baserev update by copy to link target

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-gevent?expand=0&rev=101
2023-09-22 19:46:56 +00:00 · 2023-09-22 19:46:56 +00:00 · ea60906717
commit ea60906717
parent 61d106a577
1 changed files with 0 additions and 40 deletions
--- a/python-gevent.changes
+++ b/python-gevent.changes
@ -1,46 +1,6 @@
 -------------------------------------------------------------------
 Mon Sep 18 19:07:56 UTC 2023 - Dirk Müller <dmueller@suse.com>

- update to 23.9.0 (CVE-2023-41419):
-  * Make ``gevent.select.select`` accept arbitrary iterables, not
-    just sequences. That is, you can now pass in a generator of file
-    descriptors instead of a realized list. Internally, arbitrary
-    iterables are copied into lists. This better matches what the
-    standard library does.
-  * On Python 3.11 and newer, opt out of Cython's fast exception
-    manipulation, which *may* be causing problems in certain
-    circumstances when combined with greenlets.
-  * On all versions of Python, adjust some error handling in the
-    default * -based loop. This fixes several assertion failures
-    on debug versions of CPython. Hopefully it has a positive
-    impact under real conditions.
-  * Make ``gevent.pywsgi`` comply more closely with the HTTP
-    specification for chunked transfer encoding. In particular,
-    we are much stricter about trailers, and trailers that are
-    invalid (too long or featuring disallowed characters) forcibly
-    close the connection to the client *after* the results have
-    been sent.
-  * Trailers otherwise continue to be ignored and are not
-    available to the WSGI application.
-    Previously, carefully crafted invalid trailers in chunked
-    requests on keep-alive connections might appear as two
-    requests to ``gevent.pywsgi``. Because this was handled
-    exactly as a normal keep-alive connection with two requests,
-    the WSGI application should handle it normally. However, if
-    you were counting on some upstream server to filter incoming
-    requests based on paths or header fields, and the upstream
-    server simply passed trailers through without
-    validating them, then this embedded second request would
-    bypass those checks.
-    (If the upstream server validated that the trailers
-    meet the* HTTP specification, this could not occur,
-    because characters that are required in an HTTP request,
-    like a space, are not allowed in trailers.) CVE-2023-41419
-    was reserved for this.
-
-------------------------------------------------------------------
-Mon Sep 18 19:07:56 UTC 2023 - Dirk Müller <dmueller@suse.com>
-
 - update to 23.9.0 (bsc#1215469, CVE-2023-41419):
  * Make ``gevent.select.select`` accept arbitrary iterables, not
    just sequences. That is, you can now pass in a generator of file