Hello community, here is the log from the commit of package python-sleekxmpp for openSUSE:Factory checked in at 2017-05-27 13:19:30 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python-sleekxmpp (Old) and /work/SRC/openSUSE:Factory/.python-sleekxmpp.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-sleekxmpp" Sat May 27 13:19:30 2017 rev:4 rq:498499 version:1.3.2 Changes: -------- --- /work/SRC/openSUSE:Factory/python-sleekxmpp/python-sleekxmpp.changes 2017-03-24 02:08:32.339415154 +0100 +++ /work/SRC/openSUSE:Factory/.python-sleekxmpp.new/python-sleekxmpp.changes 2017-05-27 13:20:44.095402642 +0200 @@ -1,0 +2,14 @@ +Tue May 2 21:42:12 UTC 2017 - sor.ale...@meowr.ru + +- Update to version 1.3.2: + * Fix an issue with carbons (CVE-2017-5589, bsc#1024690). +- Remove sleekxmpp-fix-carbons.patch. +- Update for the multipython build. +- Add sleekxmpp-fix-dnspython.patch: fix compatibility with recent + dnspython. +- Add sleekxmpp-fix-legacyauth.patch by nyov: Fix an error in + legacyauth support. +- Add sleekxmpp-better-tls.patch: Use ssl.get_protocol_name() to + find out which TLS version is in use (commit 6ebcf6b). + +------------------------------------------------------------------- Old: ---- sleekxmpp-1.3.1.tar.gz sleekxmpp-fix-carbons.patch New: ---- sleekxmpp-1.3.2.tar.gz sleekxmpp-better-tls.patch sleekxmpp-fix-dnspython.patch sleekxmpp-fix-legacyauth.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-sleekxmpp.spec ++++++ --- /var/tmp/diff_new_pack.BggNXy/_old 2017-05-27 13:20:44.943282776 +0200 +++ /var/tmp/diff_new_pack.BggNXy/_new 2017-05-27 13:20:44.947282211 +0200 @@ -16,22 +16,29 @@ # +%{?!python_module:%define python_module() python-%{**} python3-%{**}} %define _name sleekxmpp Name: python-sleekxmpp -Version: 1.3.1 +Version: 1.3.2 Release: 0 Summary: Python XMPP (Jabber) Library that Implements Everything as a Plugin License: MIT Group: Development/Languages/Python Url: https://github.com/fritzy/SleekXMPP Source: https://files.pythonhosted.org/packages/source/s/%{_name}/%{_name}-%{version}.tar.gz +# PATCH-FIX-OPENSUSE sleekxmpp-fix-dnspython.patch sor.ale...@meowr.ru -- Fix compatibility with recent dnspython. +Patch0: %{_name}-fix-dnspython.patch +# PATCH-FIX-OPENSUSE sleekxmpp-fix-legacyauth.patch n...@nexnode.net -- Fix an error in legacyauth support. +Patch1: %{_name}-fix-legacyauth.patch # PATCH-FIX-OPENSUSE sleekxmpp-check-roster-push-origin.patch bsc#1014976 mathi...@mathieui.net -- Check origin of roster pushes (slixmpp commits ffdb6ff, ffd9436). -Patch0: %{_name}-check-roster-push-origin.patch -# PATCH-FIX-OPENSUSE sleekxmpp-fix-carbons.patch bsc#1024690 mathi...@mathieui.net -- Fix an issue with carbons (slixmpp commit 22664ee). -Patch1: %{_name}-fix-carbons.patch -BuildRequires: python -BuildRequires: python-dnspython -BuildRequires: python-xml +Patch2: %{_name}-check-roster-push-origin.patch +# PATCH-FIX-OPENSUSE sleekxmpp-better-tls.patch -- Use ssl.get_protocol_name() to find out which TLS version is in use (commit 6ebcf6b). +Patch3: %{_name}-better-tls.patch +BuildRequires: %{python_module devel} +BuildRequires: %{python_module dnspython} +BuildRequires: %{python_module xml} +BuildRequires: fdupes +BuildRequires: python-rpm-macros Requires: python-dnspython BuildArch: noarch @@ -41,22 +48,26 @@ (XMPP Extended Protocol) coverage. Ideally the community will be able to use this for bots, easy XEP protocoling, etc. +%python_subpackages + %prep %setup -q -n %{_name}-%{version} %patch0 -p1 %patch1 -p1 +%patch2 -p1 +%patch3 -p1 %build -python2 setup.py build +%python_build %install -python2 setup.py install \ - --root=%{buildroot} --prefix=%{_prefix} +%python_install +%python_expand %fdupes -s %{buildroot}%{$python_sitelib}/ -%files +%files %{python_files} %defattr(-,root,root) %doc LICENSE README.rst %{python_sitelib}/%{_name}/ -%{python_sitelib}/%{_name}-* +%{python_sitelib}/%{_name}-%{version}-py%{python_version}.egg-info %changelog ++++++ sleekxmpp-1.3.1.tar.gz -> sleekxmpp-1.3.2.tar.gz ++++++ ++++ 7267 lines of diff (skipped) ++++++ sleekxmpp-better-tls.patch ++++++ --- a/sleekxmpp/xmlstream/xmlstream.py +++ b/sleekxmpp/xmlstream/xmlstream.py @@ -839,8 +839,10 @@ class XMLStream(object): to be restarted. """ log.info("Negotiating TLS") - ssl_versions = {3: 'TLS 1.0', 1: 'SSL 3', 2: 'SSL 2/3'} - log.info("Using SSL version: %s", ssl_versions[self.ssl_version]) + log.info( + "Using SSL version: %s", + ssl.get_protocol_name(self.ssl_version).replace('PROTOCOL_', '', 1) + ) if self.ca_certs is None: cert_policy = ssl.CERT_NONE else: ++++++ sleekxmpp-fix-dnspython.patch ++++++ --- a/sleekxmpp/xmlstream/resolver.py +++ b/sleekxmpp/xmlstream/resolver.py @@ -175,6 +175,9 @@ def get_A(host, resolver=None, use_dnspy """ log.debug("DNS: Querying %s for A records." % host) + if isinstance(host, bytes): + host = host.decode("utf-8") + # If not using dnspython, attempt lookup using the OS level # getaddrinfo() method. if resolver is None or not use_dnspython: @@ -189,7 +192,10 @@ def get_A(host, resolver=None, use_dnspy # Using dnspython: try: recs = resolver.query(host, dns.rdatatype.A) - return [rec.to_text() for rec in recs] + if isinstance(recs[0].to_text(), bytes): + return [rec.to_text().decode("utf-8") for rec in recs] + else: + return [rec.to_text() for rec in recs] except (dns.resolver.NXDOMAIN, dns.resolver.NoAnswer): log.debug("DNS: No A records for %s" % host) return [] @@ -222,6 +228,9 @@ def get_AAAA(host, resolver=None, use_dn """ log.debug("DNS: Querying %s for AAAA records." % host) + if isinstance(host, bytes): + host = host.decode("utf-8") + # If not using dnspython, attempt lookup using the OS level # getaddrinfo() method. if resolver is None or not use_dnspython: @@ -240,7 +249,10 @@ def get_AAAA(host, resolver=None, use_dn # Using dnspython: try: recs = resolver.query(host, dns.rdatatype.AAAA) - return [rec.to_text() for rec in recs] + if isinstance(recs[0].to_text(), bytes): + return [rec.to_text().decode("utf-8") for rec in recs] + else: + return [rec.to_text() for rec in recs] except (dns.resolver.NXDOMAIN, dns.resolver.NoAnswer): log.debug("DNS: No AAAA records for %s" % host) return [] @@ -324,6 +336,8 @@ def get_SRV(host, port, service, proto=' if running_sum >= selected: rec = sums[running_sum] host = rec.target.to_text() + if isinstance(host, bytes): + host = host.decode("utf-8") if host.endswith('.'): host = host[:-1] sorted_recs.append((host, rec.port)) ++++++ sleekxmpp-fix-legacyauth.patch ++++++ --- a/sleekxmpp/plugins/xep_0078/legacyauth.py +++ b/sleekxmpp/plugins/xep_0078/legacyauth.py @@ -112,7 +112,7 @@ class XEP_0078(BasePlugin): stream_id = bytes(self.xmpp.stream_id, encoding='utf-8') password = bytes(self.xmpp.password, encoding='utf-8') - digest = hashlib.sha1(b'%s%s' % (stream_id, password)).hexdigest() + digest = hashlib.sha1('%s%s' % (stream_id, password)).hexdigest() iq['auth']['digest'] = digest else: log.warning('Authenticating via jabber:iq:auth Plain.')