- Add patch openssl-3.2.patch gh#tornadoweb/tornado#3355

• Files Changed
• Browse Source

- update to 6.4:
  * https://www.tornadoweb.org/en/stable/releases/v6.4.0.html
  * Python 3.12 is now supported.
- drop py312-datetime.patch (upstream)

  * The Content-Length header and chunked Transfer-Encoding sizes
    are now parsed more strictly (according to the relevant RFCs)
    to avoid potential request-smuggling vulnerabilities when
  * Do not test multi-line headers.
- require python-backports.ssl_hostname only on python 2.x
    or 3.2.
  * This release fixes a path traversal vulnerability in StaticFileHandler,
  in which files whose names started with the static_path directory
  * SSLIOStream.connect and IOStream.start_tls now
  * Certificate validation will now use the system CA root certificates
    instead of certifi when possible (i.e. Python 2.7.9+ or 3.4+).
  * The default SSL configuration has become stricter,
    using ssl.create_default_context where available on the client side.
    (On the server side, applications are encouraged to migrate from
  * The deprecated classes in the tornado.auth module, GoogleMixin,
  + See more release details at
- added python3 package

• Files Changed
• Browse Source

• Files Changed
• Browse Source

- New upstream release 6.3.2 (bsc#1211741, CVE-2023-28370)

• Files Changed
• Browse Source

- New upstream release 6.3.2
  - Security improvements
    - Fixed an open redirect vulnerability in StaticFileHandler
      under certain configurations.
  - ``tornado.web``
    - `.RequestHandler.set_cookie` once again accepts capitalized
      keyword arguments for backwards compatibility. This is
      deprecated and in Tornado 7.0 only lowercase arguments will
      be accepted.
  - What's new in Tornado 6.3.0
    - The new `.Application` setting ``xsrf_cookie_name``
      can now be used to take advantage of the ``__Host``
      cookie prefix for improved security.  To use it, add
      ``{"xsrf_cookie_name": "__Host-xsrf", "xsrf_cookie_kwargs":
      {"secure": True}}`` to your `.Application` settings. Note
      that this feature currently only works when HTTPS is used.
    - `.WSGIContainer` now supports running the application in
      a ``ThreadPoolExecutor`` so the event loop is no longer
      blocked.
    - `.AsyncTestCase` and `.AsyncHTTPTestCase`, which were
      deprecated in Tornado 6.2, are no longer deprecated.
    - WebSockets are now much faster at receiving large messages
      split into many fragments.
  - General changes
    - Python 3.7 is no longer supported; the minimum supported  .
      Python version is 3.8 Python 3.12 is now supported        .
    - To avoid spurious deprecation warnings, users of Python
      3.10 should upgrade to at least version 3.10.9, and users
      of Python 3.11 should upgrade to at least version 3.11.1.
    - Tornado submodules are now imported automatically on

• Files Changed
• Browse Source

• Files Changed
• Browse Source

Automatic submission by obs-autosubmit

• Files Changed
• Browse Source

- Add patch remove-multiheader-http-test.patch:
  * Do not test multi-line headers.

• Files Changed
• Browse Source

• Files Changed
• Browse Source

• Files Changed
• Browse Source

• Files Changed
• Browse Source

• Files Changed
• Browse Source

• Files Changed
• Browse Source

• Files Changed
• Browse Source

- Add ignore-resourcewarning-doctests.patch to ignore ResourceWarnings
  when running doctests.
- Use %autopatch macro instead of specific patch number macros

- Define TRAVIS to disable unreliable tests

- Replace %fdupes -s with plain %fdupes; hardlinks are better.

• Files Changed
• Browse Source

Add py-tornado5

• Browse Source