From 1a2e28014f9720dcc97bbe21fb40c9f772a50396 Mon Sep 17 00:00:00 2001
From: Azure Linux Security Servicing Account
 <azurelinux-security@microsoft.com>
Date: Sun, 29 Mar 2026 17:00:22 +0000
Subject: [PATCH] Patch python-requests for CVE-2026-25645

---
 SPECS/python-requests/CVE-2026-25645.patch | 38 ++++++++++++++++++++++
 SPECS/python-requests/python-requests.spec |  6 +++-
 2 files changed, 43 insertions(+), 1 deletion(-)
 create mode 100644 SPECS/python-requests/CVE-2026-25645.patch

diff --git a/SPECS/python-requests/CVE-2026-25645.patch b/SPECS/python-requests/CVE-2026-25645.patch
new file mode 100644
index 00000000000..7818f4b4bb2
--- /dev/null
+++ b/SPECS/python-requests/CVE-2026-25645.patch
@@ -0,0 +1,38 @@
+From 7d89bfc6c07cb594bd31ab71f2de622694fe2e66 Mon Sep 17 00:00:00 2001
+From: Nate Prewitt <nate.prewitt@gmail.com>
+Date: Wed, 25 Mar 2026 08:57:56 -0600
+Subject: [PATCH] Merge commit from fork
+
+Signed-off-by: Azure Linux Security Servicing Account <azurelinux-security@microsoft.com>
+Upstream-reference: https://github.com/psf/requests/commit/66d21cb07bd6255b1280291c4fafb71803cdb3b7.patch
+---
+ requests/utils.py | 13 +++++++------
+ 1 file changed, 7 insertions(+), 6 deletions(-)
+
+diff --git a/requests/utils.py b/requests/utils.py
+index 502c7bc..e0fcdbc 100644
+--- a/requests/utils.py
++++ b/requests/utils.py
+@@ -282,12 +282,13 @@ def extract_zipped_paths(path):
+         return path
+ 
+     # we have a valid zip archive and a valid member of that archive
+-    tmp = tempfile.gettempdir()
+-    extracted_path = os.path.join(tmp, member.split("/")[-1])
+-    if not os.path.exists(extracted_path):
+-        # use read + write to avoid the creating nested folders, we only want the file, avoids mkdir racing condition
+-        with atomic_open(extracted_path) as file_handler:
+-            file_handler.write(zip_file.read(member))
++    suffix = os.path.splitext(member.split("/")[-1])[-1]
++    fd, extracted_path = tempfile.mkstemp(suffix=suffix)
++    try:
++        os.write(fd, zip_file.read(member))
++    finally:
++        os.close(fd)
++
+     return extracted_path
+ 
+ 
+-- 
+2.45.4
+
diff --git a/SPECS/python-requests/python-requests.spec b/SPECS/python-requests/python-requests.spec
index 1785d49ce1f..d0c424d6b9f 100644
--- a/SPECS/python-requests/python-requests.spec
+++ b/SPECS/python-requests/python-requests.spec
@@ -1,7 +1,7 @@
 Summary:        Awesome Python HTTP Library That's Actually Usable
 Name:           python-requests
 Version:        2.31.0
-Release:        3%{?dist}
+Release:        4%{?dist}
 License:        ASL 2.0
 Vendor:         Microsoft Corporation
 Distribution:   Azure Linux
@@ -10,6 +10,7 @@ URL:            http://python-requests.org
 Source0:        https://github.com/requests/requests/archive/v%{version}/requests-v%{version}.tar.gz#/requests-%{version}.tar.gz
 Patch0:         CVE-2024-35195.patch
 Patch1:         CVE-2024-47081.patch
+Patch2:         CVE-2026-25645.patch
 BuildArch:      noarch
 
 %description
@@ -73,6 +74,9 @@ LANG=en_US.UTF-8 tox -e py%{python3_version_nodots}
 %{python3_sitelib}/*
 
 %changelog
+* Sun Mar 29 2026 Azure Linux Security Servicing Account <azurelinux-security@microsoft.com> - 2.31.0-4
+- Patch for CVE-2026-25645
+
 * Tue Jun 17 2025 Jyoti Kanase <v-jykanase@microsoft.com> - 2.31.0-3
 - Add patch for CVE-2024-47081