Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP2:Update
patchinfo.15360
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.15360
<patchinfo incident="15360"> <category>security</category> <issue id="1054413" tracker="bnc">[TRACKERBUG] FATE#323875: Separate Azure SDK into components</issue> <issue id="1073879" tracker="bnc">Provide python3 subpackages for existing packages</issue> <issue id="1111622" tracker="bnc">VUL-0: CVE-2018-18074: python-requests: The Requests package sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect</issue> <issue id="1122668" tracker="bnc">[TRACKERBUG] FATE#326950 - Include cfn linter in the SLE 12 Public Cloud Module</issue> <issue id="761500" tracker="bnc">python-certifi should NOT include own certificate bundle copy</issue> <issue id="922448" tracker="bnc">VUL-1: CVE-2015-2296: python-requests: session fixation vulnerability and cookie stealing</issue> <issue id="929736" tracker="bnc">VUL-1: python-requests: remove RC4 from the default cipher list</issue> <issue id="935252" tracker="bnc">ssl error while trying to power on an instance on a sle 12 compute node</issue> <issue id="945455" tracker="bnc">python-requests: the tests do nothing</issue> <issue id="947357" tracker="bnc">devel:languages:python/python-requests: devel:languages:python3/python3-requests: Bug</issue> <issue id="961596" tracker="bnc">[TRACKERBUG] FATE#319970: Update python-requests to version 2.8.1</issue> <issue id="967128" tracker="bnc">python-requests: no-default-cacert.patch breaks third party packages (e. g. electrum)</issue> <issue id="2015-2296" tracker="cve" /> <issue id="2018-18074" tracker="cve" /> <rating>moderate</rating> <packager>AndreasStieger</packager> <description>This update for python3-requests provides the following fix: python-requests was updated to 2.20.1. Update to version 2.20.1: * Fixed bug with unintended Authorization header stripping for redirects using default ports (http/80, https/443). Update to version 2.20.0: * Bugfixes + Content-Type header parsing is now case-insensitive (e.g. charset=utf8 v Charset=utf8). + Fixed exception leak where certain redirect urls would raise uncaught urllib3 exceptions. + Requests removes Authorization header from requests redirected from https to http on the same hostname. (CVE-2018-18074) + should_bypass_proxies now handles URIs without hostnames (e.g. files). Update to version 2.19.1: * Fixed issue where status_codes.py’s init function failed trying to append to a __doc__ value of None. Update to version 2.19.0: * Improvements + Warn about possible slowdown with cryptography version < 1.3.4 + Check host in proxy URL, before forwarding request to adapter. + Maintain fragments properly across redirects. (RFC7231 7.1.2) + Removed use of cgi module to expedite library load time. + Added support for SHA-256 and SHA-512 digest auth algorithms. + Minor performance improvement to Request.content. * Bugfixes + Parsing empty Link headers with parse_header_links() no longer return one bogus entry. + Fixed issue where loading the default certificate bundle from a zip archive would raise an IOError. + Fixed issue with unexpected ImportError on windows system which do not support winreg module. + DNS resolution in proxy bypass no longer includes the username and password in the request. This also fixes the issue of DNS queries failing on macOS. + Properly normalize adapter prefixes for url comparison. + Passing None as a file pointer to the files param no longer raises an exception. + Calling copy on a RequestsCookieJar will now preserve the cookie policy correctly. Update to version 2.18.4: * Improvements + Error messages for invalid headers now include the header name for easier debugging Update to version 2.18.3: * Improvements + Running $ python -m requests.help now includes the installed version of idna. * Bugfixes + Fixed issue where Requests would raise ConnectionError instead of SSLError when encountering SSL problems when using urllib3 v1.22. - Add ca-certificates (and ca-certificates-mozilla) to dependencies, otherwise https connections will fail. </description> <summary>Security update for python3-requests</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor