All of lore.kernel.org
 help / color / mirror / Atom feed
* [kirkstone][PATCH] python3-docker: Fix for requests 2.32.0: CVE-2024-35195 backport
@ 2025-04-16 12:58 libo.chen.cn
  2025-04-19 22:50 ` [meta-virtualization] " Bruce Ashfield
  0 siblings, 1 reply; 2+ messages in thread
From: libo.chen.cn @ 2025-04-16 12:58 UTC (permalink / raw)
  To: meta-virtualization; +Cc: christian.ege

From: Christian Ege <christian.ege@ifm.com>

After backporting the CVE-2024-35195 in poky, parts of python3-requests
got updated to 2.32.0 which is incompatible with the current
docker-compose command.

This patch will fix the following error message:

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/bin/docker-compose", line 8, in <module>
    sys.exit(main())
  File "/usr/lib/python3.10/site-packages/compose/cli/main.py", line 81, in main
    command_func()
  File "/usr/lib/python3.10/site-packages/compose/cli/main.py", line 200, in perform_command
    project = project_from_options('.', options)
  File "/usr/lib/python3.10/site-packages/compose/cli/command.py", line 60, in project_from_options
    return get_project(
  File "/usr/lib/python3.10/site-packages/compose/cli/command.py", line 152, in get_project
    client = get_client(
  File "/usr/lib/python3.10/site-packages/compose/cli/docker_client.py", line 41, in get_client
    client = docker_client(
  File "/usr/lib/python3.10/site-packages/compose/cli/docker_client.py", line 170, in docker_client
    client = APIClient(use_ssh_client=not use_paramiko_ssh, **kwargs)
  File "/usr/lib/python3.10/site-packages/docker/api/client.py", line 197, in __init__
    self._version = self._retrieve_server_version()
  File "/usr/lib/python3.10/site-packages/docker/api/client.py", line 221, in _retrieve_server_version
    raise DockerException(
docker.errors.DockerException: Error while fetching server API version: Not supported URL scheme http+docker

Signed-off-by: Christian Ege <christian.ege@ifm.com>

Reference: https://github.com/graugans/meta-virtualization/commit/4149812ca9581a313de27c45a0f2dfa7bd8f53df

Signed-off-by: Libo Chen <libo.chen.cn@windriver.com>
---
 .../0001-hotfix-requests-issue.patch          | 31 +++++++++++++++++++
 .../python/python3-docker_5.0.0.bb            |  4 +++
 2 files changed, 35 insertions(+)
 create mode 100644 recipes-devtools/python/python3-docker/0001-hotfix-requests-issue.patch

diff --git a/recipes-devtools/python/python3-docker/0001-hotfix-requests-issue.patch b/recipes-devtools/python/python3-docker/0001-hotfix-requests-issue.patch
new file mode 100644
index 00000000..70ad8f49
--- /dev/null
+++ b/recipes-devtools/python/python3-docker/0001-hotfix-requests-issue.patch
@@ -0,0 +1,31 @@
+From 2efec099ad80c18136dc38d9dafd1bb868bf4c90 Mon Sep 17 00:00:00 2001
+From: Felix Fontein <felix@fontein.de>
+Date: Mon, 20 May 2024 21:08:25 +0200
+Subject: [PATCH] Add hotfix for requests 2.32.0. (#861)
+
+Upstream-Status: Backport
+[https://github.com/ansible-collections/community.docker/commit/ab8b6662c28a2c7b0473d43fcf0b26adb2877ede]
+
+Signed-off-by: Libo Chen <libo.chen.cn@windriver.com>
+---
+ docker/transport/basehttpadapter.py | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
+diff --git a/docker/transport/basehttpadapter.py b/docker/transport/basehttpadapter.py
+index 4d819b6..3ffe78b 100644
+--- a/docker/transport/basehttpadapter.py
++++ b/docker/transport/basehttpadapter.py
+@@ -6,3 +6,10 @@ class BaseHTTPAdapter(requests.adapters.HTTPAdapter):
+         super(BaseHTTPAdapter, self).close()
+         if hasattr(self, 'pools'):
+             self.pools.clear()
++
++    # Hotfix for requests 2.32.0: its commit
++    # https://github.com/psf/requests/commit/c0813a2d910ea6b4f8438b91d315b8d181302356
++    # changes requests.adapters.HTTPAdapter to no longer call get_connection() from
++    # send(), but instead call _get_connection().
++    def _get_connection(self, request, *args, **kwargs):
++        return self.get_connection(request.url, kwargs.get('proxies'))
+-- 
+2.35.5
+
diff --git a/recipes-devtools/python/python3-docker_5.0.0.bb b/recipes-devtools/python/python3-docker_5.0.0.bb
index 44d65b05..3ad359c3 100644
--- a/recipes-devtools/python/python3-docker_5.0.0.bb
+++ b/recipes-devtools/python/python3-docker_5.0.0.bb
@@ -3,6 +3,10 @@ HOMEPAGE = "https://github.com/docker/docker-py"
 LICENSE = "Apache-2.0"
 LIC_FILES_CHKSUM = "file://LICENSE;md5=34f3846f940453127309b920eeb89660"
 
+SRC_URI:append = " \
+                file://0001-hotfix-requests-issue.patch \
+"
+
 SRC_URI[md5sum] = "9cc5156a2ff6458a8f52114b9bbc0d7e"
 SRC_URI[sha256sum] = "3e8bc47534e0ca9331d72c32f2881bb13b93ded0bcdeab3c833fb7cf61c0a9a5"
 
-- 
2.34.1



^ permalink raw reply related	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2025-04-19 22:50 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-04-16 12:58 [kirkstone][PATCH] python3-docker: Fix for requests 2.32.0: CVE-2024-35195 backport libo.chen.cn
2025-04-19 22:50 ` [meta-virtualization] " Bruce Ashfield

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.