Overview Repositories Revisions Requests Users Attributes Meta

Revisions of python-onionshare

Ana Guerrero's avatar Ana Guerrero (anag+factory) accepted request 1128355 from Benjamin Greiner's avatar Benjamin Greiner (bnavigator) (revision 16) 
- Fix dependencies
  * Add onionshare-pr1677-fix-werkzeug3.patch
- PEP517: Use pyproject instead of deprecated setup.py
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 1042032 from Dirk Mueller's avatar Dirk Mueller (dirkmueller) (revision 14) 
- update to 2.6:
  * Major feature: a new 'Quickstart' screen, which enables toggling on or
    off an animated automatic connection to Tor. This allows configuring
    network settings prior to automatic connection.
  * Major feature: Censorship circumvention. Use new features in the
    upstream Tor API to try to automatically obtain bridges depending on the
    user's location.
  * New feature: automatically fetch the built-in bridges from the upstream
    Tor API rather than hardcode them in each release of OnionShare.
  * New feature: keyboard shortcuts to access various modes and menus, and
    accessibility hints
  * Bug fix: Temporary Directory for serving the OnionShare web pages was
    broken on Windows
  * Packaging: Packaging is more automated, and Linux Snapcraft releases are
    available for amd64, arm64, and armhf
  * Miscellaneous: Many dependency updates and web page theming improvements
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 992359 from Axel Braun's avatar Axel Braun (DocB) (revision 13) 
- dependency on python3-PySocks added
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 967749 from Axel Braun's avatar Axel Braun (DocB) (revision 11) 
- Additional changes:
  * drop python-stem in favor of python-cepa
  * relax-async-mode.patch added
  * fix-test-cli-web.patch added
  * fix for boo#1194866
  
- Update to version 2.5.0
  * CVE-2022-21696: It was possible to change the username to that
    of another chat participant with an additional space character
    at the end of the name string. 
  * CVE-2022-21695: Authenticated users (or unauthenticated in
    public mode) could send messages without being visible in the
    list of chat participants
  * CVE-2022-21694:
  * CVE-2022-21693: An adversary with a primitive that allows for
    filesystem access from the context of the Onionshare process
    could access sensitive files in the entire user home folder.
  * CVE-2022-21692: anyone with access to the chat environment
    could write messages disguised as another chat participant
  * CVE-2022-21691: chat participants could spoof their channel
    leave message, tricking others into assuming they left the chatroom.
  * CVE-2022-21690: The path parameter of the requested URL was not
    sanitized before being passed to the QT frontend. This path is
    used in all components for displaying the server access history.
  * CVE-2022-21688, CVE-2022-21689: Use microseconds in Receive mode
    directory creation to avoid potential DoS
  * Major feature:
    * Obtain bridges from Moat / BridgeDB
    * Snowflake bridge support
  * New feature:
    * Tor connection settings, as well as general settings,
      are now Tabs rather than dialogs
    * User can customize the Content-Security-Policy header
      in Website mode
    * Built-in bridges are automatically updated from Tor's API
      when the user has chosen to use them
  * Switch to using stem fork called cepa
  * Various bug fixes
- Drop desktop file, upstream already provides one
- Install metainfo file
- Adjust requirements
- Added relax-async-mode.patch
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 924100 from Axel Braun's avatar Axel Braun (DocB) (revision 10) 
- runtime dependency on python-PyNaCl added
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 813550 from Tomáš Chvátal's avatar Tomáš Chvátal (scarabeus_iv) (revision 5) 
- fix for dependency error (see https://build.opensuse.org/request/show/807929 ) 

- %python3_only -> %python_alternative
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 746605 from Tomáš Chvátal's avatar Tomáš Chvátal (scarabeus_iv) (revision 4) 
- Version 2.2
  * fix for desktop icon installation
  * New feature: Website mode, which allows publishing a static HTML website as an onion service
  * Allow individual files to be viewed or downloaded in Share mode, including the ability to browse into subdirectories and use breadcrumbs to navigate back
  * Show a counter when individual files or pages are viewed
  * Better History items including colors and status codes to differentiate between successful and failed requests
  * Swap out the random /slug suffix for HTTP basic authentication (when in non-public mode)
  * Hide the Tor connection settings if the ONIONSHARE_HIDE_TOR_SETTINGS environment variable is set (Tails compatibility)
  * Remove the NoScript XSS warning in Receive Mode now that the NoScript/Tor Browser bug is fixed. The ajax upload method still exists when javascript is enabled.
  * Better support for DragonFly BSD
  * Updated various dependencies, including Flask, Werkzeug, urllib3, requests, and PyQt5
  * Updated Tor to 0.4.1.5
  * Other minor bug fixes
  * New translations:
        Arabic (العربية)
        Dutch (Nederlands)
        Persian (فارسی)
        Romanian (Română)
        Serbian latin (Srpska (latinica))
  * Removed translations with fewer than 90% of strings translated:
        Finnish (Suomi)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 660573 from Axel Braun's avatar Axel Braun (DocB) (revision 1) 
- Version 1.3.2 to fix CVE-2018-19960 (boo#1120205)
- Trim a few redundancies from the descriptions.
- Use full source URLs to verify the integrity
  https://en.opensuse.org/SourceUrls
- Version 1.3.1
  initial build on OBS 
  thanks to scarabeus_iv for the testing part!
Displaying all 20 revisions
openSUSE Build Service is sponsored by
Places