pool/python-waitress
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: pool:factory
Branches Tags
pool:factory
pool:devel
rpm:factory
rpm:devel
..
compare: rpm:devel
Branches Tags
rpm:factory
rpm:devel
pool:factory
pool:devel

No commits in common. "factory" and "devel" have entirely different histories.
factory ... devel

4 changed files with 4 additions and 32 deletions
Show Stats Expand all files Collapse all files

28
python-waitress.changes
View File

@ -1,31 +1,3 @@
-------------------------------------------------------------------
Wed Nov 20 17:06:45 UTC 2024 - Dirk Müller <dmueller@suse.com>
- update to 3.0.2:
* When using Waitress to process trusted proxy headers,
Waitress will now update the headers to drop any untrusted
values, thereby making sure that WSGI apps only get trusted
and validated values that Waitress itself used to update the
environ.
-------------------------------------------------------------------
Wed Oct 30 06:49:46 UTC 2024 - Daniel Garcia <daniel.garcia@suse.com>
- Update to 3.0.1 (bsc#1232554, bsc#1232556, CVE-2024-49769, CVE-2024-49768):
* Fix a bug that would lead to Waitress busy looping on select()
on a half-open socket due to a race condition that existed when
creating a new HTTPChannel. See
https://github.com/Pylons/waitress/pull/435,
https://github.com/Pylons/waitress/issues/418 and
https://github.com/Pylons/waitress/security/advisories/GHSA-3f84-rpwh-47g6
* No longer strip the header values before passing them to the
WSGI environ. See https://github.com/Pylons/waitress/pull/434
and https://github.com/Pylons/waitress/issues/432
* Fix a race condition in Waitress when
`channel_request_lookahead` is enabled that could lead to HTTP
request smuggling.
* See https://github.com/Pylons/waitress/security/advisories/GHSA-9298-4cf8-g4wj
-------------------------------------------------------------------
Sun Jun 30 07:59:06 UTC 2024 - Dirk Müller <dmueller@suse.com>

2
python-waitress.spec
View File

@ -31,7 +31,7 @@
%endif
%{?sle15_python_module_pythons}
Name: python-waitress%{psuffix}
Version: 3.0.2
Version: 3.0.0
Release: 0
Summary: Waitress WSGI server
License: ZPL-2.1

3
waitress-3.0.0.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:005da479b04134cdd9dd602d1ee7c49d79de0537610d653674cc6cbde222b8a1
size 179393

3
waitress-3.0.2.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:682aaaf2af0c44ada4abfb70ded36393f0e307f4ab9456a215ce0020baefc31f
size 179901