Revisions of python-urllib3
Gayane Osipyan (gosipyan)
accepted
request 893784
from
Johannes Grassler (jgrassler)
(revision 9)
Note: This request syncs the urllib3 package with the released state we have in SUSE OpenStack Cloud 9 right now. - Add CVE-2020-26116-CRLF-injection.patch which raises ValueError if method contains control characters and thus prevents CRLF injection into URLs (bsc#1177211, bpo#39603, CVE-2020-26116, gh#urllib3/urllib3#1800).
Johannes Grassler (jgrassler)
accepted
request 874733
from
Jan Zerebecki (jzerebecki)
(revision 8)
- Update RECENT_DATE to fix the test suite. This fixes the last change. Just changing the patch that already changes it won't work as later patches depend on what needs changing as context. - Revert change to recent-date patch. - Add a sed line to effect the needed change.
Johannes Grassler (jgrassler)
accepted
request 874618
from
Jan Zerebecki (jzerebecki)
(revision 7)
- Update python-urllib3-recent-date.patch to have RECENT_DATE within the needed boundaries for the test suite.
Jan Zerebecki (jzerebecki)
accepted
request 842725
from
Jacek Tomasiak (jtomasiak)
(revision 6)
- Update urllib3-fix-test-urls.patch. Adjust to match upstream solution.
Johannes Grassler (jgrassler)
accepted
request 841916
from
Jacek Tomasiak (jtomasiak)
(revision 5)
- Add urllib3-fix-test-urls.patch. Fix tests failing on python checks for CVE-2019-9740. - Add urllib3-cve-2020-26137.patch. Don't allow control chars in request method. (bsc#1177120, CVE-2020-26137)
Johannes Grassler (jgrassler)
accepted
request 815309
from
Flávio Ramalho (flaviosr)
(revision 4)
- Skip test_source_address_error as we raise different error with fixes that we provide in new python2/3 - Update python-urllib3-recent-date.patch to have RECENT_DATE within the needed boundaries for the test suite.
Johannes Grassler (jgrassler)
accepted
request 731313
from
Ralf Haferkamp (rhafer)
(revision 3)
- Add missing dependency on python-six (bsc#1150895)
Dirk Mueller (dirkmueller)
accepted
request 725048
from
Ralf Haferkamp (rhafer)
(revision 2)
- Add urllib3-disallow-control-chars-in-http-urls.patch (bsc#1132663, CVE-2019-11236, bsc#1129071, CVE-2019-9740) - Add urllib3-cve-2019-11324.patch. Don't load system certs unless there were no CA certs or SSLContext object specified manually. (bsc#1132900,CVE-2019-11324)
Johannes Grassler (jgrassler)
committed
(revision 1)
osc copypac from project:Cloud:OpenStack:Master package:python-urllib3 revision:2, using expand
Displaying all 9 revisions