From 34edf578786189ad3d94eccade9b0938ea27def9 Mon Sep 17 00:00:00 2001 From: shixuantong Date: Mon, 1 Dec 2025 10:16:17 +0800 Subject: [PATCH] fix: Add get_connection_with_tls_context() for requests 2.32.2+ (cherry picked from commit 003a3134b6d8d0db72e317d2facaf5b0f1c37045) --- ...ection_with_tls_context-for-requests.patch | 50 +++++++++++++++++++ cloud-init.spec | 9 +++- 2 files changed, 58 insertions(+), 1 deletion(-) create mode 100644 backport-fix-Add-get_connection_with_tls_context-for-requests.patch diff --git a/backport-fix-Add-get_connection_with_tls_context-for-requests.patch b/backport-fix-Add-get_connection_with_tls_context-for-requests.patch new file mode 100644 index 0000000..8166ae9 --- /dev/null +++ b/backport-fix-Add-get_connection_with_tls_context-for-requests.patch @@ -0,0 +1,50 @@ +From 790d2291837de9c68ccc067cb2c88b11c60e69f9 Mon Sep 17 00:00:00 2001 +From: eaglegai <31752768+eaglegai@users.noreply.github.com> +Date: Fri, 28 Jun 2024 01:14:01 +0800 +Subject: [PATCH] fix: Add get_connection_with_tls_context() for requests + 2.32.2+ (#5435) + +get_connection() is deprecated in requests 2.32.2+ so this will +allow for the LXDSocketAdapter to avoid using a deprecated api. + +Fixes GH-5434 + +Signed-off-by: eaglegai +--- + cloudinit/sources/DataSourceLXD.py | 7 +++++++ + tools/.github-cla-signers | 1 + + 2 files changed, 8 insertions(+) + +diff --git a/cloudinit/sources/DataSourceLXD.py b/cloudinit/sources/DataSourceLXD.py +index cd31610..91cf05c 100644 +--- a/cloudinit/sources/DataSourceLXD.py ++++ b/cloudinit/sources/DataSourceLXD.py +@@ -131,6 +131,13 @@ class LXDSocketAdapter(HTTPAdapter): + def get_connection(self, url, proxies=None): + return SocketConnectionPool(LXD_SOCKET_PATH) + ++ # Fix for requests 2.32.2+: ++ # https://github.com/psf/requests/pull/6710 ++ def get_connection_with_tls_context( ++ self, request, verify, proxies=None, cert=None ++ ): ++ return self.get_connection(request.url, proxies) ++ + + def _raw_instance_data_to_dict(metadata_type: str, metadata_value) -> dict: + """Convert raw instance data from str, bytes, YAML to dict +diff --git a/tools/.github-cla-signers b/tools/.github-cla-signers +index dbdb9cf..9d64002 100644 +--- a/tools/.github-cla-signers ++++ b/tools/.github-cla-signers +@@ -45,6 +45,7 @@ dermotbradley + dhalturin + dhensby + Dorthu ++eaglegai + eandersson + eb3095 + ederst +-- +2.27.0 + diff --git a/cloud-init.spec b/cloud-init.spec index c378f0a..99c6f8f 100644 --- a/cloud-init.spec +++ b/cloud-init.spec @@ -1,6 +1,6 @@ Name: cloud-init Version: 23.4.1 -Release: 15 +Release: 16 Summary: the defacto multi-distribution package that handles early initialization of a cloud instance. License: ASL 2.0 or GPLv3 URL: http://launchpad.net/cloud-init @@ -43,6 +43,7 @@ Patch6026: backport-fix-typing-for-rsyslog-power_state_change.patch Patch6027: fix-CVE-2024-6174-1.patch Patch6028: fix-CVE-2024-6174-2.patch Patch6029: backport-CVE-2024-11584.patch +Patch6030: backport-fix-Add-get_connection_with_tls_context-for-requests.patch Patch9000: do-not-generate-dsa.patch @@ -175,6 +176,12 @@ fi %exclude /usr/share/doc/* %changelog +* Mon Dec 01 2025 shixuantong - 23.4.1-16 +- Type:bugfix +- CVE:NA +- SUG:NA +- DESC: fix: Add get_connection_with_tls_context() for requests 2.32.2+ + * Mon Jul 07 2025 shixuantong - 23.4.1-15 - Type:CVE - CVE:CVE-2024-11584 -- Gitee