From a01bfa7deed1d556fc75ab5588517442054bc5a9 Mon Sep 17 00:00:00 2001 From: Léo Le Bouter Date: Tue, 16 Mar 2021 08:56:51 +0100 Subject: gnu: python-urllib3: Update to 1.26.4 [fixes CVE-2021-28363]. * gnu/packages/python-web.scm (python-urllib3/fixed): New variable. (python-urllib3)[replacement]: Graft. --- gnu/packages/python-web.scm | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'gnu/packages/python-web.scm') diff --git a/gnu/packages/python-web.scm b/gnu/packages/python-web.scm index e327b3b030..fe79537a63 100644 --- a/gnu/packages/python-web.scm +++ b/gnu/packages/python-web.scm @@ -2726,6 +2726,7 @@ authenticated session objects providing things like keep-alive.") (sha256 (base32 "024yldjwjavps39yb77sc422z8fa9bn20wcqrcncjwrqjab8y60r")))) + (replacement python-urllib3/fixed) (build-system python-build-system) (arguments `(#:tests? #f)) (propagated-inputs @@ -2744,6 +2745,17 @@ supports url redirection and retries, and also gzip and deflate decoding.") (properties `((python2-variant . ,(delay python2-urllib3)))) (license license:expat))) +(define python-urllib3/fixed + (package/inherit python-urllib3 + (version "1.26.4") + (source + (origin + (method url-fetch) + (uri (pypi-uri "urllib3" version)) + (sha256 + (base32 + "0dw9w9bs3hmr5dp3r3h43jyzzb1g1046ag7lj8pqf58i4kvj3c77")))))) + ;; Some software requires an older version of urllib3, notably Docker. (define-public python-urllib3-1.24 (package (inherit python-urllib3) -- cgit v1.2.3