pool/python-Werkzeug
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

- Update to 3.0.1:

Browse Source 
* Fix slow multipart parsing for large parts potentially enabling DoS
    attacks. (CVE-2023-46136, bsc#1216581)
  * Remove previously deprecated code.
  * Deprecate the ``__version__`` attribute. Use feature detection, or
    ``importlib.metadata.version("werkzeug")``, instead.
  * ``generate_password_hash`` uses scrypt by default.
  * Add the ``"werkzeug.profiler"`` item to the  WSGI ``environ`` dictionary
    passed to `ProfilerMiddleware`'s `filename_format` function. It contains
    the ``elapsed`` and ``time`` values for the profiled request.
  * Explicitly marked the PathConverter as non path isolating.

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Werkzeug?expand=0&rev=90
This commit is contained in:
Steve Kowalik 2023-10-27 03:09:03 +00:00 committed by Git OBS Bridge
parent 0a891ec61f
commit 1b4d2b0ee2
4 changed files with 19 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
python-Werkzeug.changes
View File

@ -1,3 +1,18 @@
-------------------------------------------------------------------
Fri Oct 27 03:06:50 UTC 2023 - Steve Kowalik <steven.kowalik@suse.com>
- Update to 3.0.1:
* Fix slow multipart parsing for large parts potentially enabling DoS
attacks. (CVE-2023-46136, bsc#1216581)
* Remove previously deprecated code.
* Deprecate the ``__version__`` attribute. Use feature detection, or
``importlib.metadata.version("werkzeug")``, instead.
* ``generate_password_hash`` uses scrypt by default.
* Add the ``"werkzeug.profiler"`` item to the WSGI ``environ`` dictionary
passed to `ProfilerMiddleware`'s `filename_format` function. It contains
the ``elapsed`` and ``time`` values for the profiled request.
* Explicitly marked the PathConverter as non path isolating.
-------------------------------------------------------------------
Mon Sep 25 02:04:19 UTC 2023 - Steve Kowalik <steven.kowalik@suse.com>

2
python-Werkzeug.spec
View File

@ -27,7 +27,7 @@
%{?sle15_python_module_pythons}
Name: python-Werkzeug%{psuffix}
Version: 2.3.7
Version: 3.0.1
Release: 0
Summary: The Swiss Army knife of Python web development
License: BSD-3-Clause

3
werkzeug-2.3.7.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:2b8c0e447b4b9dbcc85dd97b6eeb4dcbaf6c8b6c3be0bd654e25553e0a2157d8
size 819625

BIN
werkzeug-3.0.1.tar.gz (Stored with Git LFS) Normal file
View File

Binary file not shown.