Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
systemsmanagement:Uyuni:Master:SLE12-Uyuni-Client-Tools
python-tornado
python-tornado.changes
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File python-tornado.changes of Package python-tornado
------------------------------------------------------------------- Mon May 29 14:55:51 UTC 2023 - Cliff Zhao <qzhao@suse.com> - Add tornado-Fix-an-open-redirect-in-StaticFileHandler.patch: Backport from upstream, Fix an open redirect in StaticFileHandler. Under some configurations the default_filename redirect could be exploited to redirect to an attacker-controlled site. This change refuses to redirect to URLs that could be misinterpreted (CVE-2023-28370 bsc#1211741). ------------------------------------------------------------------- Thu Dec 21 14:36:20 UTC 2017 - mihai.dinca@suse.com - build python3 subpackage (FATE#324435, bsc#1073879) ------------------------------------------------------------------- Fri Apr 8 15:10:02 CEST 2016 - lchiquitto@suse.de - Submit to SLE-12 (fate#320738, bsc#974657). ------------------------------------------------------------------- Thu Apr 7 13:42:55 CEST 2016 - lchiquitto@suse.de - use %suse_version >= 1315 to check if we're building on SLE-12. ------------------------------------------------------------------- Sat Oct 17 11:45:08 UTC 2015 - mc@suse.com - fix macro - use package name python-backports-ssl_match_hostname on rhel7 - define py_ver where it does not exist ------------------------------------------------------------------- Wed Sep 30 09:11:37 UTC 2015 - fcastelli@suse.com - python-certifi is an optional depedency when python 2.7.9 is available. ------------------------------------------------------------------- Sat Sep 26 10:21:28 UTC 2015 - toddrme2178@gmail.com - python-certifi is a hard dependency, not an optional one. ------------------------------------------------------------------- Wed Sep 23 10:39:53 UTC 2015 - tampakrap@opensuse.org - Remove python-Twisted BuildRequires. It causes a python-cryptography build dependency, which is currently broken on SLE11SP4 due to old OpenSSL version ------------------------------------------------------------------- Thu Sep 10 19:39:18 UTC 2015 - aboe76@gmail.com - Update to 4.2.1: Security fix: * This release fixes a path traversal vulnerability in StaticFileHandler, in which files whose names started with the static_path directory but were not actually in that directory could be accessed. - Update to 4.2: Backwards-compatibility: * SSLIOStream.connect and IOStream.start_tls now validate certificates by default. * Certificate validation will now use the system CA root certificates instead of certifi when possible (i.e. Python 2.7.9+ or 3.4+). This includes IOStream and simple_httpclient, but not curl_httpclient * The default SSL configuration has become stricter, using ssl.create_default_context where available on the client side. (On the server side, applications are encouraged to migrate from the ssl_options dict-based API to pass an ssl.SSLContext instead). * The deprecated classes in the tornado.auth module, GoogleMixin, FacebookMixin, and FriendFeedMixin have been removed. * see more details: http://www.tornadoweb.org/en/stable/releases/v4.2.0.html ------------------------------------------------------------------- Wed Aug 12 14:29:56 UTC 2015 - seife+obs@b1-systems.com - fix build with non-SUSE distributions ------------------------------------------------------------------- Wed Apr 22 13:21:19 UTC 2015 - mcihar@suse.cz - Update to 4.1: * If a `.Future` contains an exception but that exception is never examined or re-raised (e.g. by yielding the `.Future`), a stack trace will be logged when the `.Future` is garbage-collected. * New class `tornado.gen.WaitIterator` provides a way to iterate over ``Futures`` in the order they resolve. * The `tornado.websocket` module now supports compression via the "permessage-deflate" extension. Override `.WebSocketHandler.get_compression_options` to enable on the server side, and use the ``compression_options`` keyword argument to `.websocket_connect` on the client side. * When the appropriate packages are installed, it is possible to yield `asyncio.Future` or Twisted ``Defered`` objects in Tornado coroutines. ------------------------------------------------------------------- Thu Oct 2 16:05:54 UTC 2014 - toddrme2178@gmail.com - Remove python-pycares BuildRequires since it is optional and not in openSUSE:Factory ------------------------------------------------------------------- Wed Oct 1 15:23:31 UTC 2014 - toddrme2178@gmail.com - Update to version 4.0.2 + Bug fixes * Fixed a bug that could sometimes cause a timeout to fire after being cancelled. * `.AsyncTestCase` once again passes along arguments to test methods, making it compatible with extensions such as Nose's test generators. * `.StaticFileHandler` can again compress its responses when gzip is enabled. * ``simple_httpclient`` passes its ``max_buffer_size`` argument to the underlying stream. * Fixed a reference cycle that can lead to increased memory consumption. * `.add_accept_handler` will now limit the number of times it will call `~socket.socket.accept` per `.IOLoop` iteration, addressing a potential starvation issue. * Improved error handling in `.IOStream.connect` (primarily for FreeBSD systems) - Update to version 4.0.1 + Bug fixes * The build will now fall back to pure-python mode if the C extension fails to build for any reason (previously it would fall back for some errors but not others). * `.IOLoop.call_at` and `.IOLoop.call_later` now always return a timeout handle for use with `.IOLoop.remove_timeout`. * If any callback of a `.PeriodicCallback` or `.IOStream` returns a `.Future`, any error raised in that future will now be logged (similar to the behavior of `.IOLoop.add_callback`). * Fixed an exception in client-side websocket connections when the connection is closed. * ``simple_httpclient`` once again correctly handles 204 status codes with no content-length header. * Fixed a regression in ``simple_httpclient`` that would result in timeouts for certain kinds of errors. - Update to version 4.0.0 + Highlights * The `tornado.web.stream_request_body` decorator allows large files to be uploaded with limited memory usage. * Coroutines are now faster and are used extensively throughout Tornado itself. More methods now return `Futures <.Future>`, including most `.IOStream` methods and `.RequestHandler.flush`. * Many user-overridden methods are now allowed to return a `.Future` for flow control. * HTTP-related code is now shared between the `tornado.httpserver`, ``tornado.simple_httpclient`` and `tornado.wsgi` modules, making support for features such as chunked and gzip encoding more consistent. `.HTTPServer` now uses new delegate interfaces defined in `tornado.httputil` in addition to its old single-callback interface. * New module `tornado.tcpclient` creates TCP connections with non-blocking DNS, SSL handshaking, and support for IPv6. + See more release details at http://www.tornadoweb.org/en/stable/releases/v4.0.0.html - Update to version 3.2.2 + Security fixes * The XSRF token is now encoded with a random mask on each request. This makes it safe to include in compressed pages without being vulnerable to the `BREACH attack <http://breachattack.com>`_. This applies to most applications that use both the ``xsrf_cookies`` and ``gzip`` options (or have gzip applied by a proxy). + Backwards-compatibility notes * If Tornado 3.2.2 is run at the same time as older versions on the same domain, there is some potential for issues with the differing cookie versions. The `.Application` setting ``xsrf_cookie_version=1`` can be used for a transitional period to generate the older cookie format on newer servers. + Other changes * ``tornado.platform.asyncio`` is now compatible with ``trollius`` version 0.3. ------------------------------------------------------------------- Tue May 20 13:05:18 UTC 2014 - toddrme2178@gmail.com - Update dependencies ------------------------------------------------------------------- Sun May 11 14:00:00 UTC 2014 - andrea@opensuse.org - new upstream version 3.2.1 - several new modules and bugfixes check website for details http://www.tornadoweb.org/en/stable/releases.html ------------------------------------------------------------------- Sun Nov 17 16:07:37 UTC 2013 - p.drouand@gmail.com - Update to version 3.1.1 + StaticFileHandler no longer fails if the client requests a Range that is larger than the entire file (Facebook has a crawler that does this). + RequestHandler.on_connection_close now works correctly on subsequent requests of a keep-alive connection. ------------------------------------------------------------------- Thu Aug 15 11:03:17 UTC 2013 - speilicke@suse.com - Update to version 3.1: + See http://www.tornadoweb.org/en/stable/releases/v3.1.0.html - Fix rpmlint issues properly - Use upstream URL ------------------------------------------------------------------- Thu Apr 11 16:47:30 UTC 2013 - alexandre@exatati.com.br - Update to 3.0.1: - The interface of tornado.auth.FacebookGraphMixin is now consistent with its documentation and the rest of the module. The get_authenticated_user and facebook_request methods return a Future and the callback argument is optional. - The tornado.testing.gen_test decorator will no longer be recognized as a (broken) test by nose. - Work around a bug in Ubuntu 13.04 betas involving an incomplete backport of the ssl.match_hostname function. - tornado.websocket.websocket_connect now fails cleanly when it attempts to connect to a non-websocket url. - tornado.testing.LogTrapTestCase once again works with byte strings on Python 2. - The request attribute of tornado.httpclient.HTTPResponse is now always an HTTPRequest, never a _RequestProxy. - Exceptions raised by the tornado.gen module now have better messages when tuples are used as callback keys. ------------------------------------------------------------------- Sat Mar 30 17:46:48 UTC 2013 - alexandre@exatati.com.br - Update to 3.0: - Please read full changelog at http://www.tornadoweb.org/en/stable/releases/v3.0.0.html ------------------------------------------------------------------- Sun Nov 25 11:41:29 UTC 2012 - alexandre@exatati.com.br - Update to 2.4.1: - Fixed a memory leak in tornado.stack_context that was especially likely with long-running @gen.engine functions. - tornado.auth.TwitterMixin now works on Python 3. - Fixed a bug in which IOStream.read_until_close with a streaming callback would sometimes pass the last chunk of data to the final callback instead of the streaming callback. ------------------------------------------------------------------- Wed Sep 5 03:54:59 UTC 2012 - alexandre@exatati.com.br - Update to 2.4: - Please check changelog at http://www.tornadoweb.org/documentation/releases/v2.4.0.html ------------------------------------------------------------------- Fri Jun 1 11:59:36 UTC 2012 - alexandre@exatati.com.br - Update to 2.3: - Please check changelog at http://www.tornadoweb.org/documentation/releases/v2.3.0.html ------------------------------------------------------------------- Fri May 18 15:27:08 UTC 2012 - toddrme2178@gmail.com - Fix rpmlint warnings - Improve openSUSE 11.4 build fix - Clean up spec file ------------------------------------------------------------------- Mon Apr 30 13:06:58 UTC 2012 - toddrme2178@gmail.com - Fix building python 3 package on openSUSE 11.4 x86_64 ------------------------------------------------------------------- Sat Apr 28 05:42:29 UTC 2012 - highwaystar.ru@gmail.com - added python3 package ------------------------------------------------------------------- Tue Apr 24 11:01:28 UTC 2012 - alexandre@exatati.com.br - Update to 2.2.1: - tornado.web.RequestHandler.set_header now properly sanitizes input values to protect against header injection, response splitting, etc. (it has always attempted to do this, but the check was incorrect). Note that redirects, the most likely source of such bugs, are protected by a separate check in RequestHandler.redirect. - Colored logging configuration in tornado.options is compatible with Python 3.2.3 (and 3.3). ------------------------------------------------------------------- Wed Mar 21 18:51:00 UTC 2012 - saschpe@gmx.de - Update requires on python-curl to python-pycurl ------------------------------------------------------------------- Mon Mar 12 21:38:08 UTC 2012 - saschpe@gmx.de - Simplified macro usage - Use upstream tarball ------------------------------------------------------------------- Mon Jan 30 23:17:07 UTC 2012 - alexandre@exatati.com.br - Update to 2.2: - Please read http://www.tornadoweb.org/documentation/releases/v2.2.0.html for all changes in this release. ------------------------------------------------------------------- Tue Oct 4 23:57:09 UTC 2011 - alexandre@exatati.com.br - Update to 2.1.1 Bug fixes: - Fixed handling of closed connections with the epoll (i.e. Linux) IOLoop. Previously, closed connections could be shut down too early, which most often manifested as “Stream is closed” exceptions in SimpleAsyncHTTPClient. - Fixed a case in which chunked responses could be closed prematurely, leading to truncated output. - IOStream.connect now reports errors more consistently via logging and the close callback (this affects e.g. connections to localhost on FreeBSD). - IOStream.read_bytes again accepts both int and long arguments. - PeriodicCallback no longer runs repeatedly when IOLoop iterations complete faster than the resolution of time.time() (mainly a problem on Windows). Backwards-compatibility note - Listening for IOLoop.ERROR alone is no longer sufficient for detecting closed connections on an otherwise unused socket. IOLoop.ERROR must always be used in combination with READ or WRITE. ------------------------------------------------------------------- Wed Sep 21 11:27:02 UTC 2011 - alexandre@exatati.com.br - Update to 2.1: - There are security fixes, backwards-incompatible changes, new modules, and bug fixes. For full changes please read http://www.tornadoweb.org/documentation/releases/v2.1.0.html ------------------------------------------------------------------- Thu Jul 7 20:19:08 UTC 2011 - saschpe@gmx.de - Added README and examples to documentation - Fixed license string to "Apache-2.0" ------------------------------------------------------------------- Wed Jun 22 11:47:26 UTC 2011 - alexandre@exatati.com.br - Update to 2.0: Major changes: * Template output is automatically escaped by default; see backwards compatibility note below. * The default AsyncHTTPClient implementation is now simple_httpclient. * Python 3.2 is now supported. For backwards compatibility and other changes in this release, please read http://www.tornadoweb.org/documentation/releases/v2.0.0.html - Regenerate spec file with py2pack. ------------------------------------------------------------------- Fri Mar 4 04:10:43 UTC 2011 - alexandre@exatati.com.br - Update to 1.2.1. ------------------------------------------------------------------- Sun Feb 20 21:25:09 UTC 2011 - alexandre@exatati.com.br - Update to 1.2. ------------------------------------------------------------------- Wed Feb 9 10:51:01 UTC 2011 - alexandre@exatati.com.br - Update to 1.1.1. ------------------------------------------------------------------- Fri Sep 10 05:14:00 UTC 2010 - alexandre@exatati.com.br - Update to 1.1. ------------------------------------------------------------------- Tue May 18 12:22:11 UTC 2010 - alexandre@exatati.com.br - New tarball release on PyPI. ------------------------------------------------------------------- Fri Nov 13 00:54:15 UTC 2009 - alexandre@exatati.com.br - Update to 0.2; - Building as noarch for openSUSE >= 11.2. ------------------------------------------------------------------- Mon Sep 14 11:50:08 UTC 2009 - alexandre@exatati.com.br - Initial package (0.1) for openSUSE.
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor