diff --git a/python-waitress.changes b/python-waitress.changes index 30dbb50..18fbc0c 100644 --- a/python-waitress.changes +++ b/python-waitress.changes @@ -1,3 +1,20 @@ +------------------------------------------------------------------- +Sun Jun 30 07:59:06 UTC 2024 - Dirk Müller + +- update to 3.0.0: + * Fixed testing of vendored asyncore code to not rely on + particular naming for errno's. + * HTTP Request methods and versions are now validated to meet + the HTTP standards thereby dropping invalid requests on the floor. + * No longer close the connection when sending a HEAD request + response. + * Always attempt to send the Connection: close response header + when we are going to close the connection to let the remote + know in more instances. + * Document that trusted_proxy may be set to a wildcard value to + trust all proxies. + * clear_untrusted_proxy_headers is set to True by default. + ------------------------------------------------------------------- Mon Dec 4 15:20:28 UTC 2023 - Ana Guerrero @@ -76,7 +93,7 @@ Thu Mar 17 17:42:42 UTC 2022 - Dirk Müller previously get parsed as 10 and accepted. This stops potential HTTP desync/HTTP request smuggling Thanks to Zhang Zeyu for reporting this issue. See - https://github.com/Pylons/waitress/security/advisories/GHSA-4f7p-27jc-3c36 + https://github.com/Pylons/waitress/security/advisories/GHSA-4f7p-27jc-3c36 ------------------------------------------------------------------- Fri Aug 27 12:27:31 UTC 2021 - Stefan Schubert @@ -157,9 +174,9 @@ Mon May 18 07:25:32 UTC 2020 - Petr Gajdos Thu Feb 6 17:29:20 UTC 2020 - Marketa Calabkova - update to 1.4.3 - * Waitress did not properly validate that the HTTP headers it received - were properly formed, thereby potentially allowing a front-end server - to treat a request different from Waitress. This could lead to HTTP + * Waitress did not properly validate that the HTTP headers it received + were properly formed, thereby potentially allowing a front-end server + to treat a request different from Waitress. This could lead to HTTP request smuggling/splitting. - drop patch local-intersphinx-inventories.patch * it was commented out, anyway @@ -186,7 +203,7 @@ Fri Dec 20 18:28:24 UTC 2019 - Dirk Mueller Thu Aug 29 13:35:14 UTC 2019 - Marketa Calabkova - update to 1.3.1 - * Waitress won’t accidentally throw away part of the path if it + * Waitress won’t accidentally throw away part of the path if it starts with a double slash ------------------------------------------------------------------- @@ -412,10 +429,10 @@ Tue Aug 13 10:15:30 UTC 2013 - dmueller@suse.com - update to 0.8.6: - Do alternate type of checking for UNIX socket support, instead of checking for platform == windows. - + - Functional tests now use multiprocessing module instead of subprocess module, speeding up test suite and making concurrent execution more reliable. - + - Runner now appends the current working directory to ``sys.path`` to support running WSGI applications from a directory (i.e., not installed in a virtualenv). @@ -451,5 +468,5 @@ Mon Apr 29 14:14:25 UTC 2013 - speilicke@suse.com ------------------------------------------------------------------- Mon Apr 29 13:06:10 UTC 2013 - dmueller@suse.com -- Initial package (0.8.3) +- Initial package (0.8.3) diff --git a/python-waitress.spec b/python-waitress.spec index d1a57ca..b3cc6f0 100644 --- a/python-waitress.spec +++ b/python-waitress.spec @@ -1,7 +1,7 @@ # -# spec file +# spec file for package python-waitress # -# Copyright (c) 2023 SUSE LLC +# Copyright (c) 2024 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -31,7 +31,7 @@ %endif %{?sle15_python_module_pythons} Name: python-waitress%{psuffix} -Version: 2.1.2 +Version: 3.0.0 Release: 0 Summary: Waitress WSGI server License: ZPL-2.1 @@ -42,7 +42,9 @@ Source: https://files.pythonhosted.org/packages/source/w/waitress/waitre # https://docs.python.org/3/objects.inv -> python3.inv Source1: python3.inv Source2: fetch-intersphinx-inventories.sh +BuildRequires: %{python_module pip} BuildRequires: %{python_module setuptools} +BuildRequires: %{python_module wheel} BuildRequires: fdupes BuildRequires: python-rpm-macros >= 20210929 BuildArch: noarch @@ -53,7 +55,7 @@ BuildRequires: alts Requires: alts %else Requires(post): update-alternatives -Requires(postun):update-alternatives +Requires(postun): update-alternatives %endif %else # Documentation requirements @@ -87,10 +89,10 @@ http://docs.pylonsproject.org/projects/waitress/en/latest/ . sed -i '/addopts/d' setup.cfg %build -%python_build +%pyproject_wheel %install -%python_install +%pyproject_install %python_clone -a %{buildroot}%{_bindir}/waitress-serve %python_expand %fdupes %{buildroot}%{$python_sitelib} @@ -113,7 +115,7 @@ sed -i '/addopts/d' setup.cfg %doc COPYRIGHT.txt README.rst %python_alternative %{_bindir}/waitress-serve %{python_sitelib}/waitress -%{python_sitelib}/waitress-%{version}*-info +%{python_sitelib}/waitress-%{version}.dist-info %else diff --git a/waitress-2.1.2.tar.gz b/waitress-2.1.2.tar.gz deleted file mode 100644 index 24a0211..0000000 --- a/waitress-2.1.2.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:780a4082c5fbc0fde6a2fcfe5e26e6efc1e8f425730863c04085769781f51eba -size 179823 diff --git a/waitress-3.0.0.tar.gz b/waitress-3.0.0.tar.gz new file mode 100644 index 0000000..34c7267 --- /dev/null +++ b/waitress-3.0.0.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:005da479b04134cdd9dd602d1ee7c49d79de0537610d653674cc6cbde222b8a1 +size 179393