Note: This request syncs the urllib3 package with the released state we have in
      SUSE OpenStack Cloud 9 right now.

- Add CVE-2020-26116-CRLF-injection.patch which raises ValueError
  if method contains control characters and thus prevents CRLF
  injection into URLs (bsc#1177211, bpo#39603, CVE-2020-26116,
  gh#urllib3/urllib3#1800).

• Files Changed
• Browse Source

- Update RECENT_DATE to fix the test suite.

This fixes the last change. Just changing the patch that already changes it
won't work as later patches depend on what needs changing as context.

- Revert change to  recent-date patch.
- Add a sed line to effect the needed change.

• Files Changed
• Browse Source

- Update python-urllib3-recent-date.patch to have RECENT_DATE within
  the needed boundaries for the test suite.

• Files Changed
• Browse Source

- Update urllib3-fix-test-urls.patch. Adjust to match upstream solution.

• Files Changed
• Browse Source

- Add urllib3-fix-test-urls.patch. Fix tests failing on python checks for
  CVE-2019-9740.
- Add urllib3-cve-2020-26137.patch. Don't allow control chars in request
  method. (bsc#1177120, CVE-2020-26137)

• Files Changed
• Browse Source

- Skip test_source_address_error as we raise different error with
  fixes that we provide in new python2/3
- Update python-urllib3-recent-date.patch to have RECENT_DATE within
  the needed boundaries for the test suite.

• Files Changed
• Browse Source

- Add missing dependency on python-six (bsc#1150895)

• Files Changed
• Browse Source

- Add urllib3-disallow-control-chars-in-http-urls.patch (bsc#1132663,
  CVE-2019-11236, bsc#1129071, CVE-2019-9740)
- Add urllib3-cve-2019-11324.patch. Don't load system certs unless
  there were no CA certs or SSLContext object specified manually.
  (bsc#1132900,CVE-2019-11324)

• Files Changed
• Browse Source

osc copypac from project:Cloud:OpenStack:Master package:python-urllib3 revision:2, using expand

• Browse Source