Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package python-httpx for openSUSE:Factory checked in at 2022-05-04 15:10:24 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python-httpx (Old) and /work/SRC/openSUSE:Factory/.python-httpx.new.1538 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-httpx" Wed May 4 15:10:24 2022 rev:5 rq:974250 version:0.22.0 Changes: -------- --- /work/SRC/openSUSE:Factory/python-httpx/python-httpx.changes 2022-02-14 22:35:56.477377747 +0100 +++ /work/SRC/openSUSE:Factory/.python-httpx.new.1538/python-httpx.changes 2022-05-04 15:10:35.484130765 +0200 @@ -1,0 +2,6 @@ +Mon May 2 03:01:52 UTC 2022 - Steve Kowalik <[email protected]> + +- Add patch CVE-2021-41945-copy_with-data-leak.patch: + * Do not leak data in httpx.URL.copy_with (bsc#1199002, CVE-2021-41945) + +------------------------------------------------------------------- New: ---- CVE-2021-41945-copy_with-data-leak.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-httpx.spec ++++++ --- /var/tmp/diff_new_pack.tQnwtT/_old 2022-05-04 15:10:36.044131453 +0200 +++ /var/tmp/diff_new_pack.tQnwtT/_new 2022-05-04 15:10:36.048131458 +0200 @@ -33,6 +33,10 @@ License: BSD-3-Clause URL: https://github.com/encode/httpx Source: https://github.com/encode/httpx/archive/%{version}.tar.gz#/httpx-%{version}.tar.gz +# PATCH-FIX-UPSTREAM CVE-2021-41945 gh#encode/httpx#2084 including changes +# from gh#encode/httpx#2185 +# Don't leak data in httpx.URL.copy_with +Patch0: CVE-2021-41945-copy_with-data-leak.patch BuildRequires: %{python_module setuptools} BuildRequires: fdupes BuildRequires: python-rpm-macros @@ -81,7 +85,7 @@ Python HTTP client with async support. %prep -%setup -q -n httpx-%{version} +%autosetup -p1 -n httpx-%{version} rm setup.cfg %build ++++++ CVE-2021-41945-copy_with-data-leak.patch ++++++ ++++ 1671 lines (skipped)
