BUG#36611371: Update dnspython required versions to allow latest 2.6.1

oscpache · oscpache · commit 4ba112aacf23 · 2024-05-22T08:02:19.000-06:00
`dnspython` versions older than 2.6.1 are hit by the vulnerability `NVD CVE-2023-29483`. Installation-related files have been updated as part of `WL#16350: Update dnspython version`. This fix expands such a patch by updating the `dnspython` package version for testing-related and documentation-related files. We thank Mike Perone for his contribution and for bringing this to our attention. Change-Id: Icc08cc178709d88ce472b3dcfaf62867e650eb0c
diff --git a/CHANGES.txt b/CHANGES.txt
@@ -14,6 +14,7 @@ v9.0.0
 - WL#16350: Update dnspython version
 - WL#16318: Deprecate Cursors Prepared Raw and Named Tuple
 - WL#16283: Remove OpenTelemetry Bundled Installation
+- BUG#36611371: Update dnspython required versions to allow latest 2.6.1
 - BUG#36476195: Incorrect escaping in pure Python mode if sql_mode includes NO_BACKSLASH_ESCAPES
 - BUG#36289767: MySQLCursorBufferedRaw does not skip conversion
 
diff --git a/mysql-connector-python/tests/requirements.txt b/mysql-connector-python/tests/requirements.txt
@@ -1,2 +1,2 @@
-dnspython>=1.16.0,<=2.3.0
+dnspython==2.6.1
 gssapi>=1.6.9,<=1.8.2
diff --git a/mysqlx-connector-python/docs/mysqlx/requirements.rst b/mysqlx-connector-python/docs/mysqlx/requirements.rst
@@ -5,6 +5,6 @@ Requirements
 * Python >= 3.8
 * Protobuf C++ (version >= 4.21.1, <= 4.21.12)
 * Python Protobuf (version >= 4.21.1, <= 4.21.12)
-* dnspython (version >= 1.16.0, <= 2.3.0) for DNS SRV support
+* dnspython (version == 2.6.1) for DNS SRV support
 * lz4 (version >= 2.1.6, <= 4.3.2) for connection compression support
 * zstandard (version >= 0.12.0, <= 0.19.0) for connection compression support
diff --git a/mysqlx-connector-python/tests/requirements.txt b/mysqlx-connector-python/tests/requirements.txt
@@ -1,5 +1,5 @@
 protobuf>=4.21.1,<=4.21.12
-dnspython>=1.16.0,<=2.3.0
+dnspython==2.6.1
 lz4>=2.1.6,<=4.3.2
 zstandard>=0.12.0,<=0.19.0
 

Original file line number	Diff line number	Diff line change
`@@ -1,2 +1,2 @@`
`1`		`-dnspython>=1.16.0,<=2.3.0`
	`1`	`+dnspython==2.6.1`
`2`	`2`	`gssapi>=1.6.9,<=1.8.2`