Request 1219322: Submit python-waitress - openSUSE Build Service

This request supersedes: request 1219318 (Show diff)

Overview

Request 1219322 accepted

- Update to 3.0.1 (bsc#1232554, bsc#1232556, CVE-2024-49769, CVE-2024-49768):
* Fix a bug that would lead to Waitress busy looping on select()
on a half-open socket due to a race condition that existed when
creating a new HTTPChannel. See
https://github.com/Pylons/waitress/pull/435,
https://github.com/Pylons/waitress/issues/418 and
https://github.com/Pylons/waitress/security/advisories/GHSA-3f84-rpwh-47g6
* No longer strip the header values before passing them to the
WSGI environ. See https://github.com/Pylons/waitress/pull/434
and https://github.com/Pylons/waitress/issues/432
* Fix a race condition in Waitress when
`channel_request_lookahead` is enabled that could lead to HTTP
request smuggling.
* See https://github.com/Pylons/waitress/security/advisories/GHSA-9298-4cf8-g4wj

Created by dgarcia about 1 month ago
In state accepted
Supersedes 1219318

Submit python-waitress

Comments for request 1219322 0

Login required, please login in order to comment

Request History

dgarcia created request about 1 month ago

- Update to 3.0.1 (bsc#1232554, bsc#1232556, CVE-2024-49769, CVE-2024-49768):
* Fix a bug that would lead to Waitress busy looping on select()
on a half-open socket due to a race condition that existed when
creating a new HTTPChannel. See
https://github.com/Pylons/waitress/pull/435,
https://github.com/Pylons/waitress/issues/418 and
https://github.com/Pylons/waitress/security/advisories/GHSA-3f84-rpwh-47g6
* No longer strip the header values before passing them to the
WSGI environ. See https://github.com/Pylons/waitress/pull/434
and https://github.com/Pylons/waitress/issues/432
* Fix a race condition in Waitress when
`channel_request_lookahead` is enabled that could lead to HTTP
request smuggling.
* See https://github.com/Pylons/waitress/security/advisories/GHSA-9298-4cf8-g4wj

factory-auto added opensuse-review-team as a reviewer about 1 month ago

Please review sources

factory-auto accepted review about 1 month ago

Check script succeeded

licensedigger accepted review about 1 month ago

ok

dimstar_suse set openSUSE:Factory:Staging:D as a staging project about 1 month ago

Being evaluated by staging project "openSUSE:Factory:Staging:D"

dimstar_suse accepted review about 1 month ago

Picked "openSUSE:Factory:Staging:D"

oertel accepted review 30 days ago

Accepted review for by_group opensuse-review-team request 1219322 from user dimstar_suse

dimstar_suse accepted review 29 days ago

Staging Project openSUSE:Factory:Staging:D got accepted.

dimstar_suse approved review 29 days ago

Staging Project openSUSE:Factory:Staging:D got accepted.

dimstar_suse accepted request 29 days ago

Staging Project openSUSE:Factory:Staging:D got accepted.

openSUSE Build Service is sponsored by