Revisions of python-urllib3
Ana Guerrero (anag+factory)
accepted
request 1138118
from
Daniel Garcia (dgarcia)
(revision 66)
- Add upstream patch openssl-3.2.patch, to fix tests with opennssl 3.2.0, gh#urllib3/urllib3#3271
Ana Guerrero (anag+factory)
accepted
request 1130850
from
Factory Maintainer (factory-maintainer)
(revision 65)
Automatic submission by obs-autosubmit
Ana Guerrero (anag+factory)
accepted
request 1118603
from
Daniel Garcia (dgarcia)
(revision 64)
- update to 2.0.7 (bsc#1216377, CVE-2023-45803):
* Made body stripped from HTTP requests changing the request method
to GET after HTTP 303 "See Other" redirect responses.
Ana Guerrero (anag+factory)
accepted
request 1115892
from
Daniel Garcia (dgarcia)
(revision 62)
- update to 2.0.6 (bsc#1215968, CVE-2023-43804):
* Added the Cookie header to the list of headers to strip from
requests when redirecting to a different host. As before, different
headers can be set via Retry.remove_headers_on_redirect
- 2.0.5:
* Allowed pyOpenSSL third-party module without any deprecation
warning. #3126
* Fixed default blocksize of HTTPConnection classes to match
high-level classes. Previously was 8KiB, now 16KiB. #3066
Ana Guerrero (anag+factory)
accepted
request 1112725
from
Dirk Mueller (dirkmueller)
(revision 61)
* Changed HTTPConnection.request_chunked() to not erroneously emit multiple
* Added ``urllib3.util.SKIP_HEADER`` for skipping ``User-Agent``, ``Accept-Encoding``,
- Add missing dependency on python-six (bsc#1150895)
- update to 1.25 (bsc#1132663, bsc#1129071, CVE-2019-9740, CVE-2019-11236):
* Allow providing a list of headers to strip from requests when redirecting
without repeatedly flushing the decoder, to function better on
* Accept ca_cert_dir for SSL-related PoolManager configuration.
- add python-pyOpenSSL, python-certifi and python-pyasn1 requirements
- Comment out test requirements, as tests are disabled anyway, and
* Add support for directories of certificate authorities, as
* New exception: NewConnectionError, raised when we fail to
- Update 0001-Don-t-pin-dependency-to-exact-version.patch
* Shuffled around development-related files.
If you're maintaining a distro package of urllib3, you may need
* Unverified HTTPS requests will trigger a warning on the first
* New retry logic and urllib3.util.retry.Retry configuration
* All raised exceptions should now wrapped in a
urllib3.exceptions.HTTPException-extending exception.
urllib3.exceptions.MaxRetryError, including timeout-related
exceptions which were previously exempt. Underlying error is
* urllib3.exceptions.ConnectionError renamed to
* Requesting an empty host will raise
* Catch read timeouts over SSL connections as
* Fix TLS verification when using a proxy in Python 3.4.1.
* Add disable_cache option to urllib3.util.make_headers.
* Wrap socket.timeout exception with
* Fixed proxy-related bug where connections were being reused
* Added socket_options keyword parameter which allows to define
* Removed HTTPConnection.tcp_nodelay in favor of
* Don't install dummyserver into site-packages as it's only
Ana Guerrero (anag+factory)
accepted
request 1109358
from
Dirk Mueller (dirkmueller)
(revision 60)
- update to 1.25.9 (bsc#1177120, CVE-2020-26137):
Ana Guerrero (anag+factory)
accepted
request 1100699
from
Dirk Mueller (dirkmueller)
(revision 59)
- update to 2.0.4:
* Added support for union operators to ``HTTPHeaderDict``
* Added ``BaseHTTPResponse`` to ``urllib3.__all__`` (`#3078
* Fixed ``urllib3.connection.HTTPConnection`` to raise the
``http.client.connect`` audit event to have the same behavior
as the standard library HTTP client
* Relied on the standard library for checking hostnames in
supported PyPy releases
Fabian Vogt (favogt_factory)
accepted
request 1096959
from
Daniel Garcia (dgarcia)
(revision 58)
- Disable test_deprecated_no_scheme so it needs network connection to
run correctly.
- update to 2.0.3:
* Allowed alternative SSL libraries such as LibreSSL, while
still issuing a warning as we cannot help users facing issues
with implementations other than OpenSSL.
* Deprecated URLs which don't have an explicit scheme
* Fixed response decoding with Zstandard when compressed data
is made of several frames.
* Fixed ``assert_hostname=False`` to correctly skip hostname
check.
Dominique Leuenberger (dimstar_suse)
accepted
request 1087259
from
Dirk Mueller (dirkmueller)
(revision 57)
- update to 2.0.2:
* Fixed ``HTTPResponse.stream()`` to continue yielding bytes if
buffered decompressed data was still available to be read
even if the underlying socket is closed. This prevents
a compressed response from being truncated.
- Update to 2.0.1:
* Fixed a socket leak when fingerprint or hostname verifications fail.
* Fixed an error when HTTPResponse.read(0) was the first read call or when
the internal response body buffer was otherwise empty.
* Removed support for Python 2.7, 3.5, and 3.6.
* Removed fallback on certificate commonName in match_hostname() function.
* Removed support for Python with an ssl module compiled with LibreSSL,
CiscoSSL, wolfSSL, and all other OpenSSL alternatives.
* Removed support for OpenSSL versions earlier than 1.1.1.
* Removed urllib3.contrib.appengine.AppEngineManager and support for Google
App Engine Standard Environment.
* Changed ssl_version to instead set the corresponding
SSLContext.minimum_version and SSLContext.maximum_version values.
* Changed default SSLContext.minimum_version to be TLSVersion.TLSv1_2
in line with Python 3.10.
* Changed urllib3.util.create_urllib3_context to not override the system
cipher suites with a default value.
* Changed multipart/form-data header parameter formatting matches the
WHATWG HTML Standard as of 2021-06-10.
* Changed HTTPConnection.request() to always use lowercase chunk boundaries
when sending requests with Transfer-Encoding: chunked.
* Changed enforce_content_length default to True, preventing silent data
loss when reading streamed responses.
* Changed all parameters in the HTTPConnection and HTTPSConnection
Dominique Leuenberger (dimstar_suse)
accepted
request 1081796
from
Dirk Mueller (dirkmueller)
(revision 56)
Dominique Leuenberger (dimstar_suse)
accepted
request 1073863
from
Factory Maintainer (factory-maintainer)
(revision 55)
Automatic submission by obs-autosubmit
Dominique Leuenberger (dimstar_suse)
accepted
request 1060116
from
Dirk Mueller (dirkmueller)
(revision 54)
- update to 1.26.14: * Fixed parsing of port 0 (zero) returning None, instead of 0. * Removed deprecated getheaders() calls in contrib module.
Dominique Leuenberger (dimstar_suse)
accepted
request 1039604
from
Robert Schweikert (rjschwei)
(revision 53)
- update to 1.26.13
* Deprecated the ``HTTPResponse.getheaders()`` and ``HTTPResponse.getheader()`` methods.
* Fixed an issue where parsing a URL with leading zeroes in the port would be rejected
even when the port number after removing the zeroes was valid.
* Fixed a deprecation warning when using cryptography v39.0.0.
* Removed the ``<4`` in the ``Requires-Python`` packaging metadata field. (forwarded request 1039590 from glaubitz)
Dominique Leuenberger (dimstar_suse)
accepted
request 1030868
from
Dirk Mueller (dirkmueller)
(revision 52)
Dominique Leuenberger (dimstar_suse)
accepted
request 998723
from
Dirk Mueller (dirkmueller)
(revision 51)
- update to 1.26.12:
* Deprecated the `urllib3[secure]` extra and the `urllib3.contrib.pyopenssl` module.
Both will be removed in v2.x. See this `GitHub issue <https://github.com/urllib3/urllib3/issues/2680>`_
for justification and info on how to migrate.
Dominique Leuenberger (dimstar_suse)
accepted
request 970661
from
Steve Kowalik (StevenK)
(revision 49)
- Remove unneeded BuildRequires of mock.
- Remove unbundling off ssl.match_hostname.
* It was only done for the primary python3 flavor
* It is bundled for a reason gh#urllib3/urllib3#2439,
gh#urllib3/urllib3#2448
* The tests (and probably urllib3 users) use wildcard patterns
not supported by the stdlib
- Fix undbundling of six for all flavors
- Replace brotlipy recommendation and test with python-Brotli
(see release notes below)
- update to 1.26.9:
* Changed ``urllib3[brotli]`` extra to favor installing Brotli libraries that are still
receiving updates like ``brotli`` and ``brotlicffi`` instead of ``brotlipy``.
This change does not impact behavior of urllib3, only which dependencies are installed.
* Fixed a socket leaking when ``HTTPSConnection.connect()`` raises an exception.
* Fixed ``server_hostname`` being forwarded from ``PoolManager`` to ``HTTPConnectionPool``
when requesting an HTTP URL. Should only be forwarded when requesting an HTTPS URL.
- update to 1.26.8:
* Added extra message to``urllib3.exceptions.ProxyError`` when urllib3 detects that
a proxy is configured to use HTTPS but the proxy itself appears to only use HTTP.
* Added a mention of the size of the connection pool when discarding a
connection due to the pool being full.
* Added explicit support for Python 3.11.
* Deprecated the ``Retry.MAX_BACKOFF`` class property in favor of
``Retry.DEFAULT_MAX_BACKOFF`` to better match the rest of the default parameter names.
``Retry.MAX_BACKOFF`` is removed in v2.0.
* Changed location of the vendored ``ssl.match_hostname`` function from
Dominique Leuenberger (dimstar_suse)
accepted
request 928316
from
Dirk Mueller (dirkmueller)
(revision 48)
- update to 1.26.7:
* Fixed a bug with HTTPS hostname verification involving IP addresses and lack
of SNI.
* Fixed a bug where IPv6 braces weren't stripped during certificate hostname
matching.
Dominique Leuenberger (dimstar_suse)
accepted
request 906101
from
Markéta Machová (mcalabkova)
(revision 47)
Displaying revisions 1 - 20 of 66
