python-requests/requests-2.6.0.tar.gz at 890709e6d236c402658140100c8b948806c3889ad3c3a689815a0b70e49c879e - python-requests - openSUSE Gitea

pool/python-requests

SHA256

Michal Čihař aa19bbd525 Accepting request 298170 from home:Nijel:branches:devel:languages:python

- Update to 2.6.0:
  - Fix handling of cookies on redirect. Previously a cookie without a host
    value set would use the hostname for the redirected URL exposing requests
    users to session fixation attacks and potentially cookie stealing. This was
    disclosed privately by Matthew Daley of `BugFuzz <https://bugfuzz.com>`_.
    An CVE identifier has not yet been assigned for this. This affects all
    versions of requests from v2.1.0 to v2.5.3 (inclusive on both ends).
  - Fix error when requests is an ``install_requires`` dependency and ``python
    setup.py test`` is run. (#2462)
  - Fix error when urllib3 is unbundled and requests continues to use the
    vendored import location.
  - Include fixes to ``urllib3``'s header handling.
  - Requests' handling of unvendored dependencies is now more restrictive.
  - Support bytearrays when passed as parameters in the ``files`` argument.
    (#2468)
  - Avoid data duplication when creating a request with ``str``, ``bytes``, or
    ``bytearray`` input to the ``files`` argument.
  - Revert changes to our vendored certificate bundle. For more context see
    (#2455, #2456, and http://bugs.python.org/issue23476)

OBS-URL: https://build.opensuse.org/request/show/298170
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-requests?expand=0&rev=55

2015-04-20 13:28:20 +00:00

4 lines

131 B

Plaintext

Raw Blame History

	`version https://git-lfs.github.com/spec/v1`
	`oid sha256:1cdbed1f0e236f35ef54e919982c7a338e4fea3786310933d3a7887a04b74d75`
	`size 450389`