python/python-aiohttp
SHA256
15
0
Fork 0
forked from pool/python-aiohttp
Code Pull Requests Activity

- update to 3.10.11:

Browse Source 
(bsc#1233446, CVE-2024-52303, bsc#1233447, CVE-2024-52304)
  - Authentication provided by a redirect now takes precedence over
    provided auth when making requests with the client -- by
    :user:`PLPeeters`.
  - Fixed :py:meth:`WebSocketResponse.close()
    <aiohttp.web.WebSocketResponse.close>` to discard non-close
    messages within its timeout window after sending close -- by
    :user:`lenard-mosys`.
  - Fixed a deadlock that could occur while attempting to get a new
    connection slot after a timeout -- by :user:`bdraco`.
  - Fixed the WebSocket flow control calculation undercounting with
    multi-byte data -- by :user:`bdraco`.
  - Fixed incorrect parsing of chunk extensions with the pure Python
    parser -- by :user:`bdraco`.
  - Fixed system routes polluting the middleware cache -- by
    :user:`bdraco`.
  - Improved performance of the connector when a connection can be
    reused -- by :user:`bdraco`.
  - Improved performance of the client request lifecycle when there
    are no cookies -- by :user:`bdraco`.
  - Improved performance of sending client requests when the writer
    can finish synchronously -- by :user:`bdraco`.
  - Improved performance of serializing HTTP headers -- by
    :user:`bdraco`.
  - Passing enable_cleanup_closed to :py:class:`aiohttp.TCPConnector`
    is now ignored on Python 3.12.7+ and 3.13.1+ since the underlying
    bug that caused asyncio to leak SSL connections has been fixed
    upstream -- by :user:`bdraco`.

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-aiohttp?expand=0&rev=138
This commit is contained in:
Daniel Garcia
2024-11-19 09:18:59 +00:00
committed by Git OBS Bridge
parent 798d98ed71
commit fb01b257d1
5 changed files with 56 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
python-aiohttp.changes
View File

@@ -1,3 +1,36 @@
-------------------------------------------------------------------
Tue Nov 19 08:50:53 UTC 2024 - Daniel Garcia <daniel.garcia@suse.com>
- update to 3.10.11:
(bsc#1233446, CVE-2024-52303, bsc#1233447, CVE-2024-52304)
- Authentication provided by a redirect now takes precedence over
provided auth when making requests with the client -- by
:user:`PLPeeters`.
- Fixed :py:meth:`WebSocketResponse.close()
<aiohttp.web.WebSocketResponse.close>` to discard non-close
messages within its timeout window after sending close -- by
:user:`lenard-mosys`.
- Fixed a deadlock that could occur while attempting to get a new
connection slot after a timeout -- by :user:`bdraco`.
- Fixed the WebSocket flow control calculation undercounting with
multi-byte data -- by :user:`bdraco`.
- Fixed incorrect parsing of chunk extensions with the pure Python
parser -- by :user:`bdraco`.
- Fixed system routes polluting the middleware cache -- by
:user:`bdraco`.
- Improved performance of the connector when a connection can be
reused -- by :user:`bdraco`.
- Improved performance of the client request lifecycle when there
are no cookies -- by :user:`bdraco`.
- Improved performance of sending client requests when the writer
can finish synchronously -- by :user:`bdraco`.
- Improved performance of serializing HTTP headers -- by
:user:`bdraco`.
- Passing enable_cleanup_closed to :py:class:`aiohttp.TCPConnector`
is now ignored on Python 3.12.7+ and 3.13.1+ since the underlying
bug that caused asyncio to leak SSL connections has been fixed
upstream -- by :user:`bdraco`.
-------------------------------------------------------------------
Tue Oct 22 13:14:05 UTC 2024 - Dirk Müller <dmueller@suse.com>