File not found: CVE-2023-43804.patch

saltbundlepy-urllib3

Edit Package saltbundlepy-urllib3
No description set
Refresh
Refresh
Source Files
Filename Size Changed
CVE-2024-37891.patch 0000006220 6.07 KB
no-strict-OpenSSL-1.1.1.patch 0000001132 1.11 KB
saltbundlepy-urllib3.changes 0000052487 51.3 KB
saltbundlepy-urllib3.spec 0000005000 4.88 KB
urllib3-2.0.7.tar.gz 0000282546 276 KB
Latest Revision
Yeray Gutiérrez Cedrés's avatar Yeray Gutiérrez Cedrés (ygutierrez) accepted request 1196242 from Victor Zhestkov's avatar Victor Zhestkov (vizhestkov) (revision 7)
- Add CVE-2024-37891.patch (bsc#1226469, bsc#1229654)
- Remove strict OpenSSL 1.1.1 version checking
- Update to 2.0.7 (bsc#1216377, CVE-2023-45803):
  * Made body stripped from HTTP requests changing the request method
    to GET after HTTP 303 "See Other" redirect responses.
- Update Buildrequires to upstream list.
- Update to 2.0.6 (bsc#1215968, CVE-2023-43804):
  * Added the Cookie header to the list of headers to strip from
    requests when redirecting to a different host. As before, different
    headers can be set via Retry.remove_headers_on_redirect
- Update to 2.0.5:
  * Allowed pyOpenSSL third-party module without any deprecation
    warning. #3126
  * Fixed default blocksize of HTTPConnection classes to match
    high-level classes. Previously was 8KiB, now 16KiB. #3066
- Update to 2.0.4:
  * Added support for union operators to ``HTTPHeaderDict``
  * Added ``BaseHTTPResponse`` to ``urllib3.__all__`` (`#3078
  * Fixed ``urllib3.connection.HTTPConnection`` to raise the
    ``http.client.connect`` audit event to have the same behavior
    as the standard library HTTP client
  * Relied on the standard library for checking hostnames in
    supported PyPy releases
- Disable test_deprecated_no_scheme so it needs network connection to
  run correctly.
- Update to 2.0.3:
  * Allowed alternative SSL libraries such as LibreSSL, while
    still issuing a warning as we cannot help users facing issues
    with implementations other than OpenSSL.
  * Deprecated URLs which don't have an explicit scheme
Comments 0
openSUSE Build Service is sponsored by