From 12821d43ad8224dc4e2f9a113d92aa1ffa57ef39 Mon Sep 17 00:00:00 2001
From: Orion Poplawski <orion@nwra.com>
Date: Oct 08 2019 01:00:36 +0000
Subject: Update to 0.13.3 - CVE-2019-14853 (bugz #1758704)


---

diff --git a/.gitignore b/.gitignore
index a7c1433..19a46fd 100644
--- a/.gitignore
+++ b/.gitignore
@@ -2,3 +2,4 @@
 /ecdsa-0.11-clean.tar.gz
 /ecdsa-0.13.tar.gz
 /ecdsa-0.13.2.tar.gz
+/ecdsa-0.13.3.tar.gz
diff --git a/python-ecdsa-noweak.patch b/python-ecdsa-noweak.patch
index 0584596..96437f9 100644
--- a/python-ecdsa-noweak.patch
+++ b/python-ecdsa-noweak.patch
@@ -1,16 +1,16 @@
-diff -up ecdsa-0.13/ecdsa/test_pyecdsa.py.noweak ecdsa-0.13/ecdsa/test_pyecdsa.py
---- ecdsa-0.13/ecdsa/test_pyecdsa.py.noweak	2015-02-07 11:16:22.000000000 -0700
-+++ ecdsa-0.13/ecdsa/test_pyecdsa.py	2015-12-14 09:56:23.085656270 -0700
-@@ -8,7 +8,7 @@ import subprocess
+diff -up ecdsa-0.13.3/ecdsa/test_pyecdsa.py.noweak ecdsa-0.13.3/ecdsa/test_pyecdsa.py
+--- ecdsa-0.13.3/ecdsa/test_pyecdsa.py.noweak	2019-10-07 07:51:57.000000000 -0600
++++ ecdsa-0.13.3/ecdsa/test_pyecdsa.py	2019-10-07 18:59:06.650945741 -0600
+@@ -11,7 +11,7 @@ import subprocess
  from binascii import hexlify, unhexlify
  from hashlib import sha1, sha256, sha512
  
 -from .six import b, print_, binary_type
 +from six import b, print_, binary_type
  from .keys import SigningKey, VerifyingKey
- from .keys import BadSignatureError
+ from .keys import BadSignatureError, MalformedPointError, BadDigestError
  from . import util
-@@ -331,10 +331,6 @@ class OpenSSL(unittest.TestCase):
+@@ -500,10 +500,6 @@ class OpenSSL(unittest.TestCase):
      # vk: 3:OpenSSL->python  4:python->OpenSSL
      # sig: 5:OpenSSL->python 6:python->OpenSSL
  
@@ -21,7 +21,7 @@ diff -up ecdsa-0.13/ecdsa/test_pyecdsa.py.noweak ecdsa-0.13/ecdsa/test_pyecdsa.p
      def test_from_openssl_nist256p(self):
          return self.do_test_from_openssl(NIST256p)
      def test_from_openssl_nist384p(self):
-@@ -370,10 +366,6 @@ class OpenSSL(unittest.TestCase):
+@@ -539,10 +535,6 @@ class OpenSSL(unittest.TestCase):
          sig = sk.sign(data)
          self.assertTrue(vk.verify(sig, data))
  
diff --git a/python-ecdsa.spec b/python-ecdsa.spec
index d5c3626..22223e6 100644
--- a/python-ecdsa.spec
+++ b/python-ecdsa.spec
@@ -1,8 +1,8 @@
 %global srcname ecdsa
 
 Name:           python-%{srcname}
-Version:        0.13.2
-Release:        4%{?dist}
+Version:        0.13.3
+Release:        1%{?dist}
 Summary:        ECDSA cryptographic signature library
 
 License:        MIT
@@ -104,6 +104,9 @@ rm ecdsa/six.py
 
 
 %changelog
+* Mon Oct  7 2019 Orion Poplawski <orion@nwra.com> - 0.13.3-1
+- Update to 0.13.3 - CVE-2019-14853 (bugz #1758704)
+
 * Thu Oct 03 2019 Miro Hrončok <mhroncok@redhat.com> - 0.13.2-4
 - Rebuilt for Python 3.8.0rc1 (#1748018)
 
diff --git a/sources b/sources
index d05a9b7..71ec20e 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (ecdsa-0.13.2.tar.gz) = 2b485d85a3cd48b2b9155eb36df8721a4bc76f1152a544970f535c056ddd944d72951e76b2cf5cbfe45277c2a156f2fb15f3b62c2b0fcc9a251962dec2a0f9de
+SHA512 (ecdsa-0.13.3.tar.gz) = 621d36dcbdc0338b5e595e73337f62de0cc69febcabae40a6ba9292f2466f5d8818346d9d29d0b1c479ad4400fa57bdc52a7b264a475f8abed4c4a1161902b58