- Add CVE-2021-4189-ftplib-trust-PASV-resp.patch (bsc#1194146,

bpo#43285, CVE-2021-4189, gh#python/cpython#24838) make ftplib not trust the PASV response. - build against openssl 1.1.x (incompatible with openssl 3.0x) for now. - on sle12, python2 modules will still be called python-xxxx until EOL, for newer SLE versions they will be python2-xxxx OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=310
2022-02-06 07:47:48 +00:00
parent 556d0713a6
commit 68c3ceb48d
7 changed files with 177 additions and 4 deletions
--- a/python.changes
+++ b/python.changes
@@ -1,7 +1,21 @@
+-------------------------------------------------------------------
+Sun Feb  6 07:43:11 UTC 2022 - Matej Cepl <mcepl@suse.com>
+
+- Add CVE-2021-4189-ftplib-trust-PASV-resp.patch (bsc#1194146,
+  bpo#43285, CVE-2021-4189, gh#python/cpython#24838) make ftplib
+  not trust the PASV response.
+
 -------------------------------------------------------------------
 Mon Dec  6 13:48:27 UTC 2021 - Dirk Müller <dmueller@suse.com>

- build against openssl 1.1.x (incompatible with openssl 3.0x) for now 
+- build against openssl 1.1.x (incompatible with openssl 3.0x)
+  for now.
+
+-------------------------------------------------------------------
+Tue Nov  2 08:09:03 UTC 2021 - Marcus Meissner <meissner@suse.com>
+
+- on sle12, python2 modules will still be called python-xxxx until EOL,
+  for newer SLE versions they will be python2-xxxx

 -------------------------------------------------------------------
 Fri Oct 15 08:17:46 UTC 2021 - Dominique Leuenberger <dimstar@opensuse.org>