- update to 4.6.2:

* A vulnerability (CVE-2020-27783) was discovered in the HTML Cleaner by Yaniv Nizry,
  which allowed JavaScript to pass through.  The cleaner now removes more sneaky
  "style" content.
* A vulnerability was discovered in the HTML Cleaner by Yaniv Nizry, which allowed
  JavaScript to pass through.  The cleaner now removes more sneaky "style" content.
* GH#310: ``lxml.html.InputGetter`` supports ``__len__()`` to count the number of input fields.
  Patch by Aidan Woolley.
* ``lxml.html.InputGetter`` has a new ``.items()`` method to ease processing all input fields.
* ``lxml.html.InputGetter.keys()`` now returns the field names in document order.
* GH-309: The API documentation is now generated using ``sphinx-apidoc``.
* LP#1869455: C14N 2.0 serialisation failed for unprefixed attributes
  when a default namespace was defined.
* ``TreeBuilder.close()`` raised ``AssertionError`` in some error cases where it
  should have raised ``XMLSyntaxError``.  It now raises a combined exception to
  keep up backwards compatibility, while switching to ``XMLSyntaxError`` as an
  interface.

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-lxml?expand=0&rev=143

lxml-4.5.2.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:cdc13a1682b2a6241080745b1953719e7fe0850b40a5c71ca574f090a1391df6
-size 4547051

lxml-4.6.2.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:cd11c7e8d21af997ee8079037fff88f16fda188a9776eb4b81c7e4c9c0a7d7fc
+size 3177310

python-lxml.changes

@@ -1,3 +1,24 @@
+-------------------------------------------------------------------
+Sun Jan 24 10:21:16 UTC 2021 - Dirk Müller <dmueller@suse.com>
+
+- update to 4.6.2:
+* A vulnerability (CVE-2020-27783) was discovered in the HTML Cleaner by Yaniv Nizry,
+  which allowed JavaScript to pass through.  The cleaner now removes more sneaky
+  "style" content.
+* A vulnerability was discovered in the HTML Cleaner by Yaniv Nizry, which allowed
+  JavaScript to pass through.  The cleaner now removes more sneaky "style" content.
+* GH#310: ``lxml.html.InputGetter`` supports ``__len__()`` to count the number of input fields.
+  Patch by Aidan Woolley.
+* ``lxml.html.InputGetter`` has a new ``.items()`` method to ease processing all input fields.
+* ``lxml.html.InputGetter.keys()`` now returns the field names in document order.
+* GH-309: The API documentation is now generated using ``sphinx-apidoc``.
+* LP#1869455: C14N 2.0 serialisation failed for unprefixed attributes
+  when a default namespace was defined.
+* ``TreeBuilder.close()`` raised ``AssertionError`` in some error cases where it
+  should have raised ``XMLSyntaxError``.  It now raises a combined exception to
+  keep up backwards compatibility, while switching to ``XMLSyntaxError`` as an
+  interface.
+
 -------------------------------------------------------------------
 Fri Jul 17 07:30:50 UTC 2020 - Dirk Mueller <dmueller@suse.com>
 

python-lxml.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package python-lxml
 #
-# Copyright (c) 2020 SUSE LLC
+# Copyright (c) 2021 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -18,14 +18,14 @@
 
 %{?!python_module:%define python_module() python-%{**} python3-%{**}}
 Name:           python-lxml
-Version:        4.5.2
+Version:        4.6.2
 Release:        0
 Summary:        Pythonic XML processing library
 License:        BSD-3-Clause AND GPL-2.0-or-later
 Group:          Development/Languages/Python
 URL:            https://lxml.de/
 Source0:        https://files.pythonhosted.org/packages/source/l/lxml/lxml-%{version}.tar.gz
-Source1:        https://lxml.de/lxmldoc-%{version}.pdf
+Source1:        https://lxml.de/lxmldoc-4.5.2.pdf
 BuildRequires:  %{python_module Cython >= 0.29.7}
 BuildRequires:  %{python_module cssselect >= 0.9.1}
 BuildRequires:  %{python_module setuptools >= 18.0.1}