Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12:Update
python3-lxml
python3-lxml.changes
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File python3-lxml.changes of Package python3-lxml
------------------------------------------------------------------- Thu Oct 6 05:58:36 UTC 2022 - Steve Kowalik <steven.kowalik@suse.com> - Add patch CVE-2021-28957-prevent-formaction.patch: * Sanitize HTML5 formaction attributes to prevent an XSS (bsc#1184177, CVE-2021-28957) ------------------------------------------------------------------- Tue Sep 27 08:32:24 UTC 2022 - Daniel Garcia <daniel.garcia@suse.com> - Add patch CVE-2020-27783.patch to fix CVE-2020-27783 mXSS due to the use of improper parser Fix bsc#1179534 ------------------------------------------------------------------- Thu Apr 24 08:46:36 UTC 2014 - toms@opensuse.org - Spec file changes: Added BuildRequires and missing Requires for python3-cssselect - Update to version 3.3.5: ** Features added n/a ** Bugs fixed - HTML cleaning could fail to strip javascript links that mix control characters into the link scheme. ** Other changes n/a - Changes in version 3.3.4: ** Features added - Source line numbers above 65535 are available on Elements when using libxml2 2.9 or later. ** Bugs fixed - lxml.html.fragment_fromstring() failed for bytes input in Py3. ** Other changes n/a See also http://lxml.de/3.3/changes-3.3.5.html ------------------------------------------------------------------- Sun Jan 26 13:12:45 UTC 2014 - toms@opensuse.org - Update to 3.3.0: (changes taken from http://lxml.de/3.3/changes-3.3.0.html) * 3.3.0 (2014-01-26) ** Features added n/a ** Bugs fixed - The heuristic that distinguishes file paths from URLs was tightened to produce less false negatives. * 3.3.0beta5 (2014-01-18) ** Features added - The PEP 393 unicode parsing support gained a fallback for wchar strings which might still be somewhat common on Windows systems. ** Bugs fixed - Several error handling problems were fixed throughout the code base that could previously lead to exceptions being silently swallowed or not properly reported. - The C-API function appendChild() is now deprecated as it does not propagate exceptions (its return type is void). The new function appendChildToElement() was added as a safe replacement. - Passing a string into fromstringlist() raises an exception instead of parsing the string character by character. ** Other changes - Document cleanup code was simplified using the new GC features in Cython 0.20. ------------------------------------------------------------------- Tue Oct 22 14:37:53 UTC 2013 - toddrme2178@gmail.com - update to 3.2.3: * LP#1185701: spurious XMLSyntaxError after finishing iterparse(). * Crash in lxml.objectify during xsi annotation. - update to 3.2.1: * The methods ``apply_templates()`` and ``process_children()`` of XSLT extension elements have gained two new boolean options ``elements_only`` and ``remove_blank_text`` that discard either all strings or whitespace-only strings from the result list. * When moving Elements to another tree, the namespace cleanup mechanism no longer drops namespace prefixes from attributes for which it finds a default namespace declaration, to prevent them from appearing as unnamespaced attributes after serialisation. * Returning non-type objects from a custom class lookup method could lead to a crash. * Instantiating and using subtypes of Comments and ProcessingInstructions crashed. ------------------------------------------------------------------- Mon Apr 29 12:25:39 UTC 2013 - dmueller@suse.com - update to 3.2.0: * Leading whitespace could change the behaviour of the string parsing functions in ``lxml.html``. * LP#599318: The string parsing functions in ``lxml.html`` are more robust in the face of uncommon HTML content like framesets or missing body tags. Patch by Stefan Seelmann. * LP#712941: I/O errors while trying to access files with paths that contain non-ASCII characters could raise ``UnicodeDecodeError`` instead of properly reporting the ``IOError``. * LP#673205: Parsing from in-memory strings disabled network access in the default parser and made subsequent attempts to parse from a URL fail. * LP#971754: lxml.html.clean appends 'nofollow' to 'rel' attributes instead of overwriting the current value. * LP#715687: lxml.html.clean no longer discards scripts that are explicitly allowed by the user provided whitelist. Patch by Christine Koppelt. ------------------------------------------------------------------- Sat Mar 30 17:29:03 UTC 2013 - arun@gmx.de - update to 3.1.1: (changes taken from http://lxml.de/3.1/changes-3.1.1.html) * 3.1.1 (2013-03-29) ** Bugs fixed - LP#1160386: Write access to lxml.html.FormElement.fields raised an AttributeError in Py3. - Illegal memory access during cleanup in incremental xmlfile writer. ** Other changes - The externally useless class lxml.etree._BaseParser was removed from the module dict. * 3.1.0 (2013-02-10) ** Features added - GH#89: lxml.html.clean allows overriding the set of attributes that it considers 'safe'. Patch by Francis Devereux. ** Bugs fixed - LP#1104370: copy.copy(el.attrib) raised an exception. It now returns a copy of the attributes as a plain Python dict. - GH#95: When used with namespace prefixes, the el.find*() methods always used the first namespace mapping that was provided for each path expression instead of using the one that was actually passed in for the current run. - LP#1092521, GH#91: Fix undefined C symbol in Python runtimes compiled without threading support. Patch by Ulrich Seidl. * 3.1beta1 (2012-12-21) ** Features added - New build-time option --with-unicode-strings for Python 2 that makes the API always return Unicode strings for names and text instead of byte strings for plain ASCII content. - New incremental XML file writing API etree.xmlfile(). - E factory in lxml.objectify is callable to simplify the creation of tags with non-identifier names without having to resort to getattr(). ** Bugs fixed - When starting from a non-namespaced element in lxml.objectify, searching for a child without explicitly specifying a namespace incorrectly found namespaced elements with the requested local name, instead of restricting the search to non-namespaced children. - GH#85: Deprecation warnings were fixed for Python 3.x. - GH#33: lxml.html.fromstring() failed to accept bytes input in Py3. - LP#1080792: Static build of libxml2 2.9.0 failed due to missing file. ** Other changes - The externally useless class _ObjectifyElementMakerCaller was removed from the module API of lxml.objectify. - LP#1075622: lxml.builder is faster for adding text to elements with many children. Patch by Anders Hammarquist. * 3.0.2 (2012-12-14) ** Bugs fixed - Fix crash during interpreter shutdown by switching to Cython 0.17.3 for building. * 3.0.1 (2012-10-14) ** Bugs fixed - LP#1065924: Element proxies could disappear during garbage collection in PyPy without proper cleanup. - GH#71: Failure to work with libxml2 2.6.x. - LP#1065139: static MacOS-X build failed in Py3. * 3.0 (2012-10-08) ** Bugs fixed - End-of-file handling was incorrect in iterparse() when reading from a low-level C file stream and failed in libxml2 2.9.0 due to its improved consistency checks. ** Other changes - The build no longer uses Cython by default unless the generated C files are missing. To use Cython, pass the option "--with-cython". To ignore the fatal build error when Cython is required but not available (e.g. to run special setup.py commands that do not actually run a build), pass "--without-cython". * 3.0beta1 (2012-09-26) ** Features added - Python level access to (optional) libxml2 memory debugging features to simplify debugging of memory leaks etc. ** Bugs fixed - Fix a memory leak in XPath by switching to Cython 0.17.1. - Some tests were adapted to work with PyPy. ** Other changes - The code was adapted to work with the upcoming libxml2 2.9.0 release. * 3.0alpha2 (2012-08-23) ** Features added - The .iter() method of elements now accepts tag arguments like "{*}name" to search for elements with a given local name in any namespace. With this addition, all combinations of wildcards now work as expected: "{ns}name", "{}name", "{*}name", "{ns}*", "{}*" and "{*}*". Note that "name" is equivalent to "{}name", but "*" is "{*}*". The same change applies to the .getiterator(), .itersiblings(), .iterancestors(), .iterdescendants(), .iterchildren() and .itertext() methods;the strip_attributes(), strip_elements() and strip_tags() functions as well as the iterparse() class. Patch by Simon Sapin. - C14N allows specifying the inclusive prefixes to be promoted to top-level during exclusive serialisation. ** Bugs fixed - Passing long Unicode strings into the feed() parser interface failed to read the entire string. * 3.0alpha1 (2012-07-31) ** Features added - Initial support for building in PyPy (through cpyext). - DTD objects gained an API that allows read access to their declarations. - xpathgrep.py gained support for parsing line-by-line (e.g. from grep output) and for surrounding the output with a new root tag. - E-factory in lxml.builder accepts subtypes of known data types (such as string subtypes) when building elements around them. - Tree iteration and iterparse() with a selective tag argument supports passing a set of tags. Tree nodes will be returned by the iterators if they match any of the tags. ** Bugs fixed - The .find*() methods in lxml.objectify no longer use XPath internally, which makes them faster in many cases (especially when short circuiting after a single or couple of elements) and fixes some behavioural differences compared to lxml.etree. Note that this means that they no longer support arbitrary XPath expressions but only the subset that the ElementPath language supports. The previous implementation was also redundant with the normal XPath support, which can be used as a replacement. - el.find('*') could accidentally return a comment or processing instruction that happened to be in the wrong spot. (Same for the other .find*() methods.) - The error logging is less intrusive and avoids a global setup where possible. - Fixed undefined names in html5lib parser. - xpathgrep.py did not work in Python 3. - Element.attrib.update() did not accept an attrib of another Element as parameter. - For subtypes of ElementBase that make the .text or .tail properties immutable (as in objectify, for example), inserting text when creating Elements through the E-Factory feature of the class constructor would fail with an exception, stating that the text cannot be modified. ** Other changes - The code base was overhauled to properly use 'const' where the API of libxml2 anders libxslt requests it. This also has an impact on the public C-API of lxml itself, as defined in etreepublic.pxd, as well as the provided declarations in the lxml/includes/ directory. Code that uses these declarations may have to be adapted. On the plus side, this fixes several C compiler warnings, also for user code, thus making it easier to spot real problems again. - The functionality of "lxml.cssselect" was moved into a separate PyPI package called "cssselect". To continue using it, you must install that package separately. The "lxml.cssselect" module is still available and provides the same interface, provided the "cssselect" package can be imported at runtime. - Element attributes passed in as an attrib dict or as keyword arguments are now sorted by (namespaced) name before being created to make their order predictable for serialisation and iteration. Note that adding or deleting attributes afterwards does not take that order into account, i.e. setting a new attribute appends it after the existing ones. - Several classes that are for internal use only were removed from the lxml.etree module dict: _InputDocument, _ResolverRegistry, _ResolverContext, _BaseContext, _ExsltRegExp, _IterparseContext, _TempStore, _ExceptionContext, __ContentOnlyElement, _AttribIterator, _NamespaceRegistry, _ClassNamespaceRegistry, _FunctionNamespaceRegistry, _XPathFunctionNamespaceRegistry, _ParserDictionaryContext, _FileReaderContext, _ParserContext, _PythonSaxParserTarget, _TargetParserContext, _ReadOnlyProxy, _ReadOnlyPIProxy, _ReadOnlyEntityProxy, _ReadOnlyElementProxy, _OpaqueNodeWrapper, _OpaqueDocumentWrapper, _ModifyContentOnlyProxy, _ModifyContentOnlyPIProxy, _ModifyContentOnlyEntityProxy, _AppendOnlyElementProxy, _SaxParserContext, _FilelikeWriter, _ParserSchemaValidationContext, _XPathContext, _XSLTResolverContext, _XSLTContext, _XSLTQuotedStringParam - Several internal classes can no longer be inherited from: _InputDocument, _ResolverRegistry, _ExsltRegExp, _ElementUnicodeResult, _IterparseContext, _TempStore, _AttribIterator, _ClassNamespaceRegistry, _XPathFunctionNamespaceRegistry, _ParserDictionaryContext, _FileReaderContext, _PythonSaxParserTarget, _TargetParserContext, _ReadOnlyPIProxy, _ReadOnlyEntityProxy, _OpaqueDocumentWrapper, _ModifyContentOnlyPIProxy, _ModifyContentOnlyEntityProxy, _AppendOnlyElementProxy, _FilelikeWriter, _ParserSchemaValidationContext, _XPathContext, _XSLTResolverContext, _XSLTContext, _XSLTQuotedStringParam, _XSLTResultTree, _XSLTProcessingInstruction * 2.3.6 (2012-09-28) ** Bugs fixed - Passing long Unicode strings into the feed() parser interface failed to read the entire string. * 2.3.5 (2012-07-31) ** Bugs fixed - Crash when merging text nodes in element.remove(). - Crash in sax/target parser when reporting empty doctype. ------------------------------------------------------------------- Wed Dec 19 15:47:31 UTC 2012 - saschpe@suse.de - The doc sub-package is noarch ------------------------------------------------------------------- Thu Nov 22 13:47:34 UTC 2012 - toddrme2178@gmail.com - Removed openSUSE 11.4 spec file workarounds ------------------------------------------------------------------- Thu May 24 08:06:22 UTC 2012 - highwaystar.ru@gmail.com - python3-lxml package created
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor