From 14e00946ceae87796f281ee307c4552e1040b125 Mon Sep 17 00:00:00 2001
From: starlet-dx <15929766099@163.com>
Date: Mon, 1 Sep 2025 10:52:43 +0800
Subject: [PATCH] Fix CVE-2025-58068

---
 CVE-2025-58068.patch | 40 ++++++++++++++++++++++++++++++++++++++++
 python-eventlet.spec |  8 ++++++--
 2 files changed, 46 insertions(+), 2 deletions(-)
 create mode 100644 CVE-2025-58068.patch

diff --git a/CVE-2025-58068.patch b/CVE-2025-58068.patch
new file mode 100644
index 0000000..21ec0b8
--- /dev/null
+++ b/CVE-2025-58068.patch
@@ -0,0 +1,40 @@
+From 0bfebd1117d392559e25b4bfbfcc941754de88fb Mon Sep 17 00:00:00 2001
+From: sebsrt <s@sebsrt.xyz>
+Date: Mon, 11 Aug 2025 11:46:28 +0200
+Subject: [PATCH] [SECURITY] Fix request smuggling vulnerability by discarding
+ trailers (#1062)
+
+The WSGI parser is vulnerable to a request smuggling vulnerability due to not parsing trailer sections of an HTTP request. This patch fix that by discarding trailers.
+
+Origin:
+https://github.com/eventlet/eventlet/commit/0bfebd1117d392559e25b4bfbfcc941754de88fb
+---
+ eventlet/wsgi.py | 8 +++++++-
+ 1 file changed, 7 insertions(+), 1 deletion(-)
+
+diff --git a/eventlet/wsgi.py b/eventlet/wsgi.py
+index 92d031797..b6b4d0ce8 100644
+--- a/eventlet/wsgi.py
++++ b/eventlet/wsgi.py
+@@ -152,6 +152,12 @@ def _do_read(self, reader, length=None):
+             read = b''
+         self.position += len(read)
+         return read
++    
++    def _discard_trailers(self, rfile):
++        while True:
++            line = rfile.readline()
++            if not line or line in (b'\r\n', b'\n', b''):
++                break
+ 
+     def _chunked_read(self, rfile, length=None, use_readline=False):
+         if self.should_send_hundred_continue:
+@@ -202,7 +208,7 @@ def _chunked_read(self, rfile, length=None, use_readline=False):
+                         raise ChunkReadError(err)
+                     self.position = 0
+                     if self.chunk_length == 0:
+-                        rfile.readline()
++                        self._discard_trailers(rfile)
+         except greenio.SSL.ZeroReturnError:
+             pass
+         return b''.join(response)
diff --git a/python-eventlet.spec b/python-eventlet.spec
index f9305cb..ddcff23 100644
--- a/python-eventlet.spec
+++ b/python-eventlet.spec
@@ -1,11 +1,12 @@
 %global _empty_manifest_terminate_build 0
 Name:           python-eventlet
 Version:        0.39.1
-Release:        1
+Release:        2
 Summary:        Highly concurrent networking library
 License:        MIT
 URL:            http://eventlet.net
 Source0:        https://files.pythonhosted.org/packages/source/e/eventlet/eventlet-%{version}.tar.gz
+Patch0:         CVE-2025-58068.patch
 BuildArch:      noarch
 %description
 Eventlet is a concurrent networking library for Python that allows you to change how you run your code, not how you write it.
@@ -39,7 +40,7 @@ Provides:       python3-eventlet-doc
 Eventlet is a concurrent networking library for Python that allows you to change how you run your code, not how you write it.
 
 %prep
-%autosetup -n eventlet-%{version}
+%autosetup -n eventlet-%{version} -p1
 
 %build
 %pyproject_build
@@ -62,6 +63,9 @@ if [ -d examples ]; then cp -arf examples %{buildroot}/%{_pkgdocdir}; fi
 %{_docdir}/*
 
 %changelog
+* Mon Sep 01 2025 yaoxin <1024769339@qq.com> - 0.39.1-2
+- Fix CVE-2025-58068
+
 * Tue Mar 11 2025 sqfu <dev01203@linx-info.com> - 0.39.1-1
 - update to 0.39.1
 - Fix:Make LightQueue and derivatives subscriptable
-- 
Gitee