pool/python-jupyter-server
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

- Update to 2.11.2: Fix GHSA-h56g-gq9v-vc8r, CVE-2023-49080,

Browse Source 
boo#1217809
  * Unhandled errors in API requests include traceback information,
    which can include path information. There is no known mechanism
    by which to trigger these errors without authentication, so the
    paths revealed are not considered particularly sensitive, given
    that the requesting user has arbitrary execution permissions
    already in the same environment.
  * jupyter-server no longer includes traceback information in JSON
    error responses. For compatibility, the traceback field is
    present, but always empty.
- Release 2.11.1
  * avoid unhandled error on some invalid paths #1369 (@minrk)
  * Change md5 to hash and hash_algorithm, fix incompatibility
    #1367 (@Wh1isper)

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:jupyter/python-jupyter-server?expand=0&rev=79
This commit is contained in:
Benjamin Greiner 2023-12-05 10:04:58 +00:00 committed by Git OBS Bridge
parent c228aefe16
commit c696cbc19a
4 changed files with 23 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
jupyter_server-2.11.0.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:78c97ec8049f9062f0151725bc8a1364dfed716646a66819095e0e8a24793eba
size 710596

3
jupyter_server-2.11.2.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:0c99f9367b0f24141e527544522430176613f9249849be80504c6d2b955004bb
size 712617

19
python-jupyter-server.changes
View File

@ -1,3 +1,22 @@
-------------------------------------------------------------------
Tue Dec 5 09:59:47 UTC 2023 - Ben Greiner <code@bnavigator.de>
- Update to 2.11.2: Fix GHSA-h56g-gq9v-vc8r, CVE-2023-49080,
boo#1217809
* Unhandled errors in API requests include traceback information,
which can include path information. There is no known mechanism
by which to trigger these errors without authentication, so the
paths revealed are not considered particularly sensitive, given
that the requesting user has arbitrary execution permissions
already in the same environment.
* jupyter-server no longer includes traceback information in JSON
error responses. For compatibility, the traceback field is
present, but always empty.
- Release 2.11.1
* avoid unhandled error on some invalid paths #1369 (@minrk)
* Change md5 to hash and hash_algorithm, fix incompatibility
#1367 (@Wh1isper)
-------------------------------------------------------------------
Sun Nov 26 16:16:36 UTC 2023 - Ben Greiner <code@bnavigator.de>

2
python-jupyter-server.spec
View File

@ -32,7 +32,7 @@
%endif
Name: python-jupyter-server%{psuffix}
Version: 2.11.0
Version: 2.11.2
Release: 0
Summary: The backend to Jupyter web applications
License: BSD-3-Clause