.16-1
- Update to 1.16
* Thu Jun 02 2016 Ralph Bean <rbean@redhat.com> - 1.15.1-3
- Create python2 subpackage to comply with guidelines.
* Wed Jun 01 2016 Ralph Bean <rbean@redhat.com> - 1.15.1-2
- Remove broken symlinks to unbundled python3-six files
https://bugzilla.redhat.com/show_bug.cgi?id=1295015
* Fri Apr 29 2016 Ralph Bean <rbean@redhat.com> - 1.15.1-1
- Removed patch for ipv6 support, now applied upstream.
- Latest version.
- New dep on pysocks.
* Fri Feb 26 2016 Ralph Bean <rbean@redhat.com> - 1.13.1-3
- Apply patch from upstream to fix ipv6.
* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 1.13.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
* Mon Dec 21 2015 Ralph Bean <rbean@redhat.com> - 1.13.1-1
- new version
* Fri Dec 18 2015 Ralph Bean <rbean@redhat.com> - 1.13-1
- new version
* Mon Dec 14 2015 Ralph Bean <rbean@redhat.com> - 1.12-1
- new version
* Thu Oct 15 2015 Robert Kuska <rkuska@redhat.com> - 1.10.4-7
- Rebuilt for Python3.5 rebuild
* Sat Oct 10 2015 Ralph Bean <rbean@redhat.com> - 1.10.4-6
- Sync from PyPI instead of a git checkout.
* Tue Sep 08 2015 Ralph Bean <rbean@redhat.com> - 1.10.4-5.20150503gita91975b
- Drop requirement on python-backports-ssl_match_hostname on F22 and newer.
* Thu Jun 18 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.10.4-4.20150503gita91975b
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
* Mon Jun 08 2015 Ralph Bean <rbean@redhat.com> - 1.10.4-3.20150503gita91975b
- Apply pyopenssl injection for an outdated cpython as per upstream advice
https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning
https://urllib3.readthedocs.org/en/latest/security.html#pyopenssl
* Tue May 19 2015 Ralph Bean <rbean@redhat.com> - 1.10.4-2.20150503gita91975b
- Specify symlinks for six.py{c,o}, fixing rhbz #1222142.
* Sun May 03 2015 Ralph Bean <rbean@redhat.com> - 1.10.4-1.20150503gita91975b
- Latest release for python-requests-2.7.0
* Wed Apr 29 2015 Ralph Bean <rbean@redhat.com> - 1.10.3-2.20150429git585983a
- Grab a git snapshot to get around this chunked encoding failure.
* Wed Apr 22 2015 Ralph Bean <rbean@redhat.com> - 1.10.3-1
- new version
* Thu Feb 26 2015 Ralph Bean <rbean@redhat.com> - 1.10.2-1
- new version
* Wed Feb 18 2015 Ralph Bean <rbean@redhat.com> - 1.10.1-1
- new version
* Wed Feb 18 2015 Ralph Bean <rbean@redhat.com> - 1.10.1-1
- new version
* Mon Jan 05 2015 Ralph Bean <rbean@redhat.com> - 1.10-2
- Copy in a shim for ssl_match_hostname on python3.
* Sun Dec 14 2014 Ralph Bean <rbean@redhat.com> - 1.10-1
- Latest upstream 1.10, for python-requests-2.5.0.
- Re-do unbundling without patch, with symlinks.
- Modernize python2 macros.
- Remove the with_dummyserver tests which fail only sometimes.
* Wed Nov 05 2014 Ralph Bean <rbean@redhat.com> - 1.9.1-1
- Latest upstream, 1.9.1 for latest python-requests.
* Mon Aug 4 2014 Tom Callaway <spot@fedoraproject.org> - 1.8.2-4
- fix license handling
* Sun Jun 08 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.8.2-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Wed May 14 2014 Bohuslav Kabrda <bkabrda@redhat.com> - 1.8.2-2
- Rebuilt for https://fedoraproject.org/wiki/Changes/Python_3.4
* Mon Apr 21 2014 Arun S A G <sagarun@gmail.com> - 1.8.2-1
- Update to latest upstream version
* Mon Oct 28 2013 Ralph Bean <rbean@redhat.com> - 1.7.1-2
- Update patch to find ca_certs in the correct location.
* Wed Sep 25 2013 Ralph Bean <rbean@redhat.com> - 1.7.1-1
- Latest upstream with support for a new timeout class and py3.4.
* Wed Aug 28 2013 Ralph Bean <rbean@redhat.com> - 1.7-3
- Bump release again, just to push an unpaired update.
* Mon Aug 26 2013 Ralph Bean <rbean@redhat.com> - 1.7-2
- Bump release to pair an update with python-requests.
* Thu Aug 22 2013 Ralph Bean <rbean@redhat.com> - 1.7-1
- Update to latest upstream.
- Removed the accept-header proxy patch which is included in upstream now.
- Removed py2.6 compat patch which is included in upstream now.
* Sun Aug 04 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.5-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Tue Jun 11 2013 Toshio Kuratomi <toshio@fedoraproject.org> - 1.5-6
- Fix Requires of python-ordereddict to only apply to RHEL
* Fri Mar 1 2013 Toshio Kuratomi <toshio@fedoraproject.org> - 1.5-5
- Unbundling finished!
* Fri Mar 01 2013 Ralph Bean <rbean@redhat.com> - 1.5-4
- Upstream patch to fix Accept header when behind a proxy.
- Reorganize patch numbers to more clearly distinguish them.
* Wed Feb 27 2013 Ralph Bean <rbean@redhat.com> - 1.5-3
- Renamed patches to python-urllib3-*
- Fixed ssl check patch to use the correct cert path for Fedora.
- Included dependency on ca-certificates
- Cosmetic indentation changes to the .spec file.
* Tue Feb 5 2013 Toshio Kuratomi <toshio@fedoraproject.org> - 1.5-2
- python3-tornado BR and run all unittests on python3
* Mon Feb 04 2013 Toshio Kuratomi <toshio@fedoraproject.org> 1.5-1
- Initial fedora build.

1
sources
View File

@ -1 +0,0 @@
SHA512 (urllib3-1.26.19.tar.gz) = 6b72012dbd85434b2441229cbdea2a94583693f904dde349780e1290d581c8a5e10fe00a287a032ed1276349d0078b530f16a133e0f164dcea18105fa3dec79a