From a5251d7cbd0e45b54a941152e9a249fe32c70ea4 Mon Sep 17 00:00:00 2001
From: WB02254423 <zjl02254423@alibaba-inc.com>
Date: Thu, 25 Sep 2025 01:17:16 -0400
Subject: [PATCH] Add patch to fix CVE-2025-50181

---
 1000-fix-CVE-2025-50181.patch | 48 +++++++++++++++++++++++++++++++++++
 python-pip.spec               |  7 ++++-
 2 files changed, 54 insertions(+), 1 deletion(-)
 create mode 100644 1000-fix-CVE-2025-50181.patch

diff --git a/1000-fix-CVE-2025-50181.patch b/1000-fix-CVE-2025-50181.patch
new file mode 100644
index 0000000..ae5bf1a
--- /dev/null
+++ b/1000-fix-CVE-2025-50181.patch
@@ -0,0 +1,48 @@
+From 8320775c28fc6d54c6f4933d117d4ddfafa55ca0 Mon Sep 17 00:00:00 2001
+From: WB02254423 <zjl02254423@alibaba-inc.com>
+Date: Thu, 25 Sep 2025 01:14:16 -0400
+Subject: [PATCH 1/1] fix CVE-2025-50181
+
+---
+ src/pip/_vendor/urllib3/poolmanager.py | 18 +++++++++++++++++-
+ 1 file changed, 17 insertions(+), 1 deletion(-)
+
+diff --git a/src/pip/_vendor/urllib3/poolmanager.py b/src/pip/_vendor/urllib3/poolmanager.py
+index 14b10da..574b7de 100644
+--- a/src/pip/_vendor/urllib3/poolmanager.py
++++ b/src/pip/_vendor/urllib3/poolmanager.py
+@@ -170,6 +170,22 @@ class PoolManager(RequestMethods):
+ 
+     def __init__(self, num_pools=10, headers=None, **connection_pool_kw):
+         RequestMethods.__init__(self, headers)
++        if "retries" in connection_pool_kw:
++            retries = connection_pool_kw["retries"]
++            if not isinstance(retries, Retry):
++                # When Retry is initialized, raise_on_redirect is based
++                # on a redirect boolean value.
++                # But requests made via a pool manager always set
++                # redirect to False, and raise_on_redirect always ends
++                # up being False consequently.
++                # Here we fix the issue by setting raise_on_redirect to
++                # a value needed by the pool manager without considering
++                # the redirect boolean.
++                raise_on_redirect = retries is not False
++                retries = Retry.from_int(retries, redirect=False)
++                retries.raise_on_redirect = raise_on_redirect
++                connection_pool_kw = connection_pool_kw.copy()
++                connection_pool_kw["retries"] = retries
+         self.connection_pool_kw = connection_pool_kw
+         self.pools = RecentlyUsedContainer(num_pools)
+ 
+@@ -386,7 +402,7 @@ class PoolManager(RequestMethods):
+         if response.status == 303:
+             method = "GET"
+ 
+-        retries = kw.get("retries")
++        retries = kw.get("retries", response.retries)
+         if not isinstance(retries, Retry):
+             retries = Retry.from_int(retries, redirect=redirect)
+ 
+-- 
+2.47.3
+
diff --git a/python-pip.spec b/python-pip.spec
index 7d13c44..c979ed8 100644
--- a/python-pip.spec
+++ b/python-pip.spec
@@ -1,4 +1,4 @@
-%define anolis_release 2
+%define anolis_release 3
 
 %bcond_with tests
 %bcond_with doc
@@ -28,6 +28,8 @@ Patch0001:      0001-remove-existing-dist-only-if-path-conflicts.patch
 Patch0002:      0002-dummy-certifi.patch
 Patch0003:      0003-nowarn-pip._internal.main.patch
 Patch0004:      0004-no-version-warning.patch
+# https://github.com/urllib3/urllib3/commit/f05b1329126d5be6de501f9d1e3e36738bc08857#diff-2fe80b3f580c0daa9f6a97de561c7fcd92fde02afdfaecdc210b6563817e69bb
+Patch1000:      1000-fix-CVE-2025-50181.patch
 
 %global bundled() %{expand:
 Provides: bundled(python%{1}dist(cachecontrol)) = 0.13.1
@@ -231,6 +233,9 @@ pytest_k='not completion'
 %endif
 
 %changelog
+* Thu Sep 25 2025 mgb01105731 <mgb01105731@alibaba-inc.com> - 23.3.1-3
+- Add patch to fix CVE-2025-50181 
+
 * Tue Mar 12 2024 Zhao Hang <wb-zh951434@alibaba-inc.com> - 23.3.1-2
 - Rebuild with python3.11
 
-- 
Gitee