[Bug] python3-requests-2.25.1-1.amzn2023.0.4.noarch breaks Ansible's Docker collection

[jafd]

Describe the bug python3-requests as exists in Amazon Linux 2023.6.20250128 breaks the version of Ansible it ships with.

To Reproduce

1. dnf install docker ansible
2. Create any playbook using the Docker collection, for example:

- hosts: localhost
  tasks:
   - name: pull an image
     docker_image:
       name: nginx
       source: pull

3. Run ansible-playbook on this playbook

Expected behavior The playbook succeeds and pulls the image

Actual behavior The playbook fails with

    "msg": "Error connecting: Invalid response from docker daemon: key \"ApiVersion\" is missing."

Additional context The issue is described over here. The upstream has debugged it many moons ago, described it in this issue, pinpointed this commit in requests as the cause and produced a hotfix in this pull request. In any case, the hotfix is from May 2024, and there have been more releases of the community.docker collection.

I can see that while Amazon Linux 2023 doesn't ship requests 2.32, it does contain the changes from that commit as a backport. I'm not sure when exactly these have been backported, but I'm well sure my Ansible playbooks stopped running with this week's release.

[zcobol]

The issue was backported in the CVE-2024-35195.patch that solves the potentially reuse a connection where TLS had not been verified by adding the _get_connection() which breaks the Docker SDK for Python, see https://github.com/docker/docker-py/pull/3257

If python3-requests-2.25.1-1.amzn2023.0.4.noarch is being rebuild without the CVE patch then ansible-playbook works again. Another workaround is to run pip3 install requests==2.31.0 until a permanent fix will be provided.