diff --git a/gunicorn-21.2.0.tar.gz b/gunicorn-21.2.0.tar.gz deleted file mode 100644 index 3a43b00..0000000 --- a/gunicorn-21.2.0.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:88ec8bff1d634f98e61b9f65bc4bf3cd918a90806c6f5c48bc5603849ec81033 -size 3632557 diff --git a/gunicorn-22.0.0.tar.gz b/gunicorn-22.0.0.tar.gz new file mode 100644 index 0000000..4f4cf4e --- /dev/null +++ b/gunicorn-22.0.0.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:4a0b436239ff76fb33f11c07a16482c521a7e09c1ce3cc293c2330afe01bec63 +size 3639760 diff --git a/python-gunicorn.changes b/python-gunicorn.changes index 31e1002..6ade59d 100644 --- a/python-gunicorn.changes +++ b/python-gunicorn.changes @@ -1,3 +1,41 @@ +------------------------------------------------------------------- +Wed Apr 17 12:43:25 UTC 2024 - Markéta Machová + +- Update to 22.0.0 + * use `utime` to notify workers liveness + * migrate setup to pyproject.toml + * fix numerous security vulnerabilities in HTTP parser (closing some + request smuggling vectors) + * parsing additional requests is no longer attempted past unsupported + request framing + * on HTTP versions < 1.1 support for chunked transfer is refused + * requests conflicting configured or passed SCRIPT_NAME now produce + a verbose error + * Trailer fields are no longer inspected for headers indicating secure + scheme + * support Python 3.12 +** Breaking changes ** + * minimum version is Python 3.7 + * the limitations on valid characters in the HTTP method have been bounded + to Internet Standards + * requests specifying unsupported transfer coding (order) are refused by + default (rare) + * HTTP methods are no longer casefolded by default (IANA method registry + contains none affected) + * HTTP methods containing the number sign (#) are no longer accepted by + default (rare) + * HTTP versions < 1.0 or >= 2.0 are no longer accepted by default (rare) + * HTTP versions consisting of multiple digits or containing a prefix/suffix + are no longer accepted + * HTTP header field names Gunicorn cannot safely map to variables are silently + dropped, as in other software + * HTTP headers with empty field name are refused by default + * requests with both Transfer-Encoding and Content-Length are refused by default + (such a message might indicate an attempt to perform request smuggling) + * empty transfer codings are no longer permitted +** SECURITY ** + * fix CVE-2024-1135 (bsc#1222950) + ------------------------------------------------------------------- Mon Jan 8 23:05:51 UTC 2024 - Matej Cepl diff --git a/python-gunicorn.spec b/python-gunicorn.spec index b40c46b..0ca54b1 100644 --- a/python-gunicorn.spec +++ b/python-gunicorn.spec @@ -1,5 +1,5 @@ # -# spec file +# spec file for package python-gunicorn # # Copyright (c) 2024 SUSE LLC # @@ -27,19 +27,20 @@ %define skip_python2 1 %{?sle15_python_module_pythons} Name: python-gunicorn%{psuffix} -Version: 21.2.0 +Version: 22.0.0 Release: 0 Summary: WSGI HTTP Server for UNIX License: MIT Group: Development/Languages/Python URL: https://gunicorn.org Source: https://files.pythonhosted.org/packages/source/g/gunicorn/gunicorn-%{version}.tar.gz -BuildRequires: %{python_module importlib_metadata} +BuildRequires: %{python_module pip} BuildRequires: %{python_module setuptools >= 3.0} +BuildRequires: %{python_module wheel} BuildRequires: fdupes BuildRequires: python-rpm-macros Requires(post): update-alternatives -Requires(postun):update-alternatives +Requires(postun): update-alternatives Suggests: python-evenlet Suggests: python-gevent Suggests: python-gthread @@ -56,6 +57,7 @@ BuildRequires: python3-Sphinx BuildRequires: %{python_module eventlet} BuildRequires: %{python_module gevent >= 1.4} BuildRequires: %{python_module gunicorn} +BuildRequires: %{python_module pytest-cov} BuildRequires: %{python_module pytest} %endif %python_subpackages @@ -95,11 +97,11 @@ sed -i -e 's/--cov[^ ]*//' -e 's/--cov-report[^ ]*//' setup.cfg %else # without test %build -%python_build +%pyproject_wheel sphinx-build -b html -d docs/build/doctrees docs/source docs/build/html %install -%python_install +%pyproject_install %python_clone -a %{buildroot}%{_bindir}/gunicorn %python_expand %fdupes %{buildroot}%{$python_sitelib}