|
|
|
|
Changelog for python310-Twisted-conch_nacl-24.7.0-lp155.177.2.noarch.rpm :
* Wed Sep 25 2024 Markéta Machová - Add upstream patch 12313-fix-test_manhole.patch to fix test failure with latest python312 * Mon Sep 09 2024 John Paul Adrian Glaubitz - Update to 24.7.0 * 24.7.0.rc2 fixed an unreleased regression caused by PR 12109. (#12279) * twisted.web.util.redirectTo now HTML-escapes the provided URL in the fallback response body it returns (GHSA-cf56-g6w6-pqq2, CVE-2024-41810). (#9839) * The HTTP 1.0 and 1.1 server provided by twisted.web could process pipelined HTTP requests out-of-order, possibly resulting in information disclosure (CVE-2024-41671/GHSA-c8m8-j448-xjx7) (#12248) * twisted.protocols.ftp now supports the IPv6 extensions defined in RFC 2428. (#9645) * twisted.internet.defer.inlineCallbacks can now yield a coroutine. (#9972) * twisted.python._shellcomp.ZshArgumentsGenerator was updated for Python 3.13. (#12065) * twisted.web.wsgi request environment now contains the peer port number as `REMOTE_PORT`. (#12096) * twisted.internet.defer.Deferred.callback() and twisted.internet.defer.Deferred.addCallbacks() no longer use `assert` to check the type of the arguments. You should now use type checking to validate your code. These changes were done to reduce the CPU usage. (#12122) * Added two new methods, twisted.logger.Logger.failuresHandled and twisted.logger.Logger.\\ failureHandler, which allow for more concise and convenient handling of exceptions when dispatching out to application code. The former can arbitrarily customize failure handling at the call site, and the latter can be used for performance-sensitive cases where no additional information needs to be logged. (#12188) * twisted.internet.defer.Deferred.addCallback now runs about 10% faster. (#12223) * twisted.internet.defer.Deferred error handling is now faster, taking 40% less time to run. (#12227) * twisted.internet.ssl.Certificate.__repr__ can now handle certificates without a common name (CN) in the certificate itself or the signing CA. (#5851) * Type annotations have been added to twisted.conch.interfaces.IKnownHostEntry and its implementations, twisted.conch.client.knownhosts.PlainHost and twisted.conch.client.knownhosts.HashedHost, correcting a variety of type confusion issues throughout the conch client code. (#9713) * twisted.python.failure.Failure once again utilizes the custom pickling logic it used to in the past. (#12112) * twisted.conch.client.knownhosts.KnownHostsFile.verifyHostKey no longer logs an exception when automatically adding an IP address host key, which means the interactive `conch` command-line no longer will either. (#12141) * The IRC server example found in the documentation was updated for readability. (#12097) * Remove contextvars from list of optional dependencies. (#12128) * The documentation for installing Twisted was moved into a single page. (#12145) * The project\'s compatibility policy now clearly indicates that the GitHub Actions test matrix defines the supported platforms. (#12167) * Updated imap4client.py example, it no longer references Python 2. (#12252) * twisted.internet.defer.returnValue has been deprecated. You can replace it with the standard `return` statement. (#9930) * The `twisted-iocpsupport` is no longer a hard dependency on Windows. * The IOCP support is now installed together with the other Windows soft * dependencies via `twisted[windows-platform]`. (#11893) * twisted.python.deprecate helper function will now always strip whitespaces from the docstrings. * This is done to have the same behaviour as with Python 3.13. (#12063) * twisted.conch.manhole.ManholeInterpreter.write, twisted.conch.manhole.ManholeInterpreter. addOutput, twisted.mail.imap4.IMAP4Server.sendUntaggedResponse `async` argument, deprecated since 18.9.0, has been removed. (#12130) * twisted.web.soap was removed. * The SOAP support was already broken, for at least the last 4 years. * The SOAP support in Twisted has no active maintainer. (#12146) * Fix #11744, #11771, #12113, #12154, #12169, #12179, #12193, #12195, [#12197], #12215, #12221, #12243, #12249, #12254, #12259, #12669 * twisted.conch.insults.window.Widget.functionKeyReceived now dispatches functional key events to corresponding `func_KEYNAME` methods, where `KEYNAME` can be `F1`, `F2`, `HOME`, `UP_ARROW` etc. This is a regression introduced with #8214 in Twisted 16.5.0, where events changed from `const` objects to bytestrings in square brackets like `[F1]`. (#12046) * twisted.web.agent.Agent now allows duplicate Content-Length headers having the same value, per RFC 9110 section 8.6. It is otherwise more strict when parsing Content-Length header values. (#9064) * twisted.web.client.HTTPConnectionPool used by HTTP clients now runs faster by using a little less CPU. (#12108) * twisted.web.http_headers now uses less CPU, making a small HTTP client request 10% faster or so. (#12116) * twisted.web\'s HTTP/1.1 server now runs a little faster, with about 10% lower CPU overhead. (#12133) * twisted.web\'s HTTP 1.1 server is an additional 5% faster. (#12155) * twisted.web.http.IM_A_TEAPOT was added and returns `I\'m a teapot` * as default message for the status code 418, * as defined in RFC 2324 section 2.3.2. (#12104) * The HTTP 1.0/1.1 server provided by twisted.web is now more picky about the first line of a request, improving compliance with RFC 9112. (#12233) * The HTTP 1.0/1.1 server provided by twisted.web now constraints the character set of HTTP header names, improving compliance with RFC 9110. (#12235) * Fix ReverseProxyResource example in developer guide. (#12152) * twisted.web.util.ChildRedirector, which has never worked on Python 3, has been removed. (#9591) * ``twisted.web.http.Request.setResponseCode()`` no longer validates the types of inputs; we encourage you to use a type checker like mypy to catch these sort of errors. The long-deprecated ``twisted.web.server.string_date_time()`` and ``twisted.web.server.date_time_string()`` APIs were removed altogether. (#12133) * twisted.web.http.HTTPClient is now deprecated in favor of twisted.web.client.Agent (#12158) * Fix #12098, #12194, #12200, #12241, #12257- Drop CVE-2024-41671.patch, merged upstream- Drop CVE-2024-41810.patch, merged upstream- Refresh 1521_delegate_parseqs_stdlib_bpo42967.patch- Refresh no-cython_test_exception_raiser.patch * Wed Jul 31 2024 Daniel Garcia - Add a couple of upstream patches to fix http process information disclosure (CVE-2024-41671, bsc#1228549) and XSS via html injection (CVE-2024-41810, bsc#1228552): * CVE-2024-41671.patch gh#twisted/twistedAATT4a930de12fb6 * CVE-2024-41810.patch gh#twisted/twistedAATT046a164f89a0 * Tue Jul 02 2024 Dirk Müller - update to 24.3.0: * twisted.logger.formatEvent now honors dotted method names, not just flat function names, in format strings, as it has long been explicitly documented to do. So, you will now get the expected result from formatEvent(\"here\'s the result of calling a method at log-format time: {obj.method()}\", obj=...) * twisted.web.http.HTTPChannel now ignores the trailer headers provided in the last chunk of a chunked encoded response, rather than raising an exception. * twisted.protocols.tls.BufferingTLSTransport, used by default by twisted.protocols.tls.TLSMemoryBIOFactory, was refactored for improved performance when doing a high number of small writes. * twisted.python.failure.Failure now throws exception for generators without triggering a deprecation warnings on Python 3.12. * twisted.internet.process.Process, used by reactor.spawnProcess, now copies the parent environment when the env=None argument is passed on Posix systems and os.posix_spawnp is used internally. * twisted.internet.defer.inlineCallbacks.returnValue\'s stack introspection was adjusted for the latest PyPy 7.3.14 release, allowing legacy AATTinlineCallbacks to run on new PyPY versions. * twisted.trial.reporter.TestRun.startTest() is no longer called for tests with skip annotation or skip attribute for Python 3.12.1 or newer. This is the result of upstream Python gh-106584 change. The behavior is not change in 3.12.0 or older.- drop twisted-pr12054-testinvokationpy3.12.1.patch, stop-using-3-arg-throw.patch (upstream) * Thu Feb 01 2024 Steve Kowalik - Add stop-using-3-arg-throw.patch: * Avoid 3-arg throw to fix a DeprecationWarning in Python 3.12. * Thu Jan 18 2024 Ben Greiner - Add twisted-pr12054-testinvokationpy3.12.1.patch * Pull request gh#twisted/twisted#12054 fixes failing tests on python312 gh#twisted/twisted#12052- Fix rpmlint errors * Thu Nov 23 2023 Markéta Machová - Update to 23.10.0 * reactor.spawnProcess() now uses posix_spawnp when possible, making it much more efficient (#5710) * Twisted now officially supports Python 3.11. (#10343) * twisted.internet.defer.race has been added as a way to get the first available result from a list of Deferreds. (#11817) * The CI suite was updated to execute the tests using a Python 3.12 pre-release (#11857) * PyAsn1 has been removed as a conch dependency. * Due to changes in the way raw private key byte serialization are handled in Cryptography, and widespread support for Ed25519 in current versions of OpenSSL, we no longer support PyNaCl as a fallback for Ed25519 keys in Conch. (#11871) * In Twisted 16.3.0, we changed twisted.web to stop dispatching HTTP/1.1 pipelined requests to application code. There was a bug in this change which still allowed clients which could send multiple full HTTP requests in a single TCP segment to trigger asynchronous processing of later requests, which could lead to out-of-order responses. This has now been corrected and twisted.web should never process a pipelined request over HTTP/1.1 until the previous request has fully completed. (CVE-2023-46137, GHSA-cq7q-gv5w-rwx2) (#11976) * Drop support for Python 3.7. Remove twisted[contextvars] extra (contextvars are always available in Python 3.7+) (#11913) * When using CPython, functions wrapped by twisted.internet.defer.inlineCallbacks can have their arguments and return values freed immediately after completion (due to there no longer being circular references). (#11885)- Delete merged patches: * regenerate-cert-to-work-with-latest-service-identity.patch * no-pygtkcompat.patch * support-new-glibc.patch * CVE-2023-46137-HTTP-pipeline-response.patch * remove-pynacl-optional-dependency.patch * py311-tests-compat.patch * Wed Nov 15 2023 Matej Cepl - Add CVE-2023-46137-HTTP-pipeline-response.patch (bsc#1216588, CVE-2023-46137) serializing pipelined HTTP requests. * Mon Jun 26 2023 Dirk Müller - add regenerate-cert-to-work-with-latest-service-identity.patch remove-pynacl-optional-dependency.patch: backports from main git to fix tests with newer dependency versions * Sun Apr 23 2023 Matej Cepl - Switch documentation to be within the main package. * Fri Apr 21 2023 Dirk Müller - add sle15_python_module_pythons (jsc#PED-68) * Thu Apr 13 2023 Matej Cepl - Make calling of %{sle15modernpython} optional. * Wed Feb 08 2023 Steve Kowalik - Add patch support-new-glibc.patch: * Support new glibc changes. * Tue Jan 10 2023 Daniel Garcia - Add py311-tests-compat.patch to fix tests with python 3.11 gh#twisted/twisted#11734 gh#twisted/twisted#11733 * Mon Nov 21 2022 Matej Cepl - Skip rpmlint error python-tests-in-package. * Tue Nov 01 2022 Steve Kowalik - Update to 22.10.0: * Features + twisted.internet.defer.maybeDeferred will now schedule a coroutine result as asynchronous operation and return a Deferred that fires with the result of the coroutine. + Twisted now works with Cryptography versions 37 and above, and as a result, its minimum TLS protocol version has been upgraded to TLSv1.2. + The systemd: endpoint parser now supports \"named\" file descriptors. This is a more reliable mechanism for choosing among several inherited descriptors. * Bugfixes + twisted.internet.base.DelayedCall.__repr__ will no longer raise AttributeError if the DelayedCall was created before debug mode was enabled. As a side-effect, twisted.internet.base.DelayedCall.creator is now defined as None in cases where previously it was undefined. + twisted.internet.iocpreactor.udp now properly re-queues its listener when there is a failure condition on the read from the socket. + twisted.internet.defer.inlineCallbacks no longer causes confusing StopIteration tracebacks to be added to the top of tracebacks originating in triggered callbacks. + The typing of twisted.internet.task.react no longer constrains the type of argv. + ContextVar.reset() now works correctly inside inlineCallbacks functions and coroutines. + Implement twisted.python.failure._Code.co_positions for compatibility with Python 3.11. + twisted.pair.tuntap._TUNSETIFF and ._TUNGETIFF values are now correct parisc, powerpc and sparc architectures. + twisted.web.vhost.NameVirtualHost will no longerreturn a NoResource error. (bsc#1204781, CVE-2022-39348) + drops CVE-2022-39348-do-not-echo-host-header.patch in older dists * Deprecations and Removals + Python 3.6 is no longer supported. + Twisted 22.4.0 was the last version with support for Python 3.6. + twisted.protocols.dict, which was deprecated in 17.9, has been removed.- Remove Python 3.6 Requires.- Drop patch skip-namespacewithwhitespace.patch, no longer required.- Refresh all patches. * Tue Jun 21 2022 Ben Greiner - Update to 22.4.0 * twisted.python.failure.Failure tracebacks now capture module information, improving compatibility with the Raven Sentry client. (#7796) * twisted.python.failure.Failure objects are now compatible with dis.distb, improving compatibility with post-mortem debuggers. (#9599) * twisted.internet.interfaces.IReactorSSL.listenSSL now has correct type annotations. (#10274) * twisted.internet.test.test_glibbase.GlibReactorBaseTests now passes. (#10317) * Conch - twisted.conch.ssh now supports using RSA keys with SHA-2 signatures (RFC 8332) when acting as a server. The rsa-sha2-512 and rsa-sha2-256 public key signature algorithms are automatically preferred over ssh-rsa if the client advertises support for them; the actual public keys do not need to change. (#9765) - twisted.conch.ssh now has an alternative Ed25519 implementation using PyNaCl, in order to support platforms that lack OpenSSL >= 1.1.1b. The new \"conch_nacl\" extra has the necessary dependency. (#10208) * Web - Twisted is now compatible with h2 4.x.x. (#10182) - twisted.web.http had several several defects in HTTP request parsing that could permit HTTP request smuggling. It now disallows signed Content-Length headers, forbids illegal characters in chunked extensions, forbids a ``0x`` prefix to chunk lengths, and only strips spaces and horizontal tab characters from header values. These changes address CVE-2022-24801 and GHSA-c2jg-hw38-jrqq. (#10323) * Mail - twisted.mail.pop3.APOPCredentials is now correctly marked as implementing twisted.cred.credentials.IUsernamHashedPassword, rather than IUsernamePassword. (#10305) * Trial - `trial --until-failure --jobs=N` now reports the number of each test pass as it begins. (#10312) - twisted.trial.unittest.TestCase now discards cleanup functions after running them. Notably, this prevents them from being run an ever growing number of times with trial -u .... (#10320)- Drop CVE-2022-24801-http-1.1-leniency.patch fixed upstream- Refresh remove-dependency-version-upper-bounds.patch- Move extra_requires optional dependencies to meta sub packages- Create :test multibuild flavor * Wed May 04 2022 Steve Kowalik - Stop removing test directories, it also removes a public module. (bsc#1198852, bsc#1198854, bsc#1198855) * Thu Apr 07 2022 Steve Kowalik - Update to 22.2.0: * Bugfixes + twisted.internet.gireactor.PortableGIReactor.simulate and twisted.internet.gtk2reactor.PortableGtkReactor.simulate no longer raises TypeError when there are no delayed called. This was a regression introduced with the migration to Python 3 in which the builtin min function no longer accepts None as an argument. (#9660) + twisted.conch.ssh.transport.SSHTransportBase now disconnects the remote peer if the SSH version string is not sent in the first 4096 bytes. (#10284, CVE-2022-21716, GHSA-rv6r-3f5q-9rgx) * Improved Documentation + Add type annotations for twisted.web.http.Request.getHeader. (#10270) * Deprecations and Removals + Support for Python 3.6, which is EoL as of 2021-09-04, has been deprecated. (#10303)- Add patch CVE-2022-24801-http-1.1-leniency.patch: * Do not be as lenient as earlier HTTP/1.1 RFCs to prevent HTTP request smuggling. (CVE-2022-24801, bsc#1198086) * Thu Mar 24 2022 Matej Cepl - Add patch skip-namespacewithwhitespace.patch: * Skip a failing test with Expat 2.4.5. * Wed Feb 23 2022 Steve Kowalik - Remove 9580-test_fails_cryptography_25.patch which is not necessary with changes in OpenSSL * Wed Feb 09 2022 Marcus Rueckert - Add 9580-test_fails_cryptography_25.patch to overcome test failures on SLE-15 with older version of OpenSSL.- refreshed patches - 1521_delegate_parseqs_stdlib_bpo42967.patch - currentThread-deprecated.patch - no-cython_test_exception_raiser.patch - no-pygtkcompat.patch - no-test_successResultOfWithFailureHasTraceback.patch - remove-dependency-version-upper-bounds.patch - skip_MultiCast.patch- remove upstreamed patches currentThread-deprecated.patch- remove tests from the package * Wed Feb 09 2022 Marcus Rueckert - Update to 22.1.0: (boo#1195667) - CVE-2022-21712 / GHSA-92x2-jw7w-xvvx twisted.web.client.RedirectAgent and twisted.web.client.BrowserLikeRedirectAgent now properly remove sensitive headers when redirecting to a different origin. (#10294) - Python 3.10 is now a supported platform (#10224) - Type annotations have been added to the twisted.python.fakepwd module. (#10287) - twisted.internet.defer.inlineCallbacks has an improved type annotation, to avoid typing errors when it is used on a function which returns a non-None result. (#10231) - twisted.internet.base.DelayedCall.__repr__ and twisted.internet.task.LoopingCall.__repr__ had the changes from [#10155] reverted to accept non-function callables. (#10235) - Revert the removal of .whl building that was done as part of [#10177]. (#10236) - The type annotation of the host parameter to twisted.internet.interfaces.IReactorTCP.connectTCP has been corrected from bytes to str. (#10251) - Deprecated twisted.python.threading.ThreadPool.currentThread() in favor of threading.current_thread(). - Switched twisted.python.threading.ThreadPool.currentThread() and twisted.python.threadable.getThreadID() to use `threading.current_thread()to avoid the deprecation warnings introduced forthreading.currentThread()`` in Python 3.10. (#10273) - twisted.internet.utils.runWithWarningsSupressed behavior of waiting on deferreds has been documented. (#10238) - Sync API docs templates with pydoctor 21.9.0 release, using new theming capabilities. (#10267) - #1681, #9944, #10198, #10218, #10219, #10228, #10229, #10234, [#10239], #10240, #10245, #10246, #10248, #10250, #10255, #10277, [#10288], #10292 - twisted.conch.ssh now supports SSH extension negotiation (RFC 8308). (#10266) - twisted.conch now uses constant-time comparisons for MACs. (#8199) - twisted.conch.ssh.filetransfer.FileTransferServer will now return an ENOENT error status if an SFTP client tries to close an unrecognized file handle. (#10293) - SSHTransportBase.ssh_KEXINIT now uses the remote peer preferred MAC list for negotiation. In previous versions it was only using the local preferred MAC list. (#10241) - twisted.web.client.RedirectAgent and twisted.web.client.BrowserLikeRedirectAgent now properly remove sensitive headers when redirecting to a different origin. (#10294) - Add type annotations for twisted.web.client.readBody. (#10269) - twisted.web.client.getPage, twisted.web.client.downladPage, and the associated implementation classes (HTTPPageGetter, HTTPPageDownloader, HTTPClientFactory, HTTPDownloader) have been removed because they do not segregate cookies by domain. They were deprecated in Twisted 16.7.0 in favor of twisted.web.client.Agent. GHSA-92x2-jw7w-xvvx. (#10295) - trial.runner.filenameToModule now sets the correct module.__name__ and sys.modules key (#10230) * Thu Jan 06 2022 Steve Kowalik - Add patch currentThread-deprecated.patch: * Do not call a deprecated method which causes reactor startup to abort. * Fri Dec 10 2021 Ben Greiner - Fix Source tags * Thu Dec 09 2021 Ben Greiner - Drop true-binary.patch which is not compatible with python310- Some rpmlint cleanup: * Deduplicate docs * Remove she-bangs in test files * Remove empty doc files * Filter test certificate warning * Wed Sep 01 2021 Fusion Future - Remove h2 < 4.0 and priority < 2.0 version restriction. (boo#1190036) * remove-dependency-version-upper-bounds.patch * Fri Aug 13 2021 Michael Gumsley - Restore no-pygtkcompat.patch due to boo#1110669 * Mon Aug 02 2021 Markéta Machová - typing_extensions is now required * Sat Jul 31 2021 Matej Cepl - Update to 21.7.0: - Python 3.10 beta is now a supported platform and should be ready for the final 3.10 release. - twisted.web.template.renderElement() now accepts any IRequest implementer instead of only twisted.web.server.Request. Add type hints to twisted.web.template. (#10184) - Type hinting was added to twisted.internet.defer, making this the first release of Twisted where you might reasonably be able to use mypy without your own custom stub files. (#10017)- Patch incremental-21.patch removed, because included in the upstream tarball. * Mon May 17 2021 Dirk Müller - add incremental-21.patch: support newer incremental versions * Wed Mar 10 2021 Steve Kowalik - Update to 21.2.0: * Features - The enableSessions argument to twisted.internet.ssl.CertificateOptions now - actually enables/disables OpenSSL\'s session cache. Also, due to - session-related bugs, it defaults to False. (#9583) - twisted.internet.defer.inlineCallbacks and ensureDeferred will now associate a contextvars.Context with the coroutines they run, meaning that ContextVar objects will maintain their value within the same coroutine, similarly to asyncio Tasks. This functionality requires Python 3.7+, or the contextvars PyPI backport to be installed for Python 3.5-3.6. (#9719, #9826) - twisted.internet.defer.Deferred.fromCoroutine has been added. This is similar to the existing ensureDeferred function, but is named more consistently inside Twisted and does not pass through Deferreds. (#9825) - trial now allows the AATTunittest.skipIf decorator to specify that an entire test class should be skipped. (#9829) - The twisted.python.deprecate.deprecatedKeywordParameter decorator can be used to mark a keyword paramater of a function or method as deprecated. (#9844) - Projects using Twisted can now perform type checking against a Twisted - installation, for example using mypy. (#9908) - twisted.python.util.InsensitiveDict now fully implements MutableMapping. (#9919) - Python 3.8 is now tested and supported. (#9955) - Support a coroutine function in twisted.internet.task.react (#9974) - PyPy 3.7 is now tested and supported. (#10093) * Bugfixes - twisted.web.twcgi.CGIProcessProtocol.processEnded(...) now handles an already-finished request, for example when request.connectionLost(...) was called previously. (#9468) - Twisted\'s dependency on PyHamcrest has been moved from the base package to the new \"test\" extra. Consequently the test extra must be installed for Twisted\'s test suite to pass. (#9509) - Fixed serialization of timedelta, date, and time objects in twisted.spread. (#9716) - twisted.internet.asyncioreactor.AsyncioSelectorReactor now raises an exception if instantiated with an event loop which is not compatible with asyncio.SelectorEventLoop. This fixes the AsyncioSelectorReactor in Python 3.8+ on Windows, where in bp-34687 the default Windows asyncio event loop was changed to ProactorEventLoop. Applications that use AsyncioSelectorReactor on Windows with Python 3.8+ must call asyncio.set_event_loop_policy(asyncio.WindowsSelectorEventLoopPolicy()) before instantiating and running AsyncioSelectorReactor. (#9766) - twisted.internet.process.registerReapProcessHandler and ._BaseProcess.reapProcess will no longer raise a TypeError when processing a None PID (#9775) - INotify will close its file descriptor if a directory is automatically removed by twisted from the watchlist because it\'s deleted, avoiding orphaned filedescriptors. (#9777) - DelayedCall.reset() is now working properly with asyncioreactor (#9780) - AsyncioSelectorReactor.seconds() now correctly returns an epoch time. (#9787) - The _connDone parameter has been removed from twisted.internet.abstract.FileDescriptor.loseConnection()\'s signature in order to match the signature in the base class twisted.internet._newtls.ConnectionMixin loseConnection(). (#9849) - The Gtk3 reactor now runs on Wayland-only sessions (#9904) - Descriptive error messages from twisted.internet.error are now present when running with \'python -OO\'. (#9918) - Comparator methods such as eq() now always return NotImplemented for uncomparable types. (#9919) - When installing Twisted it now requires a minimum Python 3.5.4 version to match the version used with automated testing. This is the minimum Python version that we know that Twisted works with. (#10098)- Drop patches no-pygtkcompat.patch, python-38-hmac-digestmod.patch, python-38-no-cgi-parseqs.patch, twisted-pr1369-remove-pyopenssl-npn.patch, twisted-pr1487-increase-ffdh-keysize.patch and test-mktime-invalid-tm_isdst.patch as they have been merged.- Refresh other patches.- Add no-cython_test_exception_raiser.patch to avoid another dependency.- Update URL and make use of sitelib, not sitearch macros * Tue Feb 23 2021 Matej Cepl - Add 1521_delegate_parseqs_stdlib_bpo42967.patch to overcome effects of bpo#42967, which forbade mixing amps and semicolons in query strings as separators (https://twistedmatrix.com/trac/ticket/10096). * Thu Feb 11 2021 Pedro Monreal - Relax the crypto policies for the test-suite * Fri Dec 11 2020 Benjamin Greiner - Add twisted-pr1369-remove-pyopenssl-npn.patch to support pyOpenSSL 20- Add twisted-pr1487-increase-ffdh-keysize.patch to support crpytography 3.3- Fix the update-alternatives setup * manpages were cloned but never registerd with u-a * install alternatives as master and slave links now * Mon Oct 12 2020 Matej Cepl - Add no-test_successResultOfWithFailureHasTraceback.patch to skip sted.conch.test.test_keys.KeyTests.test_fromOpenSSH, which fails. Upstream suggests https://twistedmatrix.com/trac/ticket/9665, but it has never been confirmed, even less fixed. * Thu May 28 2020 Marketa Calabkova - Update to 20.3.0 * drop Python 2 * twisted.news is deprecated. * twisted.conch.ssh now supports the curve25519-sha256 key exchange algorithm (requires OpenSSL >= 1.1.0). * many bugfixes and other miscelaneous fixes- Fixed update-alternatives mechanism- Added true-binary.patch- Dropped python-38-xml-namespace.patch- Reapplied python-38-hmac-digestmod.patch * Mon May 18 2020 Petr Gajdos - %python3_only -> %python_alternative * Wed Dec 04 2019 Steve Kowalik - Update to 19.10.0 bsc#1162424: * twisted.trial.successResultOf, twisted.trial.failureResultOf, and twisted.trial.assertNoResult accept coroutines as well as Deferreds. (#9006) * Fixed circular import in twisted.trial.reporter, introduced in Twisted 16.0.0. (#8267) * The POP3 server implemented by twisted.mail.pop3 now accepts passwords that contain spaces. (#9100) * Incoming HTTP/2 connections will now not time out if they persist for longer than one minute. (#9653) * twisted.conch.ssh.keys now correctly writes the \"iqmp\" parameter in serialized RSA private keys as q^-1 mod p rather than p^-1 mod q. (#9681) * twisted.web.server.Request will now use twisted.web.server.Site.getContentFile, if it exists, to get a file into which to write request content. If getContentFile is not provided by the site, it will fall back to the previous behavior of using io.BytesIO for small requests and tempfile.TemporaryFile for large ones. (#9655) * twisted.web.client.FileBodyProducer will now stop producing when the Deferred returned by FileBodyProducer.startProducing is cancelled. (#9547) * The HTTP/2 server implementation now enforces TCP flow control on control frame messages and times out clients that send invalid data without reading responses. This closes CVE-2019-9512 (Ping Flood), CVE-2019-9514 (Reset Flood), and CVE-2019-9515 (Settings Flood). Thanks to Jonathan Looney and Piotr Sikora. (#9694)- Add python-38-xml-namespace.patch to fix dictionary mutation under Python 3.8- Add python-38-hmac-digestmod.patch to add digestmod parameter where required- Add python-38-no-cgi-parseqs.patch to no longer import parse_qs from cgi * Sat Sep 14 2019 John Vandenberg - Remove mailmail when only building Python 3 flavour * Fri Sep 13 2019 Tomáš Chvátal - Update to 19.7.0: * The callable argument to twisted.internet.task.deferLater() is no longer required. (#9577) * twisted.internet.utils.getProcessOutputAndValue now accepts stdinBytes to write to the child process\'s standard input. (#9607) * Add new twisted.logger.capturedLogs context manager for capturing observed log events in tests. (#9617) * twisted.internet.base.PluggableResolverMixin, which implements the pluggable resolver interfaces for easier re-use in other reactors, has been factored out of ReactorBase. (#9632) * The PyPI page for Twisted has been enhanced to include more information and useful links. (#9648)- Refresh patch: * skip_MultiCast.patch- Remove merged patch hyperlink.patch- Remove patch 0001-Prevent-CRLF-injections-described-in-CVE-2019-12387.patch- Remove patch PR-1147.patch * Wed Aug 14 2019 Thomas Bechtold - Add PR-1147.patch (bsc#1138461, CVE-2019-12855) In words.protocols.jabber.xmlstream in Twisted through 19.2.1, XMPP support did not verify certificates when used with TLS, allowing an attacker to MITM connections. * Wed Jun 12 2019 Thomas Bechtold - Add 0001-Prevent-CRLF-injections-described-in-CVE-2019-12387.patch (bsc#1137825, CVE-2019-12387) Prevent CRLF injections * Wed Jun 12 2019 Thomas Bechtold - update to 19.2.1 (bsc#1137825, CVE-2019-12387): * Prevent CRLF injections described in CVE-2019-12387 * Wed May 22 2019 Tomáš Chvátal - Update to 19.2.0: * twisted.internet.ssl.CertificateOptions now uses 32 random bytes instead of an MD5 hash for the ssl session identifier context. (#9463) * DeferredLock and DeferredSemaphore can be used as asynchronous context managers on Python 3.5+. (#9546) * t.i.b.BaseConnector has custom __repr__ (#9548) * twisted.internet.ssl.optionsForClientTLS now supports validating IP addresses from the certificate subjectAltName (#9585) * Twisted\'s minimum Cryptography requirement is now 2.5. (#9592) * twisted.conch.ssh.keys can now read private keys in the new \"openssh-key-v1\" format, introduced in OpenSSH 6.5 and made the default in OpenSSH 7.8. (#9515) * twisted.web.client.HostnameCachingHTTPSPolicy was added as a new contextFactory option. The policy caches a specified number of twisted.internet.interfaces.IOpenSSLClientConnectionCreator instances to to avoid the cost of instantiating a connection creator for multiple requests to the same host. (#9138)- Remove merged patches: * openssl-errormsg.aptch * openssl111.patch- Add patch to tests for new hyperlink: * hyperlink.patch * Mon Feb 18 2019 Tomáš Chvátal - Add another patch for openssl 1.1.1 (from upstream git): * openssl-errormsg.aptch * Thu Jan 24 2019 schwabAATTsuse.de- test-mktime-invalid-tm_isdst.patch: don\'t pass invalid tm_isdst value to mktime (see also bpo-15750) * Thu Nov 08 2018 mceplAATTsuse.com- Add no-pygtkcompat.patch to avoid dependency on Gtk (boo#1110669) * Thu Nov 01 2018 Tomáš Chvátal - Version update to 18.9.0: * Fixes for the 3.7 python- Remove merged python37.patch- Add patch openssl111.patch which fixes tests with new pyOpenssl * Asserts changed behaviour * Mon Oct 22 2018 Tomáš Chvátal - Do not write bytecode stuff when running the tests * Fri Oct 19 2018 Matěj Cepl - Add BuildRequires python-tz, which seems to be required to test suite to pass.- Also, add skip_MultiCast.patch to skip tests requiring full netrworking stack. * Fri Oct 12 2018 ecsosAATTopensuse.org- Add missing Requires. * Thu Oct 11 2018 Tomáš Chvátal - Fix the dependencies to match up upstream setup.py- Run the tests- Add patch to build with python3.7: * python37.patch- Add missing dependency on pyamcrest- Remove unused patch lp1102685.diff * Tue Jul 17 2018 dmuellerAATTsuse.com- update to 18.7.0: for full list of changes please see https://github.com/twisted/twisted/blob/twisted-18.7.0/NEWS.rst * Tue May 29 2018 bjorn.lieAATTgmail.com- Add python-service_identity Recommends. * Fri May 18 2018 termimAATTgmail.com- update to 18.4.0 For full list of changes please see: https://github.com/twisted/twisted/blob/twisted-18.4.0/NEWS.rst * Fri Nov 10 2017 mimi.vxAATTgmail.com- update to 17.9.0 For full list of changes please see: https://github.com/twisted/twisted/blob/twisted-17.9.0/NEWS.rst * mailman is only in python2 package * Tue Jul 04 2017 tbechtoldAATTsuse.com- Adjust Requires and BuildRequires- Fix rpmlint warnings * Wed Jun 21 2017 jmatejekAATTsuse.com- remove alternatives altogether in favor of versioned executables- clean up spec file- update to 17.5.0 * too many changes to list, see full changelog in NEWS.rst * Sat Jun 17 2017 okurzAATTsuse.com- Simplify alternatives handling- Fix RPM warnings * Tue Mar 07 2017 okurzAATTsuse.com- Change to singlespec approach * Wed Sep 28 2016 arunAATTgmx.de- specfile: * make twistd the update-alternative master, same as in the python3 version (bnc #1001523) * Fri Sep 02 2016 termimAATTgmail.com- Update to version 16.4.0 For the complete list of changes plese see https://github.com/twisted/twisted/blob/twisted-16.4.0/NEWS- Update to version 16.3.0 For the complete list of changes plese see https://github.com/twisted/twisted/blob/twisted-16.3.0/NEWS- Update to version 16.2.0 For the complete list of changes plese see https://github.com/twisted/twisted/blob/twisted-16.2.0/NEWS- Update to version 16.1.1 For the complete list of changes plese see https://github.com/twisted/twisted/blob/twisted-16.1.1/NEWS- Update to version 16.1.0 For the complete list of changes plese see https://github.com/twisted/twisted/blob/twisted-16.1.0/NEWS- Update to version 16.0.0 For the complete list of changes plese see https://github.com/twisted/twisted/blob/twisted-16.0.0/NEWS * Wed Dec 02 2015 termimAATTgmail.com- Update to version 15.5.0 * This is the last Twisted release where Python 2.6 is supported, on any platform. Python 3.5 (on POSIX) support has been added. * This release introduces changes that are required for Conch\'s SSH implementation to work with OpenSSH 6.9+ servers. * twisted.python.url is a new abstraction for URLs, supporting RFC 3987 IRIs. (#5388) * twisted.python.logfile is now ported to Python 3. (#6749) * twisted.python.zippath has been ported to Python 3. (#6917) * twisted.internet.ssl.CertificateOptions and twisted.internet.ssl.optionsForClientTLS now take a acceptableProtocols parameter that enables negotiation of the next protocol to speak after the TLS handshake has completed. This field advertises protocols over both NPN and ALPN. Also added new INegotiated interface for TLS interfaces that support protocol negotiation. This interface adds a negotiatedProtocol property that reports what protocol, if any, was negotiated in the TLS handshake. (#7860) * twisted.python.urlpath.URLPath now operates correctly on Python 3, using bytes instead of strings, and introduces the fromBytes constructor to assist with creating them cross-version. (#7994) * twisted.application.strports is now ported to Python 3. (#8011) * twistd (the Twisted Daemon) is now ported to Python 3. (#8012) * Python 3.5 is now supported on POSIX platforms. (#8042) * twisted.internet.serialport is now ported on Python 3. (#8099) * twisted.logger.formatEvent now can format an event if it was flattened (twisted.logger.eventAsJSON does this) and has text after the last replacement field. (#8003) * twisted.cred.checkers.FilePasswordDB now logs an error if the credentials db file does not exist, no longer raises an unhandled error. (#8028) * twisted.python.threadpool.ThreadPool now properly starts enough threads to do any work scheduled before ThreadPool.start() is called, such as when work is scheduled in the reactor via reactor.callInThread() before reactor.run(). (#8090) * Twisted Development test standard documentation now contain information about avoiding test data files. (#6535) * The documentation for twisted.internet.defer.DeferredSemaphore now describes the actual usage for limit and tokens instance attributes. (#8024) * twisted.python._initgroups, a C extension, has been removed and stdlib support is now always used instead. (#5861) * Python 2.6 is no longer supported. (#8017) * twisted.python.util.OrderedDict is now deprecated, and uses of it in Twisted are replaced with collections.OrderedDict. (#8051) * twisted.persisted.sob.load, twisted.persisted.sob.loadValueFromFile and twisted.persisted.sob.Persistent.save() are now deprecated when used with a passphrase. The encyption used by these methods are weak. (#8081) * twisted.internet.interfaces.IStreamClientEndpointStringParser has been removed and Twisted will no longer use parsers implementing this interface. (#8094) * #5976, #6628, #6894, #6980, #7228, #7693, #7731, #7997, #8046, [#8054], #8056, #8060, #8063, #8064, #8068, #8072, #8091, #8095, [#8096], #8098, #8106 * Mon Oct 12 2015 toddrme2178AATTgmail.com- Make \"trial\" the master file for update-alternatives, since it is the only one that supports python 3 so far. * Mon Oct 12 2015 toddrme2178AATTgmail.com- Implement update-alternatives in preparation for python 3 version. * Sat Sep 12 2015 termimAATTgmail.com- Update to version 15.4.0 * add dependency on setuptools * lore removed * please see the NEWS file * Tue Aug 11 2015 seife+obsAATTb1-systems.com- change dep from python-asn1 to python-pyasn1 (renamed long ago) * Thu Jun 04 2015 termimAATTgmail.com- Wrong dependency rpm name, should be python-pycrypto * Fri May 29 2015 termimAATTgmail.com- Add missing dependencies on python-asn1 and python-Crypto- Update to version 15.2.1: * twisted.logger now marks the `isError` key correctly on legacy events generated by writes to stderr. (#7903) * twisted.logger\'s documentation is now correctly listed in the table of contents. (#7904)- Changes from version 15.2.0: * twisted.internet.process has now been ported to Python 3. (#5987) * twisted.cred.credentials is now ported to Python 3. (#6176) * twisted.trial.unittest.TestCase\'s assertEqual, assertTrue, and assertFalse methods now pass through the standard library\'s more informative failure messages. (#6306) * The new package twisted.logger provides a new, fully tested, and feature-rich logging framework. The old module twisted.python.log is now implemented using the new framework. The new logger HOWTO documents the new framework. (#6750) * twisted.python.modules is now ported to Python 3. (#7804) * twisted.python.filepath.FilePath now supports Unicode (text) paths. Like the os module, instantiating it with a Unicode path will return a Unicode-mode FilePath, instantiating with a bytes path will return a bytes-mode FilePath. (#7805) * twisted.internet.kqreactor is now ported to Python 3 (#7823) * twisted.internet.endpoints.ProcessEndpoint is now ported to Python 3. (#7824) * twisted.python.filepath.FilePath now has asBytesMode and asTextMode methods which return a FilePath in the requested mode. (#7830) * twisted.python.components.proxyForInterface now creates method proxies that can be used with functools.wraps. (#7832) * The tls optional dependency will now also install the idna package to validate idna2008 names. (#7853) * Don\'t raise an exception if `DefaultLogObserver.emit()` gets an event with a message that raises when `repr()` is called on it. Specifically: use `textFromEventDict()` instead of a separate (and inferior) message rendering implementation. (#6569) * twisted.cred.credentials.DigestedCredentials incorrectly handled md5-sess hashing according to the RFC, which has now been fixed. (#7835) * Fixed an issue with twisted.internet.task.LoopingCall.withCount where sometimes the passed callable would be invoked with \"0\" when we got close to tricky floating point boundary conditions. (#7836) * twisted.internet.defer now properly works with the new logging system. (#7851) * Change `messages` key to `log_io` for events generated by `LoggingFile`. (#7852) * twisted.logger had literal characters in docstrings that are now quoted. (#7854) * twisted.logger now correctly formats a log event with a key named `message` when passed to a legacy log observer. (#7855) * twisted.internet.endpoints.HostnameEndpoint now uses getaddrinfo properly on Python 3.4 and above. (#7886) * Fix a typo in narrative documentation for logger (#7875) * tkunzip and tapconvert in twisted.scripts were deprecated in 11.0 and 12.1 respectively, and are now removed. (#6747) * twisted.protocols.gps is deprecated in preference to twisted.positioning. (#6810) * twisted.scripts.tap2deb and twisted.scripts.tap2rpm are now deprecated. (#7682) * twisted.trial.reporter.TestResult and twisted.trial.reporter.Reporter contained deprecated methods (since 8.0) which have now been removed. (#7815) * #6027, #7287, #7701, #7727, #7758, #7776, #7786, #7812, #7819, [#7831], #7838, #7865, #7866, #7869, #7872, #7877, #7878, #7885 * twisted.conch.ssh.forwarding now supports local->remote forwarding of IPv6 (#7751) * twisted.mail.smtp.sendmail now uses ESMTP. It will opportunistically enable encryption and allow the use of authentication. (#7257) * twisted.web.static is now ported to Python 3. (#6177) * twisted.web.server.Site accepts requestFactory as constructor argument. (#7016) * twisted.web.util had some HTML generation functions deprecated since 12.1 that have now been removed. (#7828) * #6927, #7797, #7802, #7846 * The resumeOffset argument to twisted.words.protocol.irc.DccFileReceive now works as it is documented. (#7775) * Thu May 07 2015 jmatejekAATTsuse.cz- Version 15.1.0: * deprecated MSN protocol support * improved docs for Trial * removed deprecated UDPClient * twisted.web.static.File allows defining a custom resource for rendering forbidden pages. * minor bugfixes * Sat Mar 14 2015 matwey.kornilovAATTgmail.com- Version 15.0.0: + please, see NEWS file- Update lp1102685.diff
|
|
|