products/SUSE_ALP_Standard
9
0
Fork 1
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity
c855b90a43
SUSE_ALP_Standard/patchinfo.20241127021230441849.79497680141950/_patchinfo

37 lines
1.9 KiB
Plaintext
Raw Blame History

<patchinfo>
<!-- generated from request(s) 353312 -->
<issue tracker="bnc" id="1224788">VUL-0: CVE-2024-35195: python-requests: session object does not verify requests after making first request with verify=False</issue>
<issue tracker="bnc" id="1226321">HTTPie SSL certificate problems with python-requests 2.32.3 (fine with 2.32.2)</issue>
<issue tracker="bnc" id="1231500">registercloudguest throws SSL error on registration call</issue>
<issue tracker="cve" id="2024-35195"/>
<packager>StevenK</packager>
<rating>moderate</rating>
<category>security</category>
<summary>Security update for python-requests</summary>
<description>This update for python-requests contains the following fixes:
- Add patch to fix to inject the default CA bundles if they are not specified.
(bsc#1226321, bsc#1231500)
- Remove Requires on python-py, it should have been removed earlier.
- update to 2.32.3:
* Fixed bug breaking the ability to specify custom SSLContexts
in sub-classes of HTTPAdapter.
* Fixed issue where Requests started failing to run on Python
versions compiled without the `ssl` module.
* To provide a more stable migration for custom HTTPAdapters impacted by the CVE changes in 2.32.0,
we've renamed _get_connection to a new public API, get_connection_with_tls_context. Existing
custom HTTPAdapters will need to migrate their code to use this new API. get_connection is
* Fixed an issue where setting verify=False on the first request from a Session
will cause subsequent requests to the same origin to also ignore cert verification,
* verify=True now reuses a global SSLContext which should improve request time
* Requests now supports optional use of character detection (chardet or charset_normalizer)
when repackaged or vendored. This enables pip and other projects to minimize their
</description>
<package>python-requests</package>
<package>python-requests:test</package>
<seperate_build_arch/>
</patchinfo>
Reference in New Issue View Git Blame Copy Permalink