forked from pool/python-h11
Daniel Garcia
6fd01eff96
* Security fix (CVE-2025-43859, bsc#1241872)
Reject certain malformed Transfer-Encoding: chunked bodies that
were previously accepted. These could have enabled
request-smuggling attacks when an h11-based HTTP server was placed
behind a load balancer with a matching bug in its chunked
handling.
Advisory with more details:
https://github.com/python-hyper/h11/security/advisories/GHSA-vqfr-h8mv-ghfj
- 0.15.0:
* Reject Content-Lengths >= 1 zettabyte (1 billion terabytes) early,
without attempting to parse the integer (#181)
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-h11?expand=0&rev=25
24 lines
941 B
Plaintext
24 lines
941 B
Plaintext
## Default LFS
|
|
*.7z filter=lfs diff=lfs merge=lfs -text
|
|
*.bsp filter=lfs diff=lfs merge=lfs -text
|
|
*.bz2 filter=lfs diff=lfs merge=lfs -text
|
|
*.gem filter=lfs diff=lfs merge=lfs -text
|
|
*.gz filter=lfs diff=lfs merge=lfs -text
|
|
*.jar filter=lfs diff=lfs merge=lfs -text
|
|
*.lz filter=lfs diff=lfs merge=lfs -text
|
|
*.lzma filter=lfs diff=lfs merge=lfs -text
|
|
*.obscpio filter=lfs diff=lfs merge=lfs -text
|
|
*.oxt filter=lfs diff=lfs merge=lfs -text
|
|
*.pdf filter=lfs diff=lfs merge=lfs -text
|
|
*.png filter=lfs diff=lfs merge=lfs -text
|
|
*.rpm filter=lfs diff=lfs merge=lfs -text
|
|
*.tbz filter=lfs diff=lfs merge=lfs -text
|
|
*.tbz2 filter=lfs diff=lfs merge=lfs -text
|
|
*.tgz filter=lfs diff=lfs merge=lfs -text
|
|
*.ttf filter=lfs diff=lfs merge=lfs -text
|
|
*.txz filter=lfs diff=lfs merge=lfs -text
|
|
*.whl filter=lfs diff=lfs merge=lfs -text
|
|
*.xz filter=lfs diff=lfs merge=lfs -text
|
|
*.zip filter=lfs diff=lfs merge=lfs -text
|
|
*.zst filter=lfs diff=lfs merge=lfs -text
|