|
|
|
|
Changelog for python311-urllib3-2.2.3-lp156.197.2.noarch.rpm :
* Thu Oct 03 2024 Steve Kowalik - Update to 2.2.3: * Features + Added support for Python 3.13. * Bugfixes + Fixed the default encoding of chunked request bodies to be UTF-8 instead of ISO-8859-1. All other methods of supplying a request body already use UTF-8 starting in urllib3 v2.0. + Fixed ResourceWarning on CONNECT with Python < 3.11.4 by backporting python/cpython#103472. + Fixed a crash where certain standard library hash functions were absent in restricted environments. + Added the Proxy-Authorization header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via Retry.remove_headers_on_redirect. + Allowed passing negative integers as amt to read methods of http.client.HTTPResponse as an alternative to None. + Fixed issue where InsecureRequestWarning was emitted for HTTPS connections when using Emscripten. + Fixed HTTPConnectionPool.urlopen to stop automatically casting non-proxy headers to HTTPHeaderDict. This change was premature as it did not apply to proxy headers and HTTPHeaderDict does not handle byte header values correctly yet. + Changed InvalidChunkLength to ProtocolError when response terminates before the chunk length is sent. + Changed ProtocolError to be more verbose on incomplete reads with excess content. + Added support for HTTPResponse.read1() method. + Fixed issue where requests against urls with trailing dots were failing due to SSL errors when using proxy. + Fixed HTTPConnection.proxy_is_verified and HTTPSConnection.proxy_is_verified to be always set to a boolean after connecting to a proxy. It could be None in some cases previously. + Fixed an issue where headers passed in a request with json= would be mutated + Fixed HTTPSConnection.is_verified to be set to False when connecting from a HTTPS proxy to an HTTP target. It was set to True previously. + Fixed handling of new error message from OpenSSL 3.2.0 when configuring an HTTP proxy as HTTPS + Fixed TLS 1.3 post-handshake auth when the server certificate validation is disabled * HTTP/2 (experimental) + Excluded Transfer-Encoding: chunked from HTTP/2 request body + Added a probing mechanism for determining whether a given target origin supports HTTP/2 via ALPN. + Add support for sending a request body with HTTP/2 * Removals + Drop support for end-of-life PyPy3.8 and PyPy3.9.- Drop patches, they are now included upstream: * CVE-2024-37891.patch * openssl-3.2.patch- Included patched hypercorn, which is only unpacked and used for the test suite. * Tue Jun 18 2024 Markéta Machová - Add CVE-2024-37891.patch (bsc#1226469) * Thu Jan 11 2024 Daniel Garcia - Add upstream patch openssl-3.2.patch, to fix tests with opennssl 3.2.0, gh#urllib3/urllib3#3271 * Mon Nov 27 2023 Dirk Müller - update to 2.1.0: * Removed support for the deprecated urllib3[secure] extra. * Removed support for the deprecated SecureTransport TLS implementation. * Removed support for the end-of-life Python 3.7. * Allowed loading CA certificates from memory for proxies. * Fixed decoding Gzip-encoded responses which specified ``x-gzip`` content-encoding. * Wed Oct 18 2023 Daniel Garcia Moreno - update to 2.0.7 (bsc#1216377, CVE-2023-45803): * Made body stripped from HTTP requests changing the request method to GET after HTTP 303 \"See Other\" redirect responses. * Thu Oct 12 2023 Frederic Crozat - Update Buildrequires to upstream list. * Thu Oct 05 2023 Daniel Garcia - update to 2.0.6 (bsc#1215968, CVE-2023-43804): * Added the Cookie header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via Retry.remove_headers_on_redirect- 2.0.5: * Allowed pyOpenSSL third-party module without any deprecation warning. #3126 * Fixed default blocksize of HTTPConnection classes to match high-level classes. Previously was 8KiB, now 16KiB. #3066 * Tue Jul 25 2023 Dirk Müller - update to 2.0.4: * Added support for union operators to ``HTTPHeaderDict`` * Added ``BaseHTTPResponse`` to ``urllib3.__all__`` (`#3078 * Fixed ``urllib3.connection.HTTPConnection`` to raise the ``http.client.connect`` audit event to have the same behavior as the standard library HTTP client * Relied on the standard library for checking hostnames in supported PyPy releases * Wed Jul 05 2023 Daniel Garcia - Disable test_deprecated_no_scheme so it needs network connection to run correctly. * Mon Jun 19 2023 Dirk Müller - update to 2.0.3: * Allowed alternative SSL libraries such as LibreSSL, while still issuing a warning as we cannot help users facing issues with implementations other than OpenSSL. * Deprecated URLs which don\'t have an explicit scheme * Fixed response decoding with Zstandard when compressed data is made of several frames. * Fixed ``assert_hostname=False`` to correctly skip hostname check. * Sun May 14 2023 Dirk Müller - update to 2.0.2: * Fixed ``HTTPResponse.stream()`` to continue yielding bytes if buffered decompressed data was still available to be read even if the underlying socket is closed. This prevents a compressed response from being truncated. * Wed May 10 2023 Steve Kowalik - Update to 2.0.1: * Fixed a socket leak when fingerprint or hostname verifications fail. * Fixed an error when HTTPResponse.read(0) was the first read call or when the internal response body buffer was otherwise empty. * Removed support for Python 2.7, 3.5, and 3.6. * Removed fallback on certificate commonName in match_hostname() function. * Removed support for Python with an ssl module compiled with LibreSSL, CiscoSSL, wolfSSL, and all other OpenSSL alternatives. * Removed support for OpenSSL versions earlier than 1.1.1. * Removed urllib3.contrib.appengine.AppEngineManager and support for Google App Engine Standard Environment. * Changed ssl_version to instead set the corresponding SSLContext.minimum_version and SSLContext.maximum_version values. * Changed default SSLContext.minimum_version to be TLSVersion.TLSv1_2 in line with Python 3.10. * Changed urllib3.util.create_urllib3_context to not override the system cipher suites with a default value. * Changed multipart/form-data header parameter formatting matches the WHATWG HTML Standard as of 2021-06-10. * Changed HTTPConnection.request() to always use lowercase chunk boundaries when sending requests with Transfer-Encoding: chunked. * Changed enforce_content_length default to True, preventing silent data loss when reading streamed responses. * Changed all parameters in the HTTPConnection and HTTPSConnection constructors to be keyword-only except host and port. * Changed HTTPConnection.getresponse() to set the socket timeout from HTTPConnection.timeout value before reading data from the socket. * Changed name of Retry.BACK0FF_MAX to be Retry.DEFAULT_BACKOFF_MAX. * Changed TLS handshakes to use SSLContext.check_hostname when possible. * Changed the default blocksize to 16KB to match OpenSSL\'s default read amounts. * Changed HTTPResponse.read() to raise an error when calling with decode_content=False after using decode_content=True to prevent data loss. * Fixed thread-safety issue where accessing a PoolManager with many distinct origins would cause connection pools to be closed while requests are in progress. * Fixed the default value of HTTPSConnection.socket_options to match HTTPConnection. * Fixed a socket leak if HTTPConnection.connect() fails.- Drop patch remove_mock.patch, included upstream.- Fiddle with {Build,}Requires as appropiate, six finally dropped. * Fri Apr 21 2023 Dirk Müller - add sle15_python_module_pythons (jsc#PED-68) * Thu Apr 13 2023 Matej Cepl - Make calling of %{sle15modernpython} optional. * Tue Mar 14 2023 Dirk Müller - update to 1.26.15: * Fix socket timeout value when ``HTTPConnection`` is reused * Remove \"!\" character from the unreserved characters in IPv6 Zone ID parsing * Fix IDNA handling of \'<80>\' byte * Sat Jan 21 2023 Dirk Müller - update to 1.26.14: * Fixed parsing of port 0 (zero) returning None, instead of 0. * Removed deprecated getheaders() calls in contrib module. * Fri Dec 02 2022 John Paul Adrian Glaubitz - update to 1.26.13 * Deprecated the ``HTTPResponse.getheaders()`` and ``HTTPResponse.getheader()`` methods. * Fixed an issue where parsing a URL with leading zeroes in the port would be rejected even when the port number after removing the zeroes was valid. * Fixed a deprecation warning when using cryptography v39.0.0. * Removed the ``<4`` in the ``Requires-Python`` packaging metadata field. * Sun Oct 23 2022 Ben Greiner - Fix pycache when undbundling six * Mon Aug 22 2022 Dirk Müller - update to 1.26.12: * Deprecated the `urllib3[secure]` extra and the `urllib3.contrib.pyopenssl` module. Both will be removed in v2.x. See this `GitHub issue `_ for justification and info on how to migrate. * Tue Aug 02 2022 Ben Greiner - update to 1.26.11 * Fix OverflowError when TLS is used on some Python versions * Sun Jul 24 2022 Dirk Müller - update to 1.26.10: * Removed support for Python 3.5 * Fixed an issue where a ``ProxyError`` recommending configuring the proxy as HTTP instead of HTTPS could appear even when an HTTPS proxy wasn\'t configured.- refresh remove_mock.patch with extra mock usages * Tue Apr 19 2022 Steve Kowalik - Remove unneeded BuildRequires of mock. * Tue Apr 05 2022 Ben Greiner - Remove unbundling off ssl.match_hostname. * It was only done for the primary python3 flavor * It is bundled for a reason gh#urllib3/urllib3#2439, gh#urllib3/urllib3#2448 * The tests (and probably urllib3 users) use wildcard patterns not supported by the stdlib- Fix undbundling of six for all flavors- Replace brotlipy recommendation and test with python-Brotli (see release notes below) * Tue Mar 29 2022 Dirk Müller - update to 1.26.9: * Changed ``urllib3[brotli]`` extra to favor installing Brotli libraries that are still receiving updates like ``brotli`` and ``brotlicffi`` instead of ``brotlipy``. This change does not impact behavior of urllib3, only which dependencies are installed. * Fixed a socket leaking when ``HTTPSConnection.connect()`` raises an exception. * Fixed ``server_hostname`` being forwarded from ``PoolManager`` to ``HTTPConnectionPool`` when requesting an HTTP URL. Should only be forwarded when requesting an HTTPS URL. * Mon Jan 10 2022 Dirk Müller - update to 1.26.8: * Added extra message to``urllib3.exceptions.ProxyError`` when urllib3 detects that a proxy is configured to use HTTPS but the proxy itself appears to only use HTTP. * Added a mention of the size of the connection pool when discarding a connection due to the pool being full. * Added explicit support for Python 3.11. * Deprecated the ``Retry.MAX_BACKOFF`` class property in favor of ``Retry.DEFAULT_MAX_BACKOFF`` to better match the rest of the default parameter names. ``Retry.MAX_BACKOFF`` is removed in v2.0. * Changed location of the vendored ``ssl.match_hostname`` function from ``urllib3.packages.ssl_match_hostname`` to ``urllib3.util.ssl_match_hostname`` to ensure Python 3.10+ compatibility after being repackaged by downstream distributors. * Fixed absolute imports, all imports are now relative. * Tue Oct 26 2021 Dirk Müller - update to 1.26.7: * Fixed a bug with HTTPS hostname verification involving IP addresses and lack of SNI. * Fixed a bug where IPv6 braces weren\'t stripped during certificate hostname matching. * Tue Jul 13 2021 Markéta Machová - update to 1.26.6 * Deprecated the urllib3.contrib.ntlmpool module. * Changed HTTPConnection.request_chunked() to not erroneously emit multiple Transfer-Encoding headers in the case that one is already specified. * Fixed typo in deprecation message to recommend Retry.DEFAULT_ALLOWED_METHODS. * Sun Jun 06 2021 Dirk Müller - update to 1.26.5 (bsc#1187045, CVE-2021-33503): * Fixed deprecation warnings emitted in Python 3.10. * Updated vendored ``six`` library to 1.16.0. * Improved performance of URL parser when splitting the authority component. * Tue Mar 16 2021 Dirk Müller - update to 1.26.4: * Changed behavior of the default ``SSLContext`` when connecting to HTTPS proxy during HTTPS requests. The default ``SSLContext`` now sets ``check_hostname=True``. * Thu Jan 28 2021 Dirk Müller - update to 1.26.3: * Fixed bytes and string comparison issue with headers (Pull #2141) * Changed ``ProxySchemeUnknown`` error message to be more actionable if the user supplies a proxy URL without a scheme. (Pull #2107) * Fri Jan 01 2021 Benjamin Greiner - Skip test for RECENT_DATE. It is a test purely for developers. To maintain reproducibility, keep upstreams possibly outdated RECENT_DATE in the source code. (bsc#1181571) * Thu Dec 17 2020 Matej Cepl - Add CI variable, which makes timeouts in the test suite longer (gh#urllib3/urllib3#2109, bsc#1176389) and test_timeout_errors_cause_retries should not fail. * Mon Dec 14 2020 Benjamin Greiner - If you skip_python2 you don\'t need mock. * Sun Dec 13 2020 Matej Cepl - We don\'t need to break Python 2.7 * Fri Dec 11 2020 Matej Cepl - Add remove_mock.patch to remove dependency on the external mock package (gh#urllib3/urllib3#2108). * Fri Dec 11 2020 Markéta Machová - Fixed the testsuite and updated dependencies * Thu Nov 26 2020 Dirk Mueller - update to 1.26.2: * Fixed an issue where ``wrap_socket`` and ``CERT_REQUIRED`` wouldn\'t be imported properly on Python 2.7.8 and earlier (Pull #2052) * Fixed an issue where two ``User-Agent`` headers would be sent if a ``User-Agent`` header key is passed as ``bytes`` (Pull #2047) * Added support for HTTPS proxies contacting HTTPS servers (Pull #1923, Pull #1806) * Deprecated negotiating TLSv1 and TLSv1.1 by default. Users that still wish to use TLS earlier than 1.2 without a deprecation warning should opt-in explicitly by setting ``ssl_version=ssl.PROTOCOL_TLSv1_1`` (Pull #2002) * *Starting in urllib3 v2.0: Connections that receive a ``DeprecationWarning`` will fail * * * Deprecated ``Retry`` options ``Retry.DEFAULT_METHOD_WHITELIST``, ``Retry.DEFAULT_REDIRECT_HEADERS_BLACKLIST`` and ``Retry(method_whitelist=...)`` in favor of ``Retry.DEFAULT_ALLOWED_METHODS``, ``Retry.DEFAULT_REMOVE_HEADERS_ON_REDIRECT``, and ``Retry(allowed_methods=...)`` (Pull #2000) * *Starting in urllib3 v2.0: Deprecated options will be removed * * * Added default ``User-Agent`` header to every request (Pull #1750) * Added ``urllib3.util.SKIP_HEADER`` for skipping ``User-Agent``, ``Accept-Encoding``, and ``Host`` headers from being automatically emitted with requests (Pull #2018) * Collapse ``transfer-encoding: chunked`` request data and framing into the same ``socket.send()`` call (Pull #1906) * Send ``http/1.1`` ALPN identifier with every TLS handshake by default (Pull #1894) * Properly terminate SecureTransport connections when CA verification fails (Pull #1977) * Don\'t emit an ``SNIMissingWarning`` when passing ``server_hostname=None`` to SecureTransport (Pull #1903) * Disabled requesting TLSv1.2 session tickets as they weren\'t being used by urllib3 (Pull #1970) * Suppress ``BrokenPipeError`` when writing request body after the server has closed the socket (Pull #1524) * Wrap ``ssl.SSLError`` that can be raised from reading a socket (e.g. \"bad MAC\") into an ``urllib3.exceptions.SSLError`` (Pull #1939) * Fix retry backoff time parsed from ``Retry-After`` header when given in the HTTP date format. The HTTP date was parsed as the local timezone rather than accounting for the timezone in the HTTP date (typically UTC) (Pull #1932, Pull #1935, Pull #1938, Pull #1949) * Wed Sep 09 2020 Alberto Planas Dominguez - Generate pyc for ssl_match_hostname too * Tue Aug 04 2020 Dirk Mueller - update to 1.25.10: * Added support for ``SSLKEYLOGFILE`` environment variable for logging TLS session keys with use with programs like Wireshark for decrypting captured web traffic (Pull #1867) * Fixed loading of SecureTransport libraries on macOS Big Sur due to the new dynamic linker cache (Pull #1905) * Collapse chunked request bodies data and framing into one call to ``send()`` to reduce the number of TCP packets by 2-4x (Pull #1906) * Don\'t insert ``None`` into ``ConnectionPool`` if the pool was empty when requesting a connection (Pull #1866) * Avoid ``hasattr`` call in ``BrotliDecoder.decompress()`` (Pull #1858) * Tue Jun 02 2020 Dirk Mueller - update to 1.25.9 (bsc#1177120, CVE-2020-26137): * Added ``InvalidProxyConfigurationWarning`` which is raised when erroneously specifying an HTTPS proxy URL. urllib3 doesn\'t currently support connecting to HTTPS proxies but will soon be able to and we would like users to migrate properly without much breakage. * Drain connection after ``PoolManager`` redirect (Pull #1817) * Ensure ``load_verify_locations`` raises ``SSLError`` for all backends (Pull #1812) * Rename ``VerifiedHTTPSConnection`` to ``HTTPSConnection`` (Pull #1805) * Allow the CA certificate data to be passed as a string (Pull #1804) * Raise ``ValueError`` if method contains control characters (Pull #1800) * Add ``__repr__`` to ``Timeout`` (Pull #1795) * Tue Apr 21 2020 Matej Cepl - Explicitly switch off building python 2 version. * Fri Feb 07 2020 Marketa Calabkova - update to 1.25.8 * Drop support for EOL Python 3.4 * Optimize _encode_invalid_chars * Preserve chunked parameter on retries * Allow unset SERVER_SOFTWARE in App Engine * Fix issue where URL fragment was sent within the request target. * Fix issue where an empty query section in a URL would fail to parse. * Remove TLS 1.3 support in SecureTransport due to Apple removing support. * Tue Oct 15 2019 Ralf Haferkamp - Require a new enough release of python-six. 1.25.6 needs at least 1.12.0 for ensure_text() and friends. * Wed Oct 02 2019 Tomáš Chvátal - Updae to 1.25.6: * Fix issue where tilde (~) characters were incorrectly percent-encoded in the path. (Pull #1692) * Fri Sep 27 2019 Tomáš Chvátal - Restrict the tornado dep from tom to 5 or older release as the 6.x changed the API * Fri Sep 20 2019 Tomáš Chvátal - Update to 1.25.5: * Add mitigation for BPO-37428 affecting Python <3.7.4 and OpenSSL 1.1.1+ which caused certificate verification to be enabled when using cert_reqs=CERT_NONE. (Issue #1682) * Propagate Retry-After header settings to subsequent retries. (Pull #1607) * Fix edge case where Retry-After header was still respected even when explicitly opted out of. (Pull #1607) * Remove dependency on rfc3986 for URL parsing. * Fix issue where URLs containing invalid characters within Url.auth would raise an exception instead of percent-encoding those characters. * Add support for HTTPResponse.auto_close = False which makes HTTP responses work well with BufferedReaders and other io module features. (Pull #1652) * Percent-encode invalid characters in URL for HTTPConnectionPool.request() (Pull #1673)- Drop patch urllib3-ssl-default-context.patch- Drop patch python-urllib3-recent-date.patch the date is recent enough on its own * Sat Sep 14 2019 John Vandenberg - Use have/skip_python2/3 macros to allow building only one flavour * Mon Jul 22 2019 Tomáš Chvátal - Use old pytest 3.x as newer do not work with this release * this will be fixed with next release, just spread among numerous fixes in the git for quick backporting * Fri Jun 21 2019 Dominique Leuenberger - Fixup pre script: the migration issue happens when changing from python-urllib3 to python2-urllib3: the number of installed instances of python2-urlliib3 is at this moment 1, unlike in regular updates. This is due to a name change, which consists not of a pure package update. * Thu Jun 20 2019 Dominique Leuenberger - Provides/Obsoletes does not fix the issue: we have a directory-to-symlink switch, which cannot be handled by RPM internally. Assist using pre script (boo#1138715). * Wed Jun 19 2019 Stefan Brüns - Fix Upgrade from Leap 42.1/42.2 by adding Obsoletes/Provides: python-urllib3, fixes boo#1138746 * Fri Jun 07 2019 Tomáš Chvátal - Skip test_source_address_error as we raise different error with fixes that we provide in new python2/3 * Wed May 29 2019 Tomáš Chvátal - Add more test to skip as with new openssl some behaviour changed and we can\'t rely on them anymore * Wed May 29 2019 Tomáš Chvátal - Unbundle the six, rfc3986, and backports.ssl_match_hostname- Add missing dependency on python-six (bsc#1150895) * Fri May 24 2019 Tomáš Chvátal - Update to 1.25.3: * Change HTTPSConnection to load system CA certificates when ca_certs, ca_cert_dir, and ssl_context are unspecified. (Pull #1608, Issue #1603) * Upgrade bundled rfc3986 to v1.3.2. (Pull #1609, Issue #1605) * Mon May 06 2019 Tomáš Chvátal - Update to 1.25.2: * Change is_ipaddress to not detect IPvFuture addresses. (Pull #1583) * Change parse_url to percent-encode invalid characters within the path, query, and target components. (Pull #1586) * Add support for Google\'s Brotli package. (Pull #1572, Pull #1579) * Upgrade bundled rfc3986 to v1.3.1 (Pull #1578)- Require all the deps from the secure list rather than Recommend. This makes the check to be run always and ensure the urls are \"secure\".- Remove ndg-httpsclient as it is not needed since 2015 * Tue Apr 23 2019 Tomáš Chvátal - Add missing dependency on brotlipy- Fix the tests to pass again * Tue Apr 23 2019 Thomas Bechtold - update to 1.25 (bsc#1132663, bsc#1129071, CVE-2019-9740, CVE-2019-11236): * Require and validate certificates by default when using HTTPS * Upgraded ``urllib3.utils.parse_url()`` to be RFC 3986 compliant. * Added support for ``key_password`` for ``HTTPSConnectionPool`` to use encrypted ``key_file`` without creating your own ``SSLContext`` object. * Add TLSv1.3 support to CPython, pyOpenSSL, and SecureTransport ``SSLContext`` implementations. (Pull #1496) * Switched the default multipart header encoder from RFC 2231 to HTML 5 working draft. * Fixed issue where OpenSSL would block if an encrypted client private key was given and no password was given. Instead an ``SSLError`` is raised. * Added support for Brotli content encoding. It is enabled automatically if ``brotlipy`` package is installed which can be requested with ``urllib3[brotli]`` extra. * Drop ciphers using DSS key exchange from default TLS cipher suites. Improve default ciphers when using SecureTransport. * Implemented a more efficient ``HTTPResponse.__iter__()`` method.- Drop urllib3-test-ssl-drop-sslv3.patch . No longer needed * Wed Apr 17 2019 Matej Cepl - Update to 1.24.2 (bsc#1132900, CVE-2019-11324): - Implemented a more efficient HTTPResponse.__iter__() method. (Issue #1483) - Upgraded urllib3.utils.parse_url() to be RFC 3986 compliant. (Pull #1487) - Remove Authorization header regardless of case when redirecting to cross-site. (Issue #1510) - Added support for key_password for HTTPSConnectionPool to use encrypted key_file without creating your own SSLContext object. (Pull #1489) - Fixed issue where OpenSSL would block if an encrypted client private key was given and no password was given. Instead an SSLError is raised. (Pull #1489) - Require and validate certificates by default when using HTTPS (Pull #1507) - Added support for Brotli content encoding. It is enabled automatically if brotlipy package is installed which can be requested with urllib3[brotli] extra. (Pull #1532) - Add TLSv1.3 support to CPython, pyOpenSSL, and SecureTransport SSLContext implementations. (Pull #1496) - Drop ciphers using DSS key exchange from default TLS cipher suites. Improve default ciphers when using SecureTransport. (Pull #1496) - Add support for IPv6 addresses in subjectAltName section of certificates. (Issue #1269) - Switched the default multipart header encoder from RFC 2231 to HTML 5 working draft. (Issue #303, PR #1492) * Sun Dec 30 2018 mceplAATTsuse.com- Update to 1.24.1: * Remove quadratic behavior within GzipDecoder.decompress() (Issue #1467) * Restored functionality of ciphers parameter for create_urllib3_context(). (Issue #1462) * Thu Nov 01 2018 Tomáš Chvátal - Update to 1.24: * Allow key_server_hostname to be specified when initializing a PoolManager to allow custom SNI to be overridden. (Pull #1449) * Test against Python 3.7 on AppVeyor. (Pull #1453) * Early-out ipv6 checks when running on App Engine. (Pull #1450) * Change ambiguous description of backoff_factor (Pull #1436) * Add ability to handle multiple Content-Encodings (Issue #1441 and Pull #1442) * Skip DNS names that can\'t be idna-decoded when using pyOpenSSL (Issue #1405). * Add a server_hostname parameter to HTTPSConnection which allows for overriding the SNI hostname sent in the handshake. (Pull #1397) * Drop support for EOL Python 2.6 (Pull #1429 and Pull #1430) * Fixed bug where responses with header Content-Type: message/ * erroneously raised HeaderParsingError, resulting in a warning being logged. (Pull #1439) * Move urllib3 to src/urllib3 (Pull #1409)- Drop patch 1414.patch merged upstream- Refresh patches: * python-urllib3-recent-date.patch * urllib3-ssl-default-context.patch * Fri Sep 07 2018 mceplAATTsuse.com- Switch to multibuild to minize requirements for providing urllib3 module. * Tue Aug 21 2018 dmuellerAATTsuse.com- fix dependency again for passing tests for python 2.x * Mon Aug 20 2018 tchvatalAATTsuse.com- Do not use ifpython2 for BRs where it does not work * Mon Aug 20 2018 dmuellerAATTsuse.com- add python-ipaddress dependency for python 2.x * Wed Jul 18 2018 tchvatalAATTsuse.com- Drop not needed devel and nose deps * Sun Jul 15 2018 mimi.vxAATTgmail.com- update to 1.23 (bsc#1119376, CVE-2018-20060)- add 1414.patch - fix tests with new tornado- refresh python-urllib3-recent-date.patch- drop urllib3-test-no-coverage.patch * Allow providing a list of headers to strip from requests when redirecting to a different host. Defaults to the Authorization header. Different headers can be set via Retry.remove_headers_on_redirect. * Fix util.selectors._fileobj_to_fd to accept long * Dropped Python 3.3 support. * Put the connection back in the pool when calling stream() or read_chunked() on a chunked HEAD response. * Fixed pyOpenSSL-specific ssl client authentication issue when clients attempted to auth via certificate + chain * Add the port to the connectionpool connect print * Don\'t use the uuid module to create multipart data boundaries. * read_chunked() on a closed response returns no chunks. * Add Python 2.6 support to contrib.securetransport * Added support for auth info in url for SOCKS proxy * Wed Mar 07 2018 aplanasAATTsuse.com- Allows Recommends and Suggest in Fedora * Tue Feb 27 2018 aplanasAATTsuse.com- Recommends only for SUSE * Mon Feb 12 2018 normandAATTlinux.vnet.ibm.com- disable more flaky tests specifically for PowerPC * Sun Dec 31 2017 dimstarAATTopensuse.org- Add python-urllib3-recent-date.patch: Fix test suite, use correct date (gh#shazow/urllib3#1303, boo#1074247). * Thu Oct 19 2017 jmatejekAATTsuse.com- use python3 for detection, in anticipation of python2 removal * Fri Aug 11 2017 toddrme2178AATTgmail.com- Disable tests that timeout * Tue Aug 08 2017 tbechtoldAATTsuse.com- update to 1.22: * Fixed missing brackets in ``HTTP CONNECT`` when connecting to IPv6 address via IPv6 proxy. (Issue #1222) * Made the connection pool retry on ``SSLError``. The original ``SSLError`` is available on ``MaxRetryError.reason``. (Issue #1112) * Drain and release connection before recursing on retry/redirect. Fixes deadlocks with a blocking connectionpool. (Issue #1167) * Fixed compatibility for cookiejar. (Issue #1229) * pyopenssl: Use vendored version of ``six``. (Issue #1231)- use pytest for running the tests. That is what upstream is doing * Sat Jun 10 2017 dmuellerAATTsuse.com- update to 1.21.1: * Fixed SecureTransport issue that would cause long delays in response body delivery. (Pull #1154) * Fixed regression in 1.21 that threw exceptions when users passed the ``socket_options`` flag to the ``PoolManager``. (Issue #1165) * Fixed regression in 1.21 that threw exceptions when users passed the ``assert_hostname`` or ``assert_fingerprint`` flag to the ``PoolManager``. * Improved performance of certain selector system calls on Python 3.5 and later. (Pull #1095) * Resolved issue where the PyOpenSSL backend would not wrap SysCallError exceptions appropriately when sending data. (Pull #1125) * Selectors now detects a monkey-patched select module after import for modules that patch the select module like eventlet, greenlet. (Pull #1128) * Reduced memory consumption when streaming zlib-compressed responses (as opposed to raw deflate streams). (Pull #1129) * Connection pools now use the entire request context when constructing the pool key. (Pull #1016) * ``PoolManager.connection_from_ *`` methods now accept a new keyword argument, ``pool_kwargs``, which are merged with the existing ``connection_pool_kw``. * Add retry counter for ``status_forcelist``. (Issue #1147) * Added ``contrib`` module for using SecureTransport on macOS: ``urllib3.contrib.securetransport``. (Pull #1122) * urllib3 now only normalizes the case of ``http://`` and ``https://`` schemes: for schemes it does not recognise, it assumes they are case-sensitive and leaves them unchanged. * Wed May 17 2017 lchiquittoAATTsuse.de- Relax python-nose version requirement on SLE 12 (fate#321630) * Tue Mar 14 2017 jmatejekAATTsuse.com- merge python3 modifications- update for multipython build- update to 1.20: * Added support for waiting for I/O using selectors other than select, improving urllib3’s behaviour with large numbers of concurrent connections. (Pull #1001) * Updated the date for the system clock check. (Issue #1005) * ConnectionPools now correctly consider hostnames to be case-insensitive. (Issue #1032) * Outdated versions of PyOpenSSL now cause the PyOpenSSL contrib module to fail when it is injected, rather than at first use. (Pull #1063) * Outdated versions of cryptography now cause the PyOpenSSL contrib module to fail when it is injected, rather than at first use. (Issue #1044) * Automatically attempt to rewind a file-like body object when a request is retried or redirected. (Pull #1039) * Fix some bugs that occur when modules incautiously patch the queue module. (Pull #1061) * Prevent retries from occuring on read timeouts for which the request method was not in the method whitelist. (Issue #1059) * Changed the PyOpenSSL contrib module to lazily load idna to avoid unnecessarily bloating the memory of programs that don’t need it. (Pull #1076) * Add support for IPv6 literals with zone identifiers. (Pull #1013) * Added support for socks5h:// and socks4a:// schemes when working with SOCKS proxies, and controlled remote DNS appropriately. (Issue #1035) * Wed Dec 28 2016 tbechtoldAATTsuse.comupdate to version 1.19.1 * Forgot to mention #955. * Starting o the user guide. * Add ipaddress marker to setup.cfg. * CHANGES for #897 * Version added 1.17 * Change debug level to \'debug\' to match ConnectionPool * Moving some stuff to advanced usage. * Ignore only the unused import error * Uniform checks. * Add test for past date in Retry-After header * Adding all reference docs * Ok, I just gotta see what\'s going on here. * Adding app engine docs * Keep using the good OpenSSL * Adding timeout section * Removing absolute import in NTLMPool * Use the good OpenSSL. * Small pass at contributing * parse_url: Disallow non-integer digits explicitly in port numbers * Fixup some whitespace. * Updating copy on landing page. * Fix flake8 E305 errors * Use OS default certs when possible * Fleshing out user guide. * Fallback to the vendored ipaddress module. * Updating intersphinx to python 3.4 * Seems like version mismatch is the issue. * Improve the cipher suite comment * Retry backoff time is calculated only from the last consecutive errors sequence * Fix a typo in the user guide documentation * Update docs guide with new dependencies * Tests for #979 * Remove HIGH cipher suites as well. * Adding SSL verification section to user guide. * More CHANGES * Changes for #1017 * Changelog for #1009. * Vendor a backport of the ipaddress module. * CHANGES for 1.19 * Fixed typos * Revert \"Fallback to the vendored ipaddress module.\" * Use \"with\" to close more files eagerly and also on error * Addressing review comments * First stab at the new index page * Removing unneeded scratch file. * Fixing some references * Moving some stuff around. * CR fixes * Remove 100% requirement from nosetests. * Try using codecov * Remove absolute import. * Split ciphers up to individual lines. * add warning when timeout without total is used on App Engine * We don\'t want a sad AATThaikuginger * RequestHistory is a namedtuple instance. * I wonder if we\'re missing this. * Switching to alabaster theme * Prefer user-supplied host headers. * Try shoving it in tox.ini * Add include=urllib3/ * to prevent core module coverage through six.moves * Pointing flake8 specifically at the urllib3 package * CHANGES for #955 * Sorry PyPy. * Add support for ChaCha20. * Make Travis CI fail if docs have warnings or errors * Added CHANGES entry * Test with OpenSSL 1.1 on Mac. * Backport Python 3.5 match_hostname function. * Wrap lines to under 99 chars * Moving docs creation into tox * Gotta use the pyenv everywhere. * Explicitly check if a value in a multipart header is None instead of just a falsy value * Move to a more complex bit of idna handling. * Make codecov enforce 100% coverage. * Error if GAE_PYTHONPATH is not set when running make test-gae * Changes for #258. * adding length_remaining functionality to HTTPResponse * test TLSv1 instead of SSLv3 * fixing infinite loop when stream(None) called * Adding proxy section * Don\'t forget setup.cfg * Removing TODO * add changelog for #978 * Stop testing our parsing via TLS failure. * CHANGES for #928 * Add support for OS X. * While I\'m shotgun debugging. * Merging new release version: 1.19.1 * Clean up some bugs. * Support date in Retry-After header * Defer to URLFetch\'s default timeout instead of hard coding 5s. * Update Travis PyPy testing to 5.4 * Remove 3DES support. * Seems like Python 2.6 doesn\'t like -m pip * Adding logging and exceptions. * changing conditional order to prefer isclosed over closed * Have the \'secure\' flag install ipaddress. * Respect Retry-After header for redirection * Respect Retry-After header * Correct the import of urljoin for Python 3 * use dunder slots for Url class slots variable * Update README.rst to better reflect new documentation. * Allow PyPy 5.3 to fail * updating CHANGES and CONTRIBUTORS * Clarifying a few things. * Revert \"Remove ipaddress marker.\" * Fix GAE_PYTHONPATH error in Makefile * Removing symlinks from dummyserver certs to fix test suite on Windows * adding in exception for booleans and zero values in timeouts * CHANGES for #930 * add domain and method aware logging to connectionpool (#897) * Add release note about #941 (#943) * Make HTTPResponse.stream() work with file-like body of non-HTTPResponse type (eg StringIO) * Use HTTPException, LifoQueue, Empty, and Full from six * CHANGES for #858 and #887 * Updating links to SSL warning help page. Fixes #918 * More alabaster customizations, starting on TOC * CHANGES for #835 * It\'s possible but unlikely that we need combine * We actually require cryptography-based PyOpenSSL now. * PySocks 1.5.7 causes problems with IPv6. * fixing socks and ssl docstrings. * Fix doc syntax in user-guide.rst * Urllib3 -> urllib3 * Removing uneeded files. * Dear tox: plz propagate env vars. Thanks. * Favour our own match_hostname over old versions. * Bow before our fruit overlords. * enforce_content_length for incrementally read responses * fixing incorrect message for IncompleteRead * Update setup.cfg * Changelog for #986. * Spelling fixes * Line breaks. * Adding docs/requirements.txt for readthedocs. * CHANGES for #989. * Normalize the scheme and host in the URL parser * Update changes for 1.17 * Changes for #979 * Changelog update for #947. * Update connectionpool.py * Make BodyNotHttplibCompatible inherit from HttpError, urllib3\'s base exception class, only * Update changes for 1.18 * Update PyOpenSSL to not use ndg-httpsclient or pyasn1 * Retry history changed from list to tuple * Add a cert with IP SAN and test for it. * parse_retry_after: Disallow non-integer digits, allow whitespace * Add failing test for #1009. * Remove markers from setup.py. * Use Travis supplied PyPy 5.3 * Support retry for 413, 429 and 503 status code * Remove ipaddress marker. * Revert \"Vendor a backport of the ipaddress module.\" * Adding retry section * CVE-2016-9015: Correct set verify flags. * Update CHANGES.rst for #911 * Tests for case-insensitivity in the scheme and host * Add changelog for #967. * Try updating setuptools. * Updating flake8 locations * Forward-port 1.18.1 changelog. * Update [secure] extra. * Add more advanced usage docs * CHANGES for #990 * [contrib/pyopenssl] remove unused ssl_wrap_socket * Import more from six * Thu Sep 01 2016 tbechtoldAATTsuse.com- update to 1.16: * Disable IPv6 DNS when IPv6 connections are not possible. (Issue #840) * Provide ``key_fn_by_scheme`` pool keying mechanism that can be overridden. (Issue #830) * Normalize scheme and host to lowercase for pool keys, and include ``source_address``. (Issue #830) * Cleaner exception chain in Python 3 for ``_make_request``. (Issue #861) * Fixed installing ``urllib3[socks]`` extra. (Issue #864) * Fixed signature of ``ConnectionPool.close`` so it can actually safely be called by subclasses. (Issue #873) * Retain ``release_conn`` state across retries. (Issues #651, #866) * Add customizable ``HTTPConnectionPool.ResponseCls``, which defaults to ``HTTPResponse`` but can be replaced with a subclass. (Issue #879)- Use pypi.io as Source url * Fri May 20 2016 dmuellerAATTsuse.com- update to 1.15.1: * Fix packaging to include backports module. (Issue #841) * Added Retry(raise_on_status=False). (Issue #720) * Always use setuptools, no more distutils fallback. (Issue #785) * Dropped support for Python 3.2. (Issue #786) * Chunked transfer encoding when requesting with ``chunked=True``. * Fixed regression with IPv6 port parsing. (Issue #801) * Append SNIMissingWarning messages to allow users to specify it in the PYTHONWARNINGS environment variable. (Issue #816) * Handle unicode headers in Py2. (Issue #818) * Log certificate when there is a hostname mismatch. (Issue #820) * Preserve order of request/response headers. (Issue #821) * Wed Mar 02 2016 jmatejekAATTsuse.com- change Requires on pyopenssl, pyasn1 into Recommends, add ndg-httpsclient as well (these are dependencies of urrlib3\'s pyopenssl module, which can be used if native python\'s ssl capabilities are not good enough) * Thu Feb 11 2016 aplanasAATTsuse.com- Update 1.14 source tar.gz from the source * Rebase urllib3-test-no-coverage.patch * Tue Jan 05 2016 hpjAATTurpla.net- Update to Version 1.14 (2015-12-29) * contrib: SOCKS proxy support! (Issue #762) * Fixed AppEngine handling of transfer-encoding header and bug in Timeout defaults checking. (Issue #763)- Update to Version 1.13.1 (2015-12-18) * Fixed regression in IPv6 + SSL for match_hostname. (Issue #761)- Update to Version 1.13 (2015-12-14) * Fixed pip install urllib3[secure] on modern pip. (Issue #706) * pyopenssl: Fixed SSL3_WRITE_PENDING error. (Issue #717) * pyopenssl: Support for TLSv1.1 and TLSv1.2. (Issue #696) * Close connections more defensively on exception. (Issue #734) * Adjusted read_chunked to handle gzipped, chunk-encoded bodies without repeatedly flushing the decoder, to function better on Jython. (Issue #743) * Accept ca_cert_dir for SSL-related PoolManager configuration. (Issue #758)- removed ready-event.patch: applied upstream- disabled more dysfunctional tests * Mon Nov 16 2015 hpjAATTurpla.net- restored ability to build with openSUSE <= 13.2 * Tue Oct 27 2015 jmatejekAATTsuse.com- removed python-certifi dependency, we don\'t want to use it- drop 0001-Don-t-pin-dependency-to-exact-version.patch because it\'s not needed anymore- re-enable tests, re-add relevant dependencies * don\'t exclude test_util.py * exclude proxy timeout tests that fail for spurious reasons- urllib3-ssl-default-context.patch - use set_default_verify_paths() if no certificate path specified and verification not explicitly disabled- urllib3-test-ssl-drop-sslv3.patch - don\'t use \"SSLv3\" constants in python 2.7.9 and up- ready-event.patch - fix race conditions in timeout tests- drop %pre section because apparently \"egg-info as file\" is no longer true and this breaks builds * Wed Oct 14 2015 toddrme2178AATTgmail.com- Delete the system egg-info during pre phase: older versions of the package installed it as a directory, the latest update creates a file, and rpm has known issues with replacing this. * Tue Oct 06 2015 hpjAATTurpla.net- add python-pyOpenSSL, python-certifi and python-pyasn1 requirements * Tue Oct 06 2015 hpjAATTurpla.net- Comment out test requirements, as tests are disabled anyway, and one of these packages depend on python-requests, which depends on this package resulting in a circular dependency for openSUSE <= 13.1 * Fri Sep 25 2015 p.drouandAATTgmail.com- Update to version 1.12 * Rely on six for importing httplib to work around conflicts with other Python 3 shims. (Issue #688) * Add support for directories of certificate authorities, as supported by OpenSSL. (Issue #701) * New exception: NewConnectionError, raised when we fail to establish a new connection, usually ECONNREFUSED socket error.- Fix version dependencies- Add new build requirements following upstream changes * python-nose-exclude * python-tox * python-twine * python-wheel- Update 0001-Don-t-pin-dependency-to-exact-version.patch- Disable tests for now, as there require network
|
|
|