pool/python-Twisted
SHA256
17
0
Fork 2
Code Issues Pull Requests Activity

Accepting request 984263 from home:bnavigator:branches:devel:languages:python

Browse Source 
- Update to 22.4.0
  * twisted.python.failure.Failure tracebacks now capture module
    information, improving compatibility with the Raven Sentry
    client. (#7796)
  * twisted.python.failure.Failure objects are now compatible with
    dis.distb, improving compatibility with post-mortem debuggers.
    (#9599)
  * twisted.internet.interfaces.IReactorSSL.listenSSL now has
    correct type annotations. (#10274)
  * twisted.internet.test.test_glibbase.GlibReactorBaseTests now
    passes. (#10317)
  * Conch
    - twisted.conch.ssh now supports using RSA keys with SHA-2
      signatures (RFC 8332) when acting as a server.  The
      rsa-sha2-512 and rsa-sha2-256 public key signature algorithms
      are automatically preferred over ssh-rsa if the client
      advertises support for them; the actual public keys do not
      need to change. (#9765)
    - twisted.conch.ssh now has an alternative Ed25519
      implementation using PyNaCl, in order to support platforms
      that lack OpenSSL >= 1.1.1b.  The new "conch_nacl" extra has
      the necessary dependency. (#10208)
  * Web
    - Twisted is now compatible with h2 4.x.x. (#10182)
    - twisted.web.http had several several defects in HTTP request
      parsing that could permit HTTP request smuggling. It now
      disallows signed Content-Length headers, forbids illegal
      characters in chunked extensions, forbids a ``0x`` prefix to
      chunk lengths, and only strips spaces and horizontal tab
      characters from header values. These changes address
      CVE-2022-24801 and GHSA-c2jg-hw38-jrqq. (#10323)
  * Mail
    - twisted.mail.pop3.APOPCredentials is now correctly marked as
      implementing twisted.cred.credentials.IUsernamHashedPassword,
      rather than IUsernamePassword. (#10305)
  * Trial
    - `trial --until-failure --jobs=N` now reports the number of
      each test pass as it begins. (#10312)
    - twisted.trial.unittest.TestCase now discards cleanup
      functions after running them. Notably, this prevents them
      from being run an ever growing number of times with trial -u
      .... (#10320)
- Drop CVE-2022-24801-http-1.1-leniency.patch fixed upstream
- Refresh remove-dependency-version-upper-bounds.patch
- Move extra_requires optional dependencies to meta sub packages
- Create :test multibuild flavor

OBS-URL: https://build.opensuse.org/request/show/984263
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Twisted?expand=0&rev=123
This commit is contained in:
Matej Cepl
2022-06-22 06:14:46 +00:00
committed by Git OBS Bridge
parent 534ec06016
commit 80e06e30ed
8 changed files with 219 additions and 738 deletions
Download Patch File Download Diff File Expand all files Collapse all files

50
python-Twisted.changes
View File

@@ -1,3 +1,53 @@
-------------------------------------------------------------------
Tue Jun 21 18:08:20 UTC 2022 - Ben Greiner <code@bnavigator.de>
- Update to 22.4.0
* twisted.python.failure.Failure tracebacks now capture module
information, improving compatibility with the Raven Sentry
client. (#7796)
* twisted.python.failure.Failure objects are now compatible with
dis.distb, improving compatibility with post-mortem debuggers.
(#9599)
* twisted.internet.interfaces.IReactorSSL.listenSSL now has
correct type annotations. (#10274)
* twisted.internet.test.test_glibbase.GlibReactorBaseTests now
passes. (#10317)
* Conch
- twisted.conch.ssh now supports using RSA keys with SHA-2
signatures (RFC 8332) when acting as a server. The
rsa-sha2-512 and rsa-sha2-256 public key signature algorithms
are automatically preferred over ssh-rsa if the client
advertises support for them; the actual public keys do not
need to change. (#9765)
- twisted.conch.ssh now has an alternative Ed25519
implementation using PyNaCl, in order to support platforms
that lack OpenSSL >= 1.1.1b. The new "conch_nacl" extra has
the necessary dependency. (#10208)
* Web
- Twisted is now compatible with h2 4.x.x. (#10182)
- twisted.web.http had several several defects in HTTP request
parsing that could permit HTTP request smuggling. It now
disallows signed Content-Length headers, forbids illegal
characters in chunked extensions, forbids a ``0x`` prefix to
chunk lengths, and only strips spaces and horizontal tab
characters from header values. These changes address
CVE-2022-24801 and GHSA-c2jg-hw38-jrqq. (#10323)
* Mail
- twisted.mail.pop3.APOPCredentials is now correctly marked as
implementing twisted.cred.credentials.IUsernamHashedPassword,
rather than IUsernamePassword. (#10305)
* Trial
- `trial --until-failure --jobs=N` now reports the number of
each test pass as it begins. (#10312)
- twisted.trial.unittest.TestCase now discards cleanup
functions after running them. Notably, this prevents them
from being run an ever growing number of times with trial -u
.... (#10320)
- Drop CVE-2022-24801-http-1.1-leniency.patch fixed upstream
- Refresh remove-dependency-version-upper-bounds.patch
- Move extra_requires optional dependencies to meta sub packages
- Create :test multibuild flavor
-------------------------------------------------------------------
Wed May 4 06:39:10 UTC 2022 - Steve Kowalik <steven.kowalik@suse.com>