Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package python-bugzilla for openSUSE:Factory
checked in at 2023-09-26 22:00:30
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-bugzilla (Old)
and /work/SRC/openSUSE:Factory/.python-bugzilla.new.1770 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-bugzilla"
Tue Sep 26 22:00:30 2023 rev:33 rq:1113660 version:3.2.0
Changes:
--------
--- /work/SRC/openSUSE:Factory/python-bugzilla/python-bugzilla.changes
2022-12-23 10:20:50.863256130 +0100
+++
/work/SRC/openSUSE:Factory/.python-bugzilla.new.1770/python-bugzilla.changes
2023-09-26 22:08:46.307790800 +0200
@@ -1,0 +2,7 @@
+Mon Sep 25 14:57:10 UTC 2023 - Julio González Gil <[email protected]>
+
+- Fix API Key leak (bsc#1215718)
+- Add:
+ * 188-fix-api-key-leak.diff
+
+-------------------------------------------------------------------
New:
----
188-fix-api-key-leak.diff
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ python-bugzilla.spec ++++++
--- /var/tmp/diff_new_pack.KYNQJ2/_old 2023-09-26 22:08:47.863846989 +0200
+++ /var/tmp/diff_new_pack.KYNQJ2/_new 2023-09-26 22:08:47.863846989 +0200
@@ -1,7 +1,7 @@
#
# spec file for package python-bugzilla
#
-# Copyright (c) 2022 SUSE LLC
+# Copyright (c) 2023 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -29,6 +29,9 @@
# PATCH-FIX-UPSTREAM 106-basic-auth.diff bsc#1098219 [email protected]
# Fix basic authentication on bugzilla.suse.com
Patch0: 106-basic-auth.diff
+# PATCH-FIX-UPSTREAM pending
https://github.com/python-bugzilla/python-bugzilla/pull/188
+# Fix API Key leak
+Patch1: 188-fix-api-key-leak.diff
BuildRequires: %{python_module pytest}
BuildRequires: %{python_module requests}
BuildRequires: %{python_module setuptools}
++++++ 188-fix-api-key-leak.diff ++++++
--- a/bugzilla/_session.py 2021-10-05 22:49:16.000000000 +0200
+++ b/bugzilla/_session.py 2023-09-25 17:22:39.763856790 +0200
@@ -97,14 +97,14 @@
if "timeout" not in kwargs:
kwargs["timeout"] = timeout
- response = self._session.request(*args, **kwargs)
+ try:
+ response = self._session.request(*args, **kwargs)
- if self._is_xmlrpc:
- # Yes this still appears to matter for properly decoding unicode
- # code points in bugzilla.redhat.com content
- response.encoding = "UTF-8"
+ if self._is_xmlrpc:
+ # Yes this still appears to matter for properly decoding
unicode
+ # code points in bugzilla.redhat.com content
+ response.encoding = "UTF-8"
- try:
response.raise_for_status()
except Exception as e:
# Scrape the api key out of the returned exception string
