python/python-urllib3
SHA256
14
0
Fork 0
forked from pool/python-urllib3
Code Pull Requests Activity

- update to 1.25 (bsc#1132663, CVE-2019-11236):

Browse Source 
* Require and validate certificates by default when using HTTPS
  * Upgraded ``urllib3.utils.parse_url()`` to be RFC 3986 compliant.
  * Added support for ``key_password`` for ``HTTPSConnectionPool`` to use
    encrypted ``key_file`` without creating your own ``SSLContext`` object.
  * Add TLSv1.3 support to CPython, pyOpenSSL, and SecureTransport ``SSLContext``
    implementations. (Pull #1496)
  * Switched the default multipart header encoder from RFC 2231 to HTML 5 working draft.
  * Fixed issue where OpenSSL would block if an encrypted client private key was
    given and no password was given. Instead an ``SSLError`` is raised.
  * Added support for Brotli content encoding. It is enabled automatically if
  ``brotlipy`` package is installed which can be requested with
  ``urllib3[brotli]`` extra.
  * Drop ciphers using DSS key exchange from default TLS cipher suites.
    Improve default ciphers when using SecureTransport.
  * Implemented a more efficient ``HTTPResponse.__iter__()`` method.
- Drop urllib3-test-ssl-drop-sslv3.patch . No longer needed

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-urllib3?expand=0&rev=59
This commit is contained in:
Thomas Bechtold
2019-04-23 04:14:26 +00:00
committed by Git OBS Bridge
parent 51f22ebfdd
commit 3c7026ea2d
6 changed files with 31 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
python-urllib3.changes
View File

@@ -1,3 +1,24 @@
-------------------------------------------------------------------
Tue Apr 23 04:04:50 UTC 2019 - Thomas Bechtold <tbechtold@suse.com>
- update to 1.25 (bsc#1132663, CVE-2019-11236):
* Require and validate certificates by default when using HTTPS
* Upgraded ``urllib3.utils.parse_url()`` to be RFC 3986 compliant.
* Added support for ``key_password`` for ``HTTPSConnectionPool`` to use
encrypted ``key_file`` without creating your own ``SSLContext`` object.
* Add TLSv1.3 support to CPython, pyOpenSSL, and SecureTransport ``SSLContext``
implementations. (Pull #1496)
* Switched the default multipart header encoder from RFC 2231 to HTML 5 working draft.
* Fixed issue where OpenSSL would block if an encrypted client private key was
given and no password was given. Instead an ``SSLError`` is raised.
* Added support for Brotli content encoding. It is enabled automatically if
``brotlipy`` package is installed which can be requested with
``urllib3[brotli]`` extra.
* Drop ciphers using DSS key exchange from default TLS cipher suites.
Improve default ciphers when using SecureTransport.
* Implemented a more efficient ``HTTPResponse.__iter__()`` method.
- Drop urllib3-test-ssl-drop-sslv3.patch . No longer needed
-------------------------------------------------------------------
Thu Apr 18 00:02:07 CEST 2019 - Matej Cepl <mcepl@suse.com>