1145 lines
51 KiB
Plaintext
1145 lines
51 KiB
Plaintext
-------------------------------------------------------------------
|
||
Fri Aug 23 08:31:44 UTC 2024 - Victor Zhestkov <vzhestkov@suse.com>
|
||
|
||
- Add CVE-2024-37891.patch (bsc#1226469, bsc#1229654)
|
||
|
||
- Remove strict OpenSSL 1.1.1 version checking
|
||
|
||
- Update to 2.0.7 (bsc#1216377, CVE-2023-45803):
|
||
* Made body stripped from HTTP requests changing the request method
|
||
to GET after HTTP 303 "See Other" redirect responses.
|
||
|
||
- Update Buildrequires to upstream list.
|
||
|
||
- Update to 2.0.6 (bsc#1215968, CVE-2023-43804):
|
||
* Added the Cookie header to the list of headers to strip from
|
||
requests when redirecting to a different host. As before, different
|
||
headers can be set via Retry.remove_headers_on_redirect
|
||
|
||
- Update to 2.0.5:
|
||
* Allowed pyOpenSSL third-party module without any deprecation
|
||
warning. #3126
|
||
* Fixed default blocksize of HTTPConnection classes to match
|
||
high-level classes. Previously was 8KiB, now 16KiB. #3066
|
||
|
||
- Update to 2.0.4:
|
||
* Added support for union operators to ``HTTPHeaderDict``
|
||
* Added ``BaseHTTPResponse`` to ``urllib3.__all__`` (`#3078
|
||
* Fixed ``urllib3.connection.HTTPConnection`` to raise the
|
||
``http.client.connect`` audit event to have the same behavior
|
||
as the standard library HTTP client
|
||
* Relied on the standard library for checking hostnames in
|
||
supported PyPy releases
|
||
|
||
- Disable test_deprecated_no_scheme so it needs network connection to
|
||
run correctly.
|
||
|
||
- Update to 2.0.3:
|
||
* Allowed alternative SSL libraries such as LibreSSL, while
|
||
still issuing a warning as we cannot help users facing issues
|
||
with implementations other than OpenSSL.
|
||
* Deprecated URLs which don't have an explicit scheme
|
||
* Fixed response decoding with Zstandard when compressed data
|
||
is made of several frames.
|
||
* Fixed ``assert_hostname=False`` to correctly skip hostname
|
||
check.
|
||
|
||
- Update to 2.0.2:
|
||
* Fixed ``HTTPResponse.stream()`` to continue yielding bytes if
|
||
buffered decompressed data was still available to be read
|
||
even if the underlying socket is closed. This prevents
|
||
a compressed response from being truncated.
|
||
|
||
- Update to 2.0.1:
|
||
* Fixed a socket leak when fingerprint or hostname verifications fail.
|
||
* Fixed an error when HTTPResponse.read(0) was the first read call or when
|
||
the internal response body buffer was otherwise empty.
|
||
* Removed support for Python 2.7, 3.5, and 3.6.
|
||
* Removed fallback on certificate commonName in match_hostname() function.
|
||
* Removed support for Python with an ssl module compiled with LibreSSL,
|
||
CiscoSSL, wolfSSL, and all other OpenSSL alternatives.
|
||
* Removed support for OpenSSL versions earlier than 1.1.1.
|
||
* Removed urllib3.contrib.appengine.AppEngineManager and support for Google
|
||
App Engine Standard Environment.
|
||
* Changed ssl_version to instead set the corresponding
|
||
SSLContext.minimum_version and SSLContext.maximum_version values.
|
||
* Changed default SSLContext.minimum_version to be TLSVersion.TLSv1_2
|
||
in line with Python 3.10.
|
||
* Changed urllib3.util.create_urllib3_context to not override the system
|
||
cipher suites with a default value.
|
||
* Changed multipart/form-data header parameter formatting matches the
|
||
WHATWG HTML Standard as of 2021-06-10.
|
||
* Changed HTTPConnection.request() to always use lowercase chunk boundaries
|
||
when sending requests with Transfer-Encoding: chunked.
|
||
* Changed enforce_content_length default to True, preventing silent data
|
||
loss when reading streamed responses.
|
||
* Changed all parameters in the HTTPConnection and HTTPSConnection
|
||
constructors to be keyword-only except host and port.
|
||
* Changed HTTPConnection.getresponse() to set the socket timeout from
|
||
HTTPConnection.timeout value before reading data from the socket.
|
||
* Changed name of Retry.BACK0FF_MAX to be Retry.DEFAULT_BACKOFF_MAX.
|
||
* Changed TLS handshakes to use SSLContext.check_hostname when possible.
|
||
* Changed the default blocksize to 16KB to match OpenSSL's default read
|
||
amounts.
|
||
* Changed HTTPResponse.read() to raise an error when calling with
|
||
decode_content=False after using decode_content=True to prevent data loss.
|
||
* Fixed thread-safety issue where accessing a PoolManager with many
|
||
distinct origins would cause connection pools to be closed while
|
||
requests are in progress.
|
||
* Fixed the default value of HTTPSConnection.socket_options to match
|
||
HTTPConnection.
|
||
* Fixed a socket leak if HTTPConnection.connect() fails.
|
||
- Drop patch remove_mock.patch, included upstream.
|
||
- Fiddle with {Build,}Requires as appropiate, six finally dropped.
|
||
|
||
- Added:
|
||
* CVE-2024-37891.patch
|
||
* no-strict-OpenSSL-1.1.1.patch
|
||
|
||
- Removed:
|
||
* openssl-3.2.patch
|
||
* remove_mock.patch
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Mar 4 11:11:14 UTC 2024 - Victor Zhestkov <vzhestkov@suse.com>
|
||
|
||
- Add upstream patch openssl-3.2.patch, to fix tests with opennssl
|
||
3.2.0, gh#urllib3/urllib3#3271
|
||
|
||
-------------------------------------------------------------------
|
||
Sun Dec 17 18:05:42 UTC 2023 - Victor Zhestkov <vzhestkov@suse.com>
|
||
|
||
- Update to 1.26.18 (bsc#1216377, CVE-2023-45803):
|
||
* Made body stripped from HTTP requests changing the request method
|
||
to GET after HTTP 303 "See Other" redirect responses.
|
||
|
||
- Update to 1.26.17 (bsc#1215968, CVE-2023-43804):
|
||
* Added the Cookie header to the list of headers to strip from
|
||
* requests when redirecting to a different host. As before,
|
||
* different headers can be set via Retry.remove_headers_on_redirect.
|
||
|
||
- Update to 1.26.16:
|
||
* Fixed thread-safety issue where accessing a ``PoolManager``
|
||
with many distinct origins would cause connection pools to
|
||
be closed while requests are in progress
|
||
|
||
- Update to 1.26.15:
|
||
* Fix socket timeout value when ``HTTPConnection`` is reused
|
||
* Remove "!" character from the unreserved characters in IPv6
|
||
Zone ID parsing
|
||
* Fix IDNA handling of '<80>' byte
|
||
|
||
- Update to 1.26.14:
|
||
* Fixed parsing of port 0 (zero) returning None, instead of 0.
|
||
* Removed deprecated getheaders() calls in contrib module.
|
||
|
||
- Update to 1.26.13
|
||
* Deprecated the ``HTTPResponse.getheaders()`` and
|
||
``HTTPResponse.getheader()`` methods.
|
||
* Fixed an issue where parsing a URL with leading zeroes in the
|
||
port would be rejected
|
||
even when the port number after removing the zeroes was valid.
|
||
* Fixed a deprecation warning when using cryptography v39.0.0.
|
||
* Removed the ``<4`` in the ``Requires-Python`` packaging
|
||
metadata field.
|
||
|
||
- Update to 1.26.12:
|
||
* Deprecated the `urllib3[secure]` extra and the
|
||
`urllib3.contrib.pyopenssl` module.
|
||
Both will be removed in v2.x.
|
||
See this `GitHub issue <https://github.com/urllib3/urllib3/issues/2680>`_
|
||
for justification and info on how to migrate.
|
||
|
||
- Update to 1.26.11
|
||
* Fix OverflowError when TLS is used on some Python versions
|
||
|
||
- Update to 1.26.10:
|
||
* Removed support for Python 3.5
|
||
* Fixed an issue where a ``ProxyError`` recommending configuring
|
||
the proxy as HTTP instead of HTTPS could appear even when an
|
||
HTTPS proxy wasn't configured.
|
||
|
||
- Update to 1.26.9:
|
||
* Changed ``urllib3[brotli]`` extra to favor installing Brotli
|
||
libraries that are still receiving updates like ``brotli`` and
|
||
``brotlicffi`` instead of ``brotlipy``. This change does not impact
|
||
behavior of urllib3, only which dependencies are installed.
|
||
* Fixed a socket leaking when ``HTTPSConnection.connect()``
|
||
raises an exception.
|
||
* Fixed ``server_hostname`` being forwarded from ``PoolManager``
|
||
to ``HTTPConnectionPool``
|
||
when requesting an HTTP URL. Should only be forwarded when
|
||
requesting an HTTPS URL.
|
||
|
||
- Update to 1.26.8:
|
||
* Added extra message to``urllib3.exceptions.ProxyError`` when
|
||
urllib3 detects that a proxy is configured to use HTTPS but the
|
||
proxy itself appears to only use HTTP.
|
||
* Added a mention of the size of the connection pool when discarding a
|
||
connection due to the pool being full.
|
||
* Added explicit support for Python 3.11.
|
||
* Deprecated the ``Retry.MAX_BACKOFF`` class property in favor of
|
||
``Retry.DEFAULT_MAX_BACKOFF`` to better match the rest of the
|
||
default parameter names. ``Retry.MAX_BACKOFF`` is removed in v2.0.
|
||
* Changed location of the vendored ``ssl.match_hostname`` function from
|
||
``urllib3.packages.ssl_match_hostname`` to
|
||
``urllib3.util.ssl_match_hostname`` to ensure Python 3.10+
|
||
compatibility after being repackaged by downstream distributors.
|
||
* Fixed absolute imports, all imports are now relative.
|
||
|
||
- Update to 1.26.7:
|
||
* Fixed a bug with HTTPS hostname verification involving IP addresses
|
||
and lack of SNI.
|
||
* Fixed a bug where IPv6 braces weren't stripped during certificate
|
||
hostname matching.
|
||
|
||
- Update to 1.26.6
|
||
* Deprecated the urllib3.contrib.ntlmpool module.
|
||
* Changed HTTPConnection.request_chunked() to not erroneously
|
||
emit multiple Transfer-Encoding headers in the case that one
|
||
is already specified.
|
||
* Fixed typo in deprecation message to recommend
|
||
Retry.DEFAULT_ALLOWED_METHODS.
|
||
|
||
- Update to 1.26.5 (bsc#1187045, CVE-2021-33503):
|
||
* Fixed deprecation warnings emitted in Python 3.10.
|
||
* Updated vendored ``six`` library to 1.16.0.
|
||
* Improved performance of URL parser when splitting
|
||
the authority component.
|
||
|
||
- Update to 1.26.4:
|
||
* Changed behavior of the default ``SSLContext`` when connecting
|
||
to HTTPS proxy during HTTPS requests. The default ``SSLContext``
|
||
now sets ``check_hostname=True``.
|
||
|
||
- Update to 1.26.3:
|
||
* Fixed bytes and string comparison issue with headers (Pull #2141)
|
||
* Changed ``ProxySchemeUnknown`` error message to be
|
||
more actionable if the user supplies a proxy URL without
|
||
a scheme. (Pull #2107)
|
||
|
||
- Update to 1.26.2:
|
||
* Fixed an issue where ``wrap_socket`` and ``CERT_REQUIRED`` wouldn't
|
||
be imported properly on Python 2.7.8 and earlier (Pull #2052)
|
||
* Fixed an issue where two ``User-Agent`` headers would be sent if a
|
||
``User-Agent`` header key is passed as ``bytes`` (Pull #2047)
|
||
* Added support for HTTPS proxies contacting HTTPS servers
|
||
(Pull #1923, Pull #1806)
|
||
* Deprecated negotiating TLSv1 and TLSv1.1 by default. Users that
|
||
still wish to use TLS earlier than 1.2 without a deprecation warning
|
||
should opt-in explicitly by setting ``ssl_version=ssl.PROTOCOL_TLSv1_1``
|
||
(Pull #2002)
|
||
**Starting in urllib3 v2.0: Connections that receive a
|
||
``DeprecationWarning`` will fail**
|
||
* Deprecated ``Retry`` options ``Retry.DEFAULT_METHOD_WHITELIST``,
|
||
``Retry.DEFAULT_REDIRECT_HEADERS_BLACKLIST`` and
|
||
``Retry(method_whitelist=...)`` in favor of
|
||
``Retry.DEFAULT_ALLOWED_METHODS``,
|
||
``Retry.DEFAULT_REMOVE_HEADERS_ON_REDIRECT``, and
|
||
``Retry(allowed_methods=...)``
|
||
(Pull #2000)
|
||
* Starting in urllib3 v2.0: Deprecated options will be removed
|
||
* Added default ``User-Agent`` header to every request (Pull #1750)
|
||
* Added ``urllib3.util.SKIP_HEADER`` for skipping ``User-Agent``,
|
||
``Accept-Encoding``, and ``Host`` headers from being automatically
|
||
emitted with requests (Pull #2018)
|
||
* Collapse ``transfer-encoding: chunked`` request data and framing
|
||
into the same ``socket.send()`` call (Pull #1906)
|
||
* Send ``http/1.1`` ALPN identifier with every TLS handshake by
|
||
default (Pull #1894)
|
||
* Properly terminate SecureTransport connections when CA verification
|
||
fails (Pull #1977)
|
||
* Don't emit an ``SNIMissingWarning`` when passing
|
||
``server_hostname=None`` to SecureTransport (Pull #1903)
|
||
* Disabled requesting TLSv1.2 session tickets as they weren't being
|
||
used by urllib3 (Pull #1970)
|
||
* Suppress ``BrokenPipeError`` when writing request body after
|
||
the server has closed the socket (Pull #1524)
|
||
* Wrap ``ssl.SSLError`` that can be raised from reading a socket
|
||
(e.g. "bad MAC") into an ``urllib3.exceptions.SSLError`` (Pull #1939)
|
||
* Fix retry backoff time parsed from ``Retry-After`` header when
|
||
given in the HTTP date format. The HTTP date was parsed as the
|
||
local timezone rather than accounting for the timezone in the
|
||
HTTP date (typically UTC)
|
||
(Pull #1932, Pull #1935, Pull #1938, Pull #1949)
|
||
|
||
- Add remove_mock.patch to remove dependency on the external mock
|
||
package (gh#urllib3/urllib3#2108).
|
||
|
||
- Added:
|
||
* remove_mock.patch
|
||
|
||
- Removed:
|
||
* CVE-2021-33503.patch
|
||
* CVE-2023-43804.patch
|
||
* ssl_match_hostname_py3.py
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Oct 9 07:59:44 UTC 2023 - Daniel Garcia <daniel.garcia@suse.com>
|
||
|
||
- Add CVE-2023-43804.patch (bsc#1215968, CVE-2023-43804)
|
||
gh#urllib3/urllib3#3139
|
||
* Added the Cookie header to the list of headers to strip from
|
||
requests when redirecting to a different host. As before,
|
||
different headers can be set via Retry.remove_headers_on_redirect.
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Oct 5 14:27:23 UTC 2022 - Victor Zhestkov <victor.zhestkov@suse.com>
|
||
|
||
- Explicitly use ssl for ssl_match_hostname_py3 implementation
|
||
|
||
- Added:
|
||
* ssl_match_hostname_py3.py
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Apr 4 13:10:56 UTC 2022 - Victor Zhestkov <victor.zhestkov@suse.com>
|
||
|
||
- Strictly require Python 3.10 with saltbundlepy requrement
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Jun 11 09:56:52 UTC 2021 - Johannes Grassler <johannes.grassler@suse.com>
|
||
|
||
- Add CVE-2021-33503.patch (bsc#1187045, CVE-2021-33503)
|
||
* Improve performance of sub-authority splitting in URL
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Jan 1 13:20:04 UTC 2021 - Benjamin Greiner <code@bnavigator.de>
|
||
|
||
- Skip test for RECENT_DATE. It is a test purely for developers.
|
||
To maintain reproducibility, keep upstreams possibly outdated
|
||
RECENT_DATE in the source code.
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Dec 17 18:13:57 UTC 2020 - Matej Cepl <mcepl@suse.com>
|
||
|
||
- Add CI variable, which makes timeouts in the test suite longer
|
||
(gh#urllib3/urllib3#2109, bsc#1176389) and
|
||
test_timeout_errors_cause_retries should not fail.
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Sep 9 16:49:22 UTC 2020 - Alberto Planas Dominguez <aplanas@suse.com>
|
||
|
||
- Generate pyc for ssl_match_hostname too
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Aug 4 16:09:35 UTC 2020 - Dirk Mueller <dmueller@suse.com>
|
||
|
||
- update to 1.25.10:
|
||
* Added support for ``SSLKEYLOGFILE`` environment variable for
|
||
logging TLS session keys with use with programs like
|
||
Wireshark for decrypting captured web traffic (Pull #1867)
|
||
* Fixed loading of SecureTransport libraries on macOS Big Sur
|
||
due to the new dynamic linker cache (Pull #1905)
|
||
* Collapse chunked request bodies data and framing into one
|
||
call to ``send()`` to reduce the number of TCP packets by 2-4x (Pull #1906)
|
||
* Don't insert ``None`` into ``ConnectionPool`` if the pool
|
||
was empty when requesting a connection (Pull #1866)
|
||
* Avoid ``hasattr`` call in ``BrotliDecoder.decompress()`` (Pull #1858)
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Jun 2 17:19:23 UTC 2020 - Dirk Mueller <dmueller@suse.com>
|
||
|
||
- update to 1.25.9 (bsc#1177120, CVE-2020-26137):
|
||
* Added ``InvalidProxyConfigurationWarning`` which is raised when
|
||
erroneously specifying an HTTPS proxy URL. urllib3 doesn't currently
|
||
support connecting to HTTPS proxies but will soon be able to
|
||
and we would like users to migrate properly without much breakage.
|
||
* Drain connection after ``PoolManager`` redirect (Pull #1817)
|
||
* Ensure ``load_verify_locations`` raises ``SSLError`` for all backends (Pull #1812)
|
||
* Rename ``VerifiedHTTPSConnection`` to ``HTTPSConnection`` (Pull #1805)
|
||
* Allow the CA certificate data to be passed as a string (Pull #1804)
|
||
* Raise ``ValueError`` if method contains control characters (Pull #1800)
|
||
* Add ``__repr__`` to ``Timeout`` (Pull #1795)
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Apr 21 21:07:06 UTC 2020 - Matej Cepl <mcepl@suse.com>
|
||
|
||
- Explicitly switch off building python 2 version.
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Feb 7 15:24:03 UTC 2020 - Marketa Calabkova <mcalabkova@suse.com>
|
||
|
||
- update to 1.25.8
|
||
* Drop support for EOL Python 3.4
|
||
* Optimize _encode_invalid_chars
|
||
* Preserve chunked parameter on retries
|
||
* Allow unset SERVER_SOFTWARE in App Engine
|
||
* Fix issue where URL fragment was sent within the request target.
|
||
* Fix issue where an empty query section in a URL would fail to parse.
|
||
* Remove TLS 1.3 support in SecureTransport due to Apple removing support.
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Oct 15 10:53:45 UTC 2019 - Ralf Haferkamp <rhafer@suse.de>
|
||
|
||
- Require a new enough release of python-six. 1.25.6 needs at least
|
||
1.12.0 for ensure_text() and friends.
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Oct 2 13:18:36 UTC 2019 - Tomáš Chvátal <tchvatal@suse.com>
|
||
|
||
- Updae to 1.25.6:
|
||
* Fix issue where tilde (~) characters were incorrectly percent-encoded in the path. (Pull #1692)
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Sep 27 10:39:28 UTC 2019 - Tomáš Chvátal <tchvatal@suse.com>
|
||
|
||
- Restrict the tornado dep from tom to 5 or older release as the
|
||
6.x changed the API
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Sep 20 12:14:13 UTC 2019 - Tomáš Chvátal <tchvatal@suse.com>
|
||
|
||
- Update to 1.25.5:
|
||
* Add mitigation for BPO-37428 affecting Python <3.7.4 and OpenSSL 1.1.1+ which caused certificate verification to be enabled when using cert_reqs=CERT_NONE. (Issue #1682)
|
||
* Propagate Retry-After header settings to subsequent retries. (Pull #1607)
|
||
* Fix edge case where Retry-After header was still respected even when explicitly opted out of. (Pull #1607)
|
||
* Remove dependency on rfc3986 for URL parsing.
|
||
* Fix issue where URLs containing invalid characters within Url.auth would raise an exception instead of percent-encoding those characters.
|
||
* Add support for HTTPResponse.auto_close = False which makes HTTP responses work well with BufferedReaders and other io module features. (Pull #1652)
|
||
* Percent-encode invalid characters in URL for HTTPConnectionPool.request() (Pull #1673)
|
||
- Drop patch urllib3-ssl-default-context.patch
|
||
- Drop patch python-urllib3-recent-date.patch the date is recent
|
||
enough on its own
|
||
|
||
-------------------------------------------------------------------
|
||
Sat Sep 14 02:58:42 UTC 2019 - John Vandenberg <jayvdb@gmail.com>
|
||
|
||
- Use have/skip_python2/3 macros to allow building only one flavour
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Jul 22 07:54:44 UTC 2019 - Tomáš Chvátal <tchvatal@suse.com>
|
||
|
||
- Use old pytest 3.x as newer do not work with this release
|
||
* this will be fixed with next release, just spread among
|
||
numerous fixes in the git for quick backporting
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Jun 21 06:23:36 UTC 2019 - Dominique Leuenberger <dimstar@opensuse.org>
|
||
|
||
- Fixup pre script: the migration issue happens when changing from
|
||
python-urllib3 to python2-urllib3: the number of installed
|
||
instances of python2-urlliib3 is at this moment 1, unlike in
|
||
regular updates. This is due to a name change, which consists not
|
||
of a pure package update.
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Jun 20 07:33:55 UTC 2019 - Dominique Leuenberger <dimstar@opensuse.org>
|
||
|
||
- Provides/Obsoletes does not fix the issue: we have a
|
||
directory-to-symlink switch, which cannot be handled by RPM
|
||
internally. Assist using pre script (boo#1138715).
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Jun 19 15:58:19 UTC 2019 - Stefan Brüns <stefan.bruens@rwth-aachen.de>
|
||
|
||
- Fix Upgrade from Leap 42.1/42.2 by adding Obsoletes/Provides:
|
||
python-urllib3, fixes boo#1138746
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Jun 7 11:40:05 UTC 2019 - Tomáš Chvátal <tchvatal@suse.com>
|
||
|
||
- Skip test_source_address_error as we raise different error with
|
||
fixes that we provide in new python2/3
|
||
|
||
-------------------------------------------------------------------
|
||
Wed May 29 08:59:29 UTC 2019 - Tomáš Chvátal <tchvatal@suse.com>
|
||
|
||
- Add more test to skip as with new openssl some behaviour changed
|
||
and we can't rely on them anymore
|
||
|
||
-------------------------------------------------------------------
|
||
Wed May 29 08:20:27 UTC 2019 - Tomáš Chvátal <tchvatal@suse.com>
|
||
|
||
- Unbundle the six, rfc3986, and backports.ssl_match_hostname
|
||
- Add missing dependency on python-six (bsc#1150895)
|
||
|
||
-------------------------------------------------------------------
|
||
Fri May 24 19:16:21 UTC 2019 - Tomáš Chvátal <tchvatal@suse.com>
|
||
|
||
- Update to 1.25.3:
|
||
* Change HTTPSConnection to load system CA certificates when ca_certs, ca_cert_dir, and ssl_context are unspecified. (Pull #1608, Issue #1603)
|
||
* Upgrade bundled rfc3986 to v1.3.2. (Pull #1609, Issue #1605)
|
||
|
||
-------------------------------------------------------------------
|
||
Mon May 6 11:18:36 UTC 2019 - Tomáš Chvátal <tchvatal@suse.com>
|
||
|
||
- Update to 1.25.2:
|
||
* Change is_ipaddress to not detect IPvFuture addresses. (Pull #1583)
|
||
* Change parse_url to percent-encode invalid characters within the path, query, and target components. (Pull #1586)
|
||
* Add support for Google's Brotli package. (Pull #1572, Pull #1579)
|
||
* Upgrade bundled rfc3986 to v1.3.1 (Pull #1578)
|
||
- Require all the deps from the secure list rather than Recommend.
|
||
This makes the check to be run always and ensure the urls are
|
||
"secure".
|
||
- Remove ndg-httpsclient as it is not needed since 2015
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Apr 23 10:27:36 UTC 2019 - Tomáš Chvátal <tchvatal@suse.com>
|
||
|
||
- Add missing dependency on brotlipy
|
||
- Fix the tests to pass again
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Apr 23 04:04:50 UTC 2019 - Thomas Bechtold <tbechtold@suse.com>
|
||
|
||
- update to 1.25 (bsc#1132663, bsc#1129071, CVE-2019-9740, CVE-2019-11236):
|
||
* Require and validate certificates by default when using HTTPS
|
||
* Upgraded ``urllib3.utils.parse_url()`` to be RFC 3986 compliant.
|
||
* Added support for ``key_password`` for ``HTTPSConnectionPool`` to use
|
||
encrypted ``key_file`` without creating your own ``SSLContext`` object.
|
||
* Add TLSv1.3 support to CPython, pyOpenSSL, and SecureTransport ``SSLContext``
|
||
implementations. (Pull #1496)
|
||
* Switched the default multipart header encoder from RFC 2231 to HTML 5 working draft.
|
||
* Fixed issue where OpenSSL would block if an encrypted client private key was
|
||
given and no password was given. Instead an ``SSLError`` is raised.
|
||
* Added support for Brotli content encoding. It is enabled automatically if
|
||
``brotlipy`` package is installed which can be requested with
|
||
``urllib3[brotli]`` extra.
|
||
* Drop ciphers using DSS key exchange from default TLS cipher suites.
|
||
Improve default ciphers when using SecureTransport.
|
||
* Implemented a more efficient ``HTTPResponse.__iter__()`` method.
|
||
- Drop urllib3-test-ssl-drop-sslv3.patch . No longer needed
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Apr 18 00:02:07 CEST 2019 - Matej Cepl <mcepl@suse.com>
|
||
|
||
- Update to 1.24.2 (bsc#1132900, CVE-2019-11324):
|
||
- Implemented a more efficient HTTPResponse.__iter__() method.
|
||
(Issue #1483)
|
||
- Upgraded urllib3.utils.parse_url() to be RFC 3986 compliant.
|
||
(Pull #1487)
|
||
- Remove Authorization header regardless of case when
|
||
redirecting to cross-site. (Issue #1510)
|
||
- Added support for key_password for HTTPSConnectionPool to use
|
||
encrypted key_file without creating your own SSLContext
|
||
object. (Pull #1489)
|
||
- Fixed issue where OpenSSL would block if an encrypted client
|
||
private key was given and no password was given. Instead an
|
||
SSLError is raised. (Pull #1489)
|
||
- Require and validate certificates by default when using HTTPS
|
||
(Pull #1507)
|
||
- Added support for Brotli content encoding. It is enabled
|
||
automatically if brotlipy package is installed which can be
|
||
requested with urllib3[brotli] extra. (Pull #1532)
|
||
- Add TLSv1.3 support to CPython, pyOpenSSL, and
|
||
SecureTransport SSLContext implementations. (Pull #1496)
|
||
- Drop ciphers using DSS key exchange from default TLS cipher
|
||
suites. Improve default ciphers when using SecureTransport.
|
||
(Pull #1496)
|
||
- Add support for IPv6 addresses in subjectAltName section of
|
||
certificates. (Issue #1269)
|
||
- Switched the default multipart header encoder from RFC 2231
|
||
to HTML 5 working draft. (Issue #303, PR #1492)
|
||
|
||
-------------------------------------------------------------------
|
||
Sun Dec 30 18:20:59 CET 2018 - mcepl@suse.com
|
||
|
||
- Update to 1.24.1:
|
||
* Remove quadratic behavior within GzipDecoder.decompress()
|
||
(Issue #1467)
|
||
* Restored functionality of ciphers parameter for
|
||
create_urllib3_context(). (Issue #1462)
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Nov 1 14:14:34 UTC 2018 - Tomáš Chvátal <tchvatal@suse.com>
|
||
|
||
- Update to 1.24:
|
||
* Allow key_server_hostname to be specified when initializing a PoolManager to allow custom SNI to be overridden. (Pull #1449)
|
||
* Test against Python 3.7 on AppVeyor. (Pull #1453)
|
||
* Early-out ipv6 checks when running on App Engine. (Pull #1450)
|
||
* Change ambiguous description of backoff_factor (Pull #1436)
|
||
* Add ability to handle multiple Content-Encodings (Issue #1441 and Pull #1442)
|
||
* Skip DNS names that can't be idna-decoded when using pyOpenSSL (Issue #1405).
|
||
* Add a server_hostname parameter to HTTPSConnection which allows for overriding the SNI hostname sent in the handshake. (Pull #1397)
|
||
* Drop support for EOL Python 2.6 (Pull #1429 and Pull #1430)
|
||
* Fixed bug where responses with header Content-Type: message/* erroneously raised HeaderParsingError, resulting in a warning being logged. (Pull #1439)
|
||
* Move urllib3 to src/urllib3 (Pull #1409)
|
||
- Drop patch 1414.patch merged upstream
|
||
- Refresh patches:
|
||
* python-urllib3-recent-date.patch
|
||
* urllib3-ssl-default-context.patch
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Sep 7 14:45:38 CEST 2018 - mcepl@suse.com
|
||
|
||
- Switch to multibuild to minize requirements for providing
|
||
urllib3 module.
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Aug 21 11:39:09 UTC 2018 - dmueller@suse.com
|
||
|
||
- fix dependency again for passing tests for python 2.x
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Aug 20 08:19:15 UTC 2018 - tchvatal@suse.com
|
||
|
||
- Do not use ifpython2 for BRs where it does not work
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Aug 20 08:13:30 UTC 2018 - dmueller@suse.com
|
||
|
||
- add python-ipaddress dependency for python 2.x
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Jul 18 09:19:49 UTC 2018 - tchvatal@suse.com
|
||
|
||
- Drop not needed devel and nose deps
|
||
|
||
-------------------------------------------------------------------
|
||
Sun Jul 15 22:30:26 UTC 2018 - mimi.vx@gmail.com
|
||
|
||
- update to 1.23 (bsc#1119376, CVE-2018-20060)
|
||
- add 1414.patch - fix tests with new tornado
|
||
- refresh python-urllib3-recent-date.patch
|
||
- drop urllib3-test-no-coverage.patch
|
||
* Allow providing a list of headers to strip from requests when redirecting
|
||
to a different host. Defaults to the Authorization header. Different
|
||
headers can be set via Retry.remove_headers_on_redirect.
|
||
* Fix util.selectors._fileobj_to_fd to accept long
|
||
* Dropped Python 3.3 support.
|
||
* Put the connection back in the pool when calling stream()
|
||
or read_chunked() on a chunked HEAD response.
|
||
* Fixed pyOpenSSL-specific ssl client authentication issue when clients
|
||
attempted to auth via certificate + chain
|
||
* Add the port to the connectionpool connect print
|
||
* Don't use the uuid module to create multipart data boundaries.
|
||
* read_chunked() on a closed response returns no chunks.
|
||
* Add Python 2.6 support to contrib.securetransport
|
||
* Added support for auth info in url for SOCKS proxy
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Mar 7 15:52:54 UTC 2018 - aplanas@suse.com
|
||
|
||
- Allows Recommends and Suggest in Fedora
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Feb 27 18:42:40 UTC 2018 - aplanas@suse.com
|
||
|
||
- Recommends only for SUSE
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Feb 12 12:14:42 UTC 2018 - normand@linux.vnet.ibm.com
|
||
|
||
- disable more flaky tests specifically for PowerPC
|
||
|
||
-------------------------------------------------------------------
|
||
Sun Dec 31 14:39:03 UTC 2017 - dimstar@opensuse.org
|
||
|
||
- Add python-urllib3-recent-date.patch: Fix test suite, use correct
|
||
date (gh#shazow/urllib3#1303, boo#1074247).
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Oct 19 11:48:58 UTC 2017 - jmatejek@suse.com
|
||
|
||
- use python3 for detection, in anticipation of python2 removal
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Aug 11 14:55:33 UTC 2017 - toddrme2178@gmail.com
|
||
|
||
- Disable tests that timeout
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Aug 8 06:57:44 UTC 2017 - tbechtold@suse.com
|
||
|
||
- update to 1.22:
|
||
* Fixed missing brackets in ``HTTP CONNECT`` when connecting to IPv6 address via
|
||
IPv6 proxy. (Issue #1222)
|
||
* Made the connection pool retry on ``SSLError``. The original ``SSLError``
|
||
is available on ``MaxRetryError.reason``. (Issue #1112)
|
||
* Drain and release connection before recursing on retry/redirect. Fixes
|
||
deadlocks with a blocking connectionpool. (Issue #1167)
|
||
* Fixed compatibility for cookiejar. (Issue #1229)
|
||
* pyopenssl: Use vendored version of ``six``. (Issue #1231)
|
||
- use pytest for running the tests. That is what upstream is doing
|
||
|
||
-------------------------------------------------------------------
|
||
Sat Jun 10 08:10:33 UTC 2017 - dmueller@suse.com
|
||
|
||
- update to 1.21.1:
|
||
* Fixed SecureTransport issue that would cause long delays in response body
|
||
delivery. (Pull #1154)
|
||
* Fixed regression in 1.21 that threw exceptions when users passed the
|
||
``socket_options`` flag to the ``PoolManager``. (Issue #1165)
|
||
* Fixed regression in 1.21 that threw exceptions when users passed the
|
||
``assert_hostname`` or ``assert_fingerprint`` flag to the ``PoolManager``.
|
||
* Improved performance of certain selector system calls on Python 3.5 and
|
||
later. (Pull #1095)
|
||
* Resolved issue where the PyOpenSSL backend would not wrap SysCallError
|
||
exceptions appropriately when sending data. (Pull #1125)
|
||
* Selectors now detects a monkey-patched select module after import for modules
|
||
that patch the select module like eventlet, greenlet. (Pull #1128)
|
||
* Reduced memory consumption when streaming zlib-compressed responses
|
||
(as opposed to raw deflate streams). (Pull #1129)
|
||
* Connection pools now use the entire request context when constructing the
|
||
pool key. (Pull #1016)
|
||
* ``PoolManager.connection_from_*`` methods now accept a new keyword argument,
|
||
``pool_kwargs``, which are merged with the existing ``connection_pool_kw``.
|
||
* Add retry counter for ``status_forcelist``. (Issue #1147)
|
||
* Added ``contrib`` module for using SecureTransport on macOS:
|
||
``urllib3.contrib.securetransport``. (Pull #1122)
|
||
* urllib3 now only normalizes the case of ``http://`` and ``https://`` schemes:
|
||
for schemes it does not recognise, it assumes they are case-sensitive and
|
||
leaves them unchanged.
|
||
|
||
-------------------------------------------------------------------
|
||
Wed May 17 12:37:11 CEST 2017 - lchiquitto@suse.de
|
||
|
||
- Relax python-nose version requirement on SLE 12 (fate#321630)
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Mar 14 14:34:45 UTC 2017 - jmatejek@suse.com
|
||
|
||
- merge python3 modifications
|
||
- update for multipython build
|
||
- update to 1.20:
|
||
* Added support for waiting for I/O using selectors other than select, improving urllib3’s behaviour with large numbers of concurrent connections. (Pull #1001)
|
||
* Updated the date for the system clock check. (Issue #1005)
|
||
* ConnectionPools now correctly consider hostnames to be case-insensitive. (Issue #1032)
|
||
* Outdated versions of PyOpenSSL now cause the PyOpenSSL contrib module to fail when it is injected, rather than at first use. (Pull #1063)
|
||
* Outdated versions of cryptography now cause the PyOpenSSL contrib module to fail when it is injected, rather than at first use. (Issue #1044)
|
||
* Automatically attempt to rewind a file-like body object when a request is retried or redirected. (Pull #1039)
|
||
* Fix some bugs that occur when modules incautiously patch the queue module. (Pull #1061)
|
||
* Prevent retries from occuring on read timeouts for which the request method was not in the method whitelist. (Issue #1059)
|
||
* Changed the PyOpenSSL contrib module to lazily load idna to avoid unnecessarily bloating the memory of programs that don’t need it. (Pull #1076)
|
||
* Add support for IPv6 literals with zone identifiers. (Pull #1013)
|
||
* Added support for socks5h:// and socks4a:// schemes when working with SOCKS proxies, and controlled remote DNS appropriately. (Issue #1035)
|
||
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Dec 28 08:08:14 UTC 2016 - tbechtold@suse.com
|
||
|
||
update to version 1.19.1
|
||
* Forgot to mention #955.
|
||
* Starting o the user guide.
|
||
* Add ipaddress marker to setup.cfg.
|
||
* CHANGES for #897
|
||
* Version added 1.17
|
||
* Change debug level to 'debug' to match ConnectionPool
|
||
* Moving some stuff to advanced usage.
|
||
* Ignore only the unused import error
|
||
* Uniform checks.
|
||
* Add test for past date in Retry-After header
|
||
* Adding all reference docs
|
||
* Ok, I just gotta see what's going on here.
|
||
* Adding app engine docs
|
||
* Keep using the good OpenSSL
|
||
* Adding timeout section
|
||
* Removing absolute import in NTLMPool
|
||
* Use the good OpenSSL.
|
||
* Small pass at contributing
|
||
* parse_url: Disallow non-integer digits explicitly in port numbers
|
||
* Fixup some whitespace.
|
||
* Updating copy on landing page.
|
||
* Fix flake8 E305 errors
|
||
* Use OS default certs when possible
|
||
* Fleshing out user guide.
|
||
* Fallback to the vendored ipaddress module.
|
||
* Updating intersphinx to python 3.4
|
||
* Seems like version mismatch is the issue.
|
||
* Improve the cipher suite comment
|
||
* Retry backoff time is calculated only from the last consecutive errors sequence
|
||
* Fix a typo in the user guide documentation
|
||
* Update docs guide with new dependencies
|
||
* Tests for #979
|
||
* Remove HIGH cipher suites as well.
|
||
* Adding SSL verification section to user guide.
|
||
* More CHANGES
|
||
* Changes for #1017
|
||
* Changelog for #1009.
|
||
* Vendor a backport of the ipaddress module.
|
||
* CHANGES for 1.19
|
||
* Fixed typos
|
||
* Revert "Fallback to the vendored ipaddress module."
|
||
* Use "with" to close more files eagerly and also on error
|
||
* Addressing review comments
|
||
* First stab at the new index page
|
||
* Removing unneeded scratch file.
|
||
* Fixing some references
|
||
* Moving some stuff around.
|
||
* CR fixes
|
||
* Remove 100% requirement from nosetests.
|
||
* Try using codecov
|
||
* Remove absolute import.
|
||
* Split ciphers up to individual lines.
|
||
* add warning when timeout without total is used on App Engine
|
||
* We don't want a sad @haikuginger
|
||
* RequestHistory is a namedtuple instance.
|
||
* I wonder if we're missing this.
|
||
* Switching to alabaster theme
|
||
* Prefer user-supplied host headers.
|
||
* Try shoving it in tox.ini
|
||
* Add include=urllib3/* to prevent core module coverage through six.moves
|
||
* Pointing flake8 specifically at the urllib3 package
|
||
* CHANGES for #955
|
||
* Sorry PyPy.
|
||
* Add support for ChaCha20.
|
||
* Make Travis CI fail if docs have warnings or errors
|
||
* Added CHANGES entry
|
||
* Test with OpenSSL 1.1 on Mac.
|
||
* Backport Python 3.5 match_hostname function.
|
||
* Wrap lines to under 99 chars
|
||
* Moving docs creation into tox
|
||
* Gotta use the pyenv everywhere.
|
||
* Explicitly check if a value in a multipart header is None instead of just a falsy value
|
||
* Move to a more complex bit of idna handling.
|
||
* Make codecov enforce 100% coverage.
|
||
* Error if GAE_PYTHONPATH is not set when running make test-gae
|
||
* Changes for #258.
|
||
* adding length_remaining functionality to HTTPResponse
|
||
* test TLSv1 instead of SSLv3
|
||
* fixing infinite loop when stream(None) called
|
||
* Adding proxy section
|
||
* Don't forget setup.cfg
|
||
* Removing TODO
|
||
* add changelog for #978
|
||
* Stop testing our parsing via TLS failure.
|
||
* CHANGES for #928
|
||
* Add support for OS X.
|
||
* While I'm shotgun debugging.
|
||
* Merging new release version: 1.19.1
|
||
* Clean up some bugs.
|
||
* Support date in Retry-After header
|
||
* Defer to URLFetch's default timeout instead of hard coding 5s.
|
||
* Update Travis PyPy testing to 5.4
|
||
* Remove 3DES support.
|
||
* Seems like Python 2.6 doesn't like -m pip
|
||
* Adding logging and exceptions.
|
||
* changing conditional order to prefer isclosed over closed
|
||
* Have the 'secure' flag install ipaddress.
|
||
* Respect Retry-After header for redirection
|
||
* Respect Retry-After header
|
||
* Correct the import of urljoin for Python 3
|
||
* use dunder slots for Url class slots variable
|
||
* Update README.rst to better reflect new documentation.
|
||
* Allow PyPy 5.3 to fail
|
||
* updating CHANGES and CONTRIBUTORS
|
||
* Clarifying a few things.
|
||
* Revert "Remove ipaddress marker."
|
||
* Fix GAE_PYTHONPATH error in Makefile
|
||
* Removing symlinks from dummyserver certs to fix test suite on Windows
|
||
* adding in exception for booleans and zero values in timeouts
|
||
* CHANGES for #930
|
||
* add domain and method aware logging to connectionpool (#897)
|
||
* Add release note about #941 (#943)
|
||
* Make HTTPResponse.stream() work with file-like body of non-HTTPResponse type (eg StringIO)
|
||
* Use HTTPException, LifoQueue, Empty, and Full from six
|
||
* CHANGES for #858 and #887
|
||
* Updating links to SSL warning help page. Fixes #918
|
||
* More alabaster customizations, starting on TOC
|
||
* CHANGES for #835
|
||
* It's possible but unlikely that we need combine
|
||
* We actually require cryptography-based PyOpenSSL now.
|
||
* PySocks 1.5.7 causes problems with IPv6.
|
||
* fixing socks and ssl docstrings.
|
||
* Fix doc syntax in user-guide.rst
|
||
* Urllib3 -> urllib3
|
||
* Removing uneeded files.
|
||
* Dear tox: plz propagate env vars. Thanks.
|
||
* Favour our own match_hostname over old versions.
|
||
* Bow before our fruit overlords.
|
||
* enforce_content_length for incrementally read responses
|
||
* fixing incorrect message for IncompleteRead
|
||
* Update setup.cfg
|
||
* Changelog for #986.
|
||
* Spelling fixes
|
||
* Line breaks.
|
||
* Adding docs/requirements.txt for readthedocs.
|
||
* CHANGES for #989.
|
||
* Normalize the scheme and host in the URL parser
|
||
* Update changes for 1.17
|
||
* Changes for #979
|
||
* Changelog update for #947.
|
||
* Update connectionpool.py
|
||
* Make BodyNotHttplibCompatible inherit from HttpError, urllib3's base exception class, only
|
||
* Update changes for 1.18
|
||
* Update PyOpenSSL to not use ndg-httpsclient or pyasn1
|
||
* Retry history changed from list to tuple
|
||
* Add a cert with IP SAN and test for it.
|
||
* parse_retry_after: Disallow non-integer digits, allow whitespace
|
||
* Add failing test for #1009.
|
||
* Remove markers from setup.py.
|
||
* Use Travis supplied PyPy 5.3
|
||
* Support retry for 413, 429 and 503 status code
|
||
* Remove ipaddress marker.
|
||
* Revert "Vendor a backport of the ipaddress module."
|
||
* Adding retry section
|
||
* CVE-2016-9015: Correct set verify flags.
|
||
* Update CHANGES.rst for #911
|
||
* Tests for case-insensitivity in the scheme and host
|
||
* Add changelog for #967.
|
||
* Try updating setuptools.
|
||
* Updating flake8 locations
|
||
* Forward-port 1.18.1 changelog.
|
||
* Update [secure] extra.
|
||
* Add more advanced usage docs
|
||
* CHANGES for #990
|
||
* [contrib/pyopenssl] remove unused ssl_wrap_socket
|
||
* Import more from six
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Sep 1 19:12:32 UTC 2016 - tbechtold@suse.com
|
||
|
||
- update to 1.16:
|
||
* Disable IPv6 DNS when IPv6 connections are not possible. (Issue #840)
|
||
* Provide ``key_fn_by_scheme`` pool keying mechanism that can be
|
||
overridden. (Issue #830)
|
||
* Normalize scheme and host to lowercase for pool keys, and include
|
||
``source_address``. (Issue #830)
|
||
* Cleaner exception chain in Python 3 for ``_make_request``.
|
||
(Issue #861)
|
||
* Fixed installing ``urllib3[socks]`` extra. (Issue #864)
|
||
* Fixed signature of ``ConnectionPool.close`` so it can actually safely be
|
||
called by subclasses. (Issue #873)
|
||
* Retain ``release_conn`` state across retries. (Issues #651, #866)
|
||
* Add customizable ``HTTPConnectionPool.ResponseCls``, which defaults to
|
||
``HTTPResponse`` but can be replaced with a subclass. (Issue #879)
|
||
- Use pypi.io as Source url
|
||
|
||
-------------------------------------------------------------------
|
||
Fri May 20 07:19:50 UTC 2016 - dmueller@suse.com
|
||
|
||
- update to 1.15.1:
|
||
* Fix packaging to include backports module. (Issue #841)
|
||
* Added Retry(raise_on_status=False). (Issue #720)
|
||
* Always use setuptools, no more distutils fallback. (Issue #785)
|
||
* Dropped support for Python 3.2. (Issue #786)
|
||
* Chunked transfer encoding when requesting with ``chunked=True``.
|
||
* Fixed regression with IPv6 port parsing. (Issue #801)
|
||
* Append SNIMissingWarning messages to allow users to specify it in
|
||
the PYTHONWARNINGS environment variable. (Issue #816)
|
||
* Handle unicode headers in Py2. (Issue #818)
|
||
* Log certificate when there is a hostname mismatch. (Issue #820)
|
||
* Preserve order of request/response headers. (Issue #821)
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Mar 2 15:54:26 UTC 2016 - jmatejek@suse.com
|
||
|
||
- change Requires on pyopenssl, pyasn1 into Recommends,
|
||
add ndg-httpsclient as well
|
||
(these are dependencies of urrlib3's pyopenssl module, which can be
|
||
used if native python's ssl capabilities are not good enough)
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Feb 11 13:55:13 UTC 2016 - aplanas@suse.com
|
||
|
||
- Update 1.14 source tar.gz from the source
|
||
* Rebase urllib3-test-no-coverage.patch
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Jan 5 14:40:22 UTC 2016 - hpj@urpla.net
|
||
|
||
- Update to Version 1.14 (2015-12-29)
|
||
* contrib: SOCKS proxy support! (Issue #762)
|
||
* Fixed AppEngine handling of transfer-encoding header and bug in
|
||
Timeout defaults checking. (Issue #763)
|
||
- Update to Version 1.13.1 (2015-12-18)
|
||
* Fixed regression in IPv6 + SSL for match_hostname. (Issue #761)
|
||
- Update to Version 1.13 (2015-12-14)
|
||
* Fixed pip install urllib3[secure] on modern pip. (Issue #706)
|
||
* pyopenssl: Fixed SSL3_WRITE_PENDING error. (Issue #717)
|
||
* pyopenssl: Support for TLSv1.1 and TLSv1.2. (Issue #696)
|
||
* Close connections more defensively on exception. (Issue #734)
|
||
* Adjusted read_chunked to handle gzipped, chunk-encoded bodies
|
||
without repeatedly flushing the decoder, to function better on
|
||
Jython. (Issue #743)
|
||
* Accept ca_cert_dir for SSL-related PoolManager configuration.
|
||
(Issue #758)
|
||
|
||
- removed ready-event.patch: applied upstream
|
||
- disabled more dysfunctional tests
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Nov 16 17:31:38 UTC 2015 - hpj@urpla.net
|
||
|
||
- restored ability to build with openSUSE <= 13.2
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Oct 27 16:33:44 UTC 2015 - jmatejek@suse.com
|
||
|
||
- removed python-certifi dependency, we don't want to use it
|
||
- drop 0001-Don-t-pin-dependency-to-exact-version.patch because it's
|
||
not needed anymore
|
||
- re-enable tests, re-add relevant dependencies
|
||
* don't exclude test_util.py
|
||
* exclude proxy timeout tests that fail for spurious reasons
|
||
- urllib3-ssl-default-context.patch - use set_default_verify_paths()
|
||
if no certificate path specified and verification not explicitly
|
||
disabled
|
||
- urllib3-test-ssl-drop-sslv3.patch - don't use "SSLv3" constants
|
||
in python 2.7.9 and up
|
||
- ready-event.patch - fix race conditions in timeout tests
|
||
- drop %pre section because apparently "egg-info as file" is no longer
|
||
true and this breaks builds
|
||
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Oct 14 09:35:30 UTC 2015 - toddrme2178@gmail.com
|
||
|
||
- Delete the system egg-info during pre phase: older versions of
|
||
the package installed it as a directory, the latest update
|
||
creates a file, and rpm has known issues with replacing this.
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Oct 6 15:03:05 UTC 2015 - hpj@urpla.net
|
||
|
||
- add python-pyOpenSSL, python-certifi and python-pyasn1 requirements
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Oct 6 12:46:25 UTC 2015 - hpj@urpla.net
|
||
|
||
- Comment out test requirements, as tests are disabled anyway, and
|
||
one of these packages depend on python-requests, which depends on
|
||
this package resulting in a circular dependency for openSUSE <= 13.1
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Sep 25 11:24:49 UTC 2015 - p.drouand@gmail.com
|
||
|
||
- Update to version 1.12
|
||
* Rely on six for importing httplib to work around conflicts with
|
||
other Python 3 shims. (Issue #688)
|
||
* Add support for directories of certificate authorities, as
|
||
supported by OpenSSL. (Issue #701)
|
||
* New exception: NewConnectionError, raised when we fail to
|
||
establish a new connection, usually ECONNREFUSED socket error.
|
||
- Fix version dependencies
|
||
- Add new build requirements following upstream changes
|
||
* python-nose-exclude
|
||
* python-tox
|
||
* python-twine
|
||
* python-wheel
|
||
- Update 0001-Don-t-pin-dependency-to-exact-version.patch
|
||
- Disable tests for now, as there require network
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Sep 11 12:38:13 UTC 2014 - toddrme2178@gmail.com
|
||
|
||
- Remove upstreamed 0001-Don-t-install-dummyserver-into-site-packages.patch
|
||
- Rebase 0001-Don-t-pin-dependency-to-exact-version.patch and
|
||
urllib3-test-no-coverage.patch
|
||
- Update to version 1.9 (2014-07-04)
|
||
* Shuffled around development-related files.
|
||
If you're maintaining a distro package of urllib3, you may need
|
||
to tweak things. (Issue #415)
|
||
* Unverified HTTPS requests will trigger a warning on the first
|
||
request. See our new security documentation for details.
|
||
(Issue #426)
|
||
* New retry logic and urllib3.util.retry.Retry configuration
|
||
object. (Issue #326)
|
||
* All raised exceptions should now wrapped in a
|
||
urllib3.exceptions.HTTPException-extending exception.
|
||
(Issue #326)
|
||
* All errors during a retry-enabled request should be wrapped in
|
||
urllib3.exceptions.MaxRetryError, including timeout-related
|
||
exceptions which were previously exempt. Underlying error is
|
||
accessible from the .reason propery. (Issue #326)
|
||
* urllib3.exceptions.ConnectionError renamed to
|
||
urllib3.exceptions.ProtocolError. (Issue #326)
|
||
* Errors during response read (such as IncompleteRead) are now
|
||
wrapped in urllib3.exceptions.ProtocolError. (Issue #418)
|
||
* Requesting an empty host will raise
|
||
urllib3.exceptions.LocationValueError. (Issue #417)
|
||
* Catch read timeouts over SSL connections as
|
||
urllib3.exceptions.ReadTimeoutError. (Issue #419)
|
||
* Apply socket arguments before connecting. (Issue #427)
|
||
- Update to version 1.8.3 (2014-06-23)
|
||
* Fix TLS verification when using a proxy in Python 3.4.1.
|
||
(Issue #385)
|
||
* Add disable_cache option to urllib3.util.make_headers.
|
||
(Issue #393)
|
||
* Wrap socket.timeout exception with
|
||
urllib3.exceptions.ReadTimeoutError. (Issue #399)
|
||
* Fixed proxy-related bug where connections were being reused
|
||
incorrectly. (Issues #366, #369)
|
||
* Added socket_options keyword parameter which allows to define
|
||
setsockopt configuration of new sockets. (Issue #397)
|
||
* Removed HTTPConnection.tcp_nodelay in favor of
|
||
HTTPConnection.default_socket_options. (Issue #397)
|
||
* Fixed TypeError bug in Python 2.6.4. (Issue #411)
|
||
- Update to version 1.8.2 (2014-04-17)
|
||
* Fix urllib3.util not being included in the package.
|
||
- Update to version 1.8.1 (2014-04-17)
|
||
* Fix AppEngine bug of HTTPS requests going out as HTTP.
|
||
(Issue #356)
|
||
* Don't install dummyserver into site-packages as it's only
|
||
needed for the test suite. (Issue #362)
|
||
* Added support for specifying source_address. (Issue #352)
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Mar 20 15:18:55 UTC 2014 - speilicke@suse.com
|
||
|
||
- Update to version 1.8:
|
||
* Improved url parsing in urllib3.util.parse_url (properly parse '@' in
|
||
username, and blank ports like 'hostname:').
|
||
* New urllib3.connection module which contains all the HTTPConnection
|
||
objects.
|
||
* Several urllib3.util.Timeout-related fixes. Also changed constructor
|
||
signature to a more sensible order. [Backwards incompatible]
|
||
(Issues #252, #262, #263)
|
||
* Use backports.ssl_match_hostname if it's installed. (Issue #274)
|
||
* Added .tell() method to urllib3.response.HTTPResponse which
|
||
returns the number of bytes read so far. (Issue #277)
|
||
* Support for platforms without threading. (Issue #289)
|
||
* Expand default-port comparison in HTTPConnectionPool.is_same_host
|
||
to allow a pool with no specified port to be considered equal to to an
|
||
HTTP/HTTPS url with port 80/443 explicitly provided. (Issue #305)
|
||
* Improved default SSL/TLS settings to avoid vulnerabilities.
|
||
(Issue #309)
|
||
* Fixed urllib3.poolmanager.ProxyManager not retrying on connect errors.
|
||
(Issue #310)
|
||
* Disable Nagle's Algorithm on the socket for non-proxies. A subset of requests
|
||
will send the entire HTTP request ~200 milliseconds faster; however, some of
|
||
the resulting TCP packets will be smaller. (Issue #254)
|
||
* Increased maximum number of SubjectAltNames in urllib3.contrib.pyopenssl
|
||
from the default 64 to 1024 in a single certificate. (Issue #318)
|
||
* Headers are now passed and stored as a custom
|
||
urllib3.collections_.HTTPHeaderDict object rather than a plain dict.
|
||
(Issue #329, #333)
|
||
* Headers no longer lose their case on Python 3. (Issue #236)
|
||
* urllib3.contrib.pyopenssl now uses the operating system's default CA
|
||
certificates on inject. (Issue #332)
|
||
* Requests with retries=False will immediately raise any exceptions without
|
||
wrapping them in MaxRetryError. (Issue #348)
|
||
* Fixed open socket leak with SSL-related failures. (Issue #344, #348)
|
||
- Run testsuite (without coverage)
|
||
+ urllib3-test-no-coverage.patch
|
||
- Fix superfluous dependencies and allow later version
|
||
+ 0001-Don-t-pin-dependency-to-exact-version.patch
|
||
- Drop dummyserver module, this really is documentation
|
||
+ 0001-Don-t-install-dummyserver-into-site-packages.patch
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Nov 15 21:32:46 UTC 2013 - p.drouand@gmail.com
|
||
|
||
- Update to version 1.7.1
|
||
+ Added granular timeout support with new urllib3.util.Timeout class.
|
||
(Issue #231)
|
||
+ Fixed Python 3.4 support. (Issue #238)
|
||
- Changes from 1.7
|
||
+ More exceptions are now pickle-able, with tests. (Issue #174)
|
||
+ Fixed redirecting with relative URLs in Location header. (Issue #178)
|
||
+ Support for relative urls in Location: ... header. (Issue #179)
|
||
+ urllib3.response.HTTPResponse now inherits from io.IOBase for bonus
|
||
file-like functionality. (Issue #187)
|
||
+ Passing assert_hostname=False when creating a HTTPSConnectionPool will
|
||
skip hostname verification for SSL connections. (Issue #194)
|
||
+ New method urllib3.response.HTTPResponse.stream(...) which acts as a
|
||
generator wrapped around .read(...). (Issue #198)
|
||
+ IPv6 url parsing enforces brackets around the hostname. (Issue #199)
|
||
+ Fixed thread race condition in
|
||
urllib3.poolmanager.PoolManager.connection_from_host(...) (Issue #204)
|
||
+ ProxyManager requests now include non-default port in Host: ...
|
||
header. (Issue #217)
|
||
+ Added HTTPS proxy support in ProxyManager. (Issue #170 #139)
|
||
+ New RequestField object can be passed to the fields=... param which
|
||
can specify headers. (Issue #220)
|
||
+ Raise urllib3.exceptions.ProxyError when connecting to proxy fails.
|
||
(Issue #221)
|
||
+ Use international headers when posting file names. (Issue #119)
|
||
+ Improved IPv6 support. (Issue #203)
|
||
- Add documentation from tarball
|
||
|
||
-------------------------------------------------------------------
|
||
Sun Jul 14 04:51:43 UTC 2013 - alexandre@exatati.com.br
|
||
|
||
- Initial package (1.6) for openSUSE.
|