pool/python-requests
SHA256
3
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 298170 from home:Nijel:branches:devel:languages:python

Browse Source 
- Update to 2.6.0:
  - Fix handling of cookies on redirect. Previously a cookie without a host
    value set would use the hostname for the redirected URL exposing requests
    users to session fixation attacks and potentially cookie stealing. This was
    disclosed privately by Matthew Daley of `BugFuzz <https://bugfuzz.com>`_.
    An CVE identifier has not yet been assigned for this. This affects all
    versions of requests from v2.1.0 to v2.5.3 (inclusive on both ends).
  - Fix error when requests is an ``install_requires`` dependency and ``python
    setup.py test`` is run. (#2462)
  - Fix error when urllib3 is unbundled and requests continues to use the
    vendored import location.
  - Include fixes to ``urllib3``'s header handling.
  - Requests' handling of unvendored dependencies is now more restrictive.
  - Support bytearrays when passed as parameters in the ``files`` argument.
    (#2468)
  - Avoid data duplication when creating a request with ``str``, ``bytes``, or
    ``bytearray`` input to the ``files`` argument.
  - Revert changes to our vendored certificate bundle. For more context see
    (#2455, #2456, and http://bugs.python.org/issue23476)

OBS-URL: https://build.opensuse.org/request/show/298170
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-requests?expand=0&rev=55
This commit is contained in:
Michal Čihař 2015-04-20 13:28:20 +00:00 committed by Git OBS Bridge
parent 9da88b8272
commit aa19bbd525
4 changed files with 27 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
python-requests.changes
View File

@ -1,3 +1,26 @@
-------------------------------------------------------------------
Mon Apr 20 12:25:21 UTC 2015 - mcihar@suse.cz
- Update to 2.6.0:
- Fix handling of cookies on redirect. Previously a cookie without a host
value set would use the hostname for the redirected URL exposing requests
users to session fixation attacks and potentially cookie stealing. This was
disclosed privately by Matthew Daley of `BugFuzz <https://bugfuzz.com>`_.
An CVE identifier has not yet been assigned for this. This affects all
versions of requests from v2.1.0 to v2.5.3 (inclusive on both ends).
- Fix error when requests is an ``install_requires`` dependency and ``python
setup.py test`` is run. (#2462)
- Fix error when urllib3 is unbundled and requests continues to use the
vendored import location.
- Include fixes to ``urllib3``'s header handling.
- Requests' handling of unvendored dependencies is now more restrictive.
- Support bytearrays when passed as parameters in the ``files`` argument.
(#2468)
- Avoid data duplication when creating a request with ``str``, ``bytes``, or
``bytearray`` input to the ``files`` argument.
- Revert changes to our vendored certificate bundle. For more context see
(#2455, #2456, and http://bugs.python.org/issue23476)
-------------------------------------------------------------------
Tue Feb 24 13:04:17 UTC 2015 - tbechtold@suse.com

2
python-requests.spec
View File

@ -17,7 +17,7 @@
Name: python-requests
Version: 2.5.2
Version: 2.6.0
Release: 0
Url: http://python-requests.org
Summary: Awesome Python HTTP Library That's Actually Usable

3
requests-2.5.2.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:306ead91d47a48b6a25d495d2495de99694641bd7d2cac5bcc405a8837c7a612
size 455688

3
requests-2.6.0.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:1cdbed1f0e236f35ef54e919982c7a338e4fea3786310933d3a7887a04b74d75
size 450389