python-sqlparse
No description set
- Developed at devel:languages:python
- Sources inherited from project openSUSE:Factory
-
8
derived packages
- Download package
-
Checkout Package
osc -A https://api.opensuse.org checkout openSUSE:Factory:PowerPC/python-sqlparse && cd $_
- Create Badge
Refresh
Refresh
Source Files
Filename | Size | Changed |
---|---|---|
python-sqlparse.changes | 0000010252 10 KB | |
python-sqlparse.spec | 0000002143 2.09 KB | |
sqlparse-0.4.4.tar.gz | 0000072383 70.7 KB |
Revision 15 (latest revision is 18)
Dominique Leuenberger (dimstar_suse)
accepted
request 1089053
from
Matej Cepl (mcepl)
(revision 15)
- Update to 0.4.4: * IMPORTANT: This release fixes a security vulnerability in the parser where a regular expression vulnerable to ReDOS (Regular Expression Denial of Service) was used. See the security advisory for details (CVE-2023-30608, bsc#1210617, https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2) The vulnerability was discovered by @erik-krogh from GitHub Security Lab (GHSL). Thanks for reporting! * Revert a change from 0.4.0 that changed IN to be a comparison (issue694). The primary expectation is that IN is treated as a keyword and not as a comparison operator. That also follows the definition of reserved keywords for the major SQL syntax definitions. * Fix regular expressions for string parsing. * sqlparse now uses pyproject.toml instead of setup.cfg (issue685).
Comments 0