SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for python312-Twisted-all_non_platform-24.3.0-2.1.noarch.rpm :

* Wed Jul 31 2024 Daniel Garcia - Add a couple of upstream patches to fix http process information disclosure (CVE-2024-41671, bsc#1228549) and XSS via html injection (CVE-2024-41810, bsc#1228552):
* CVE-2024-41671.patch gh#twisted/twistedAATT4a930de12fb6
* CVE-2024-41810.patch gh#twisted/twistedAATT046a164f89a0
* Tue Jul 02 2024 Dirk Müller - update to 24.3.0:
* twisted.logger.formatEvent now honors dotted method names, not just flat function names, in format strings, as it has long been explicitly documented to do. So, you will now get the expected result from formatEvent(\"here\'s the result of calling a method at log-format time: {obj.method()}\", obj=...)
* twisted.web.http.HTTPChannel now ignores the trailer headers provided in the last chunk of a chunked encoded response, rather than raising an exception.
* twisted.protocols.tls.BufferingTLSTransport, used by default by twisted.protocols.tls.TLSMemoryBIOFactory, was refactored for improved performance when doing a high number of small writes.
* twisted.python.failure.Failure now throws exception for generators without triggering a deprecation warnings on Python 3.12.
* twisted.internet.process.Process, used by reactor.spawnProcess, now copies the parent environment when the env=None argument is passed on Posix systems and os.posix_spawnp is used internally.
* twisted.internet.defer.inlineCallbacks.returnValue\'s stack introspection was adjusted for the latest PyPy 7.3.14 release, allowing legacy AATTinlineCallbacks to run on new PyPY versions.
* twisted.trial.reporter.TestRun.startTest() is no longer called for tests with skip annotation or skip attribute for Python 3.12.1 or newer. This is the result of upstream Python gh-106584 change. The behavior is not change in 3.12.0 or older.- drop twisted-pr12054-testinvokationpy3.12.1.patch, stop-using-3-arg-throw.patch (upstream)
* Thu Feb 01 2024 Steve Kowalik - Add stop-using-3-arg-throw.patch:
* Avoid 3-arg throw to fix a DeprecationWarning in Python 3.12.
* Thu Jan 18 2024 Ben Greiner - Add twisted-pr12054-testinvokationpy3.12.1.patch
* Pull request gh#twisted/twisted#12054 fixes failing tests on python312 gh#twisted/twisted#12052- Fix rpmlint errors
* Thu Nov 23 2023 Markéta Machová - Update to 23.10.0
* reactor.spawnProcess() now uses posix_spawnp when possible, making it much more efficient (#5710)
* Twisted now officially supports Python 3.11. (#10343)
* twisted.internet.defer.race has been added as a way to get the first available result from a list of Deferreds. (#11817)
* The CI suite was updated to execute the tests using a Python 3.12 pre-release (#11857)
* PyAsn1 has been removed as a conch dependency.
* Due to changes in the way raw private key byte serialization are handled in Cryptography, and widespread support for Ed25519 in current versions of OpenSSL, we no longer support PyNaCl as a fallback for Ed25519 keys in Conch. (#11871)
* In Twisted 16.3.0, we changed twisted.web to stop dispatching HTTP/1.1 pipelined requests to application code. There was a bug in this change which still allowed clients which could send multiple full HTTP requests in a single TCP segment to trigger asynchronous processing of later requests, which could lead to out-of-order responses. This has now been corrected and twisted.web should never process a pipelined request over HTTP/1.1 until the previous request has fully completed. (CVE-2023-46137, GHSA-cq7q-gv5w-rwx2) (#11976)
* Drop support for Python 3.7. Remove twisted[contextvars] extra (contextvars are always available in Python 3.7+) (#11913)
* When using CPython, functions wrapped by twisted.internet.defer.inlineCallbacks can have their arguments and return values freed immediately after completion (due to there no longer being circular references). (#11885)- Delete merged patches:
* regenerate-cert-to-work-with-latest-service-identity.patch
* no-pygtkcompat.patch
* support-new-glibc.patch
* CVE-2023-46137-HTTP-pipeline-response.patch
* remove-pynacl-optional-dependency.patch
* py311-tests-compat.patch
* Wed Nov 15 2023 Matej Cepl - Add CVE-2023-46137-HTTP-pipeline-response.patch (bsc#1216588, CVE-2023-46137) serializing pipelined HTTP requests.
* Mon Jun 26 2023 Dirk Müller - add regenerate-cert-to-work-with-latest-service-identity.patch remove-pynacl-optional-dependency.patch: backports from main git to fix tests with newer dependency versions
* Sun Apr 23 2023 Matej Cepl - Switch documentation to be within the main package.
* Fri Apr 21 2023 Dirk Müller - add sle15_python_module_pythons (jsc#PED-68)
* Thu Apr 13 2023 Matej Cepl - Make calling of %{sle15modernpython} optional.
* Wed Feb 08 2023 Steve Kowalik - Add patch support-new-glibc.patch:
* Support new glibc changes.
* Tue Jan 10 2023 Daniel Garcia - Add py311-tests-compat.patch to fix tests with python 3.11 gh#twisted/twisted#11734 gh#twisted/twisted#11733
* Mon Nov 21 2022 Matej Cepl - Skip rpmlint error python-tests-in-package.
* Tue Nov 01 2022 Steve Kowalik - Update to 22.10.0:
* Features + twisted.internet.defer.maybeDeferred will now schedule a coroutine result as asynchronous operation and return a Deferred that fires with the result of the coroutine. + Twisted now works with Cryptography versions 37 and above, and as a result, its minimum TLS protocol version has been upgraded to TLSv1.2. + The systemd: endpoint parser now supports \"named\" file descriptors. This is a more reliable mechanism for choosing among several inherited descriptors.
* Bugfixes + twisted.internet.base.DelayedCall.__repr__ will no longer raise AttributeError if the DelayedCall was created before debug mode was enabled. As a side-effect, twisted.internet.base.DelayedCall.creator is now defined as None in cases where previously it was undefined. + twisted.internet.iocpreactor.udp now properly re-queues its listener when there is a failure condition on the read from the socket. + twisted.internet.defer.inlineCallbacks no longer causes confusing StopIteration tracebacks to be added to the top of tracebacks originating in triggered callbacks. + The typing of twisted.internet.task.react no longer constrains the type of argv. + ContextVar.reset() now works correctly inside inlineCallbacks functions and coroutines. + Implement twisted.python.failure._Code.co_positions for compatibility with Python 3.11. + twisted.pair.tuntap._TUNSETIFF and ._TUNGETIFF values are now correct parisc, powerpc and sparc architectures. + twisted.web.vhost.NameVirtualHost will no longerreturn a NoResource error. (bsc#1204781, CVE-2022-39348) + drops CVE-2022-39348-do-not-echo-host-header.patch in older dists
* Deprecations and Removals + Python 3.6 is no longer supported. + Twisted 22.4.0 was the last version with support for Python 3.6. + twisted.protocols.dict, which was deprecated in 17.9, has been removed.- Remove Python 3.6 Requires.- Drop patch skip-namespacewithwhitespace.patch, no longer required.- Refresh all patches.
* Tue Jun 21 2022 Ben Greiner - Update to 22.4.0
* twisted.python.failure.Failure tracebacks now capture module information, improving compatibility with the Raven Sentry client. (#7796)
* twisted.python.failure.Failure objects are now compatible with dis.distb, improving compatibility with post-mortem debuggers. (#9599)
* twisted.internet.interfaces.IReactorSSL.listenSSL now has correct type annotations. (#10274)
* twisted.internet.test.test_glibbase.GlibReactorBaseTests now passes. (#10317)
* Conch - twisted.conch.ssh now supports using RSA keys with SHA-2 signatures (RFC 8332) when acting as a server. The rsa-sha2-512 and rsa-sha2-256 public key signature algorithms are automatically preferred over ssh-rsa if the client advertises support for them; the actual public keys do not need to change. (#9765) - twisted.conch.ssh now has an alternative Ed25519 implementation using PyNaCl, in order to support platforms that lack OpenSSL >= 1.1.1b. The new \"conch_nacl\" extra has the necessary dependency. (#10208)
* Web - Twisted is now compatible with h2 4.x.x. (#10182) - twisted.web.http had several several defects in HTTP request parsing that could permit HTTP request smuggling. It now disallows signed Content-Length headers, forbids illegal characters in chunked extensions, forbids a ``0x`` prefix to chunk lengths, and only strips spaces and horizontal tab characters from header values. These changes address CVE-2022-24801 and GHSA-c2jg-hw38-jrqq. (#10323)
* Mail - twisted.mail.pop3.APOPCredentials is now correctly marked as implementing twisted.cred.credentials.IUsernamHashedPassword, rather than IUsernamePassword. (#10305)
* Trial - `trial --until-failure --jobs=N` now reports the number of each test pass as it begins. (#10312) - twisted.trial.unittest.TestCase now discards cleanup functions after running them. Notably, this prevents them from being run an ever growing number of times with trial -u .... (#10320)- Drop CVE-2022-24801-http-1.1-leniency.patch fixed upstream- Refresh remove-dependency-version-upper-bounds.patch- Move extra_requires optional dependencies to meta sub packages- Create :test multibuild flavor
* Wed May 04 2022 Steve Kowalik - Stop removing test directories, it also removes a public module. (bsc#1198852, bsc#1198854, bsc#1198855)
* Thu Apr 07 2022 Steve Kowalik - Update to 22.2.0:
* Bugfixes + twisted.internet.gireactor.PortableGIReactor.simulate and twisted.internet.gtk2reactor.PortableGtkReactor.simulate no longer raises TypeError when there are no delayed called. This was a regression introduced with the migration to Python 3 in which the builtin min function no longer accepts None as an argument. (#9660) + twisted.conch.ssh.transport.SSHTransportBase now disconnects the remote peer if the SSH version string is not sent in the first 4096 bytes. (#10284, CVE-2022-21716, GHSA-rv6r-3f5q-9rgx)
* Improved Documentation + Add type annotations for twisted.web.http.Request.getHeader. (#10270)
* Deprecations and Removals + Support for Python 3.6, which is EoL as of 2021-09-04, has been deprecated. (#10303)- Add patch CVE-2022-24801-http-1.1-leniency.patch:
* Do not be as lenient as earlier HTTP/1.1 RFCs to prevent HTTP request smuggling. (CVE-2022-24801, bsc#1198086)
* Thu Mar 24 2022 Matej Cepl - Add patch skip-namespacewithwhitespace.patch:
* Skip a failing test with Expat 2.4.5.
* Wed Feb 23 2022 Steve Kowalik - Remove 9580-test_fails_cryptography_25.patch which is not necessary with changes in OpenSSL
* Wed Feb 09 2022 Marcus Rueckert - Add 9580-test_fails_cryptography_25.patch to overcome test failures on SLE-15 with older version of OpenSSL.- refreshed patches - 1521_delegate_parseqs_stdlib_bpo42967.patch - currentThread-deprecated.patch - no-cython_test_exception_raiser.patch - no-pygtkcompat.patch - no-test_successResultOfWithFailureHasTraceback.patch - remove-dependency-version-upper-bounds.patch - skip_MultiCast.patch- remove upstreamed patches currentThread-deprecated.patch- remove tests from the package
* Wed Feb 09 2022 Marcus Rueckert - Update to 22.1.0: (boo#1195667) - CVE-2022-21712 / GHSA-92x2-jw7w-xvvx twisted.web.client.RedirectAgent and twisted.web.client.BrowserLikeRedirectAgent now properly remove sensitive headers when redirecting to a different origin. (#10294) - Python 3.10 is now a supported platform (#10224) - Type annotations have been added to the twisted.python.fakepwd module. (#10287) - twisted.internet.defer.inlineCallbacks has an improved type annotation, to avoid typing errors when it is used on a function which returns a non-None result. (#10231) - twisted.internet.base.DelayedCall.__repr__ and twisted.internet.task.LoopingCall.__repr__ had the changes from [#10155] reverted to accept non-function callables. (#10235) - Revert the removal of .whl building that was done as part of [#10177]. (#10236) - The type annotation of the host parameter to twisted.internet.interfaces.IReactorTCP.connectTCP has been corrected from bytes to str. (#10251) - Deprecated twisted.python.threading.ThreadPool.currentThread() in favor of threading.current_thread(). - Switched twisted.python.threading.ThreadPool.currentThread() and twisted.python.threadable.getThreadID() to use `threading.current_thread()to avoid the deprecation warnings introduced forthreading.currentThread()`` in Python 3.10. (#10273) - twisted.internet.utils.runWithWarningsSupressed behavior of waiting on deferreds has been documented. (#10238) - Sync API docs templates with pydoctor 21.9.0 release, using new theming capabilities. (#10267) - #1681, #9944, #10198, #10218, #10219, #10228, #10229, #10234, [#10239], #10240, #10245, #10246, #10248, #10250, #10255, #10277, [#10288], #10292 - twisted.conch.ssh now supports SSH extension negotiation (RFC 8308). (#10266) - twisted.conch now uses constant-time comparisons for MACs. (#8199) - twisted.conch.ssh.filetransfer.FileTransferServer will now return an ENOENT error status if an SFTP client tries to close an unrecognized file handle. (#10293) - SSHTransportBase.ssh_KEXINIT now uses the remote peer preferred MAC list for negotiation. In previous versions it was only using the local preferred MAC list. (#10241) - twisted.web.client.RedirectAgent and twisted.web.client.BrowserLikeRedirectAgent now properly remove sensitive headers when redirecting to a different origin. (#10294) - Add type annotations for twisted.web.client.readBody. (#10269) - twisted.web.client.getPage, twisted.web.client.downladPage, and the associated implementation classes (HTTPPageGetter, HTTPPageDownloader, HTTPClientFactory, HTTPDownloader) have been removed because they do not segregate cookies by domain. They were deprecated in Twisted 16.7.0 in favor of twisted.web.client.Agent. GHSA-92x2-jw7w-xvvx. (#10295) - trial.runner.filenameToModule now sets the correct module.__name__ and sys.modules key (#10230)
* Thu Jan 06 2022 Steve Kowalik - Add patch currentThread-deprecated.patch:
* Do not call a deprecated method which causes reactor startup to abort.
* Fri Dec 10 2021 Ben Greiner - Fix Source tags
* Thu Dec 09 2021 Ben Greiner - Drop true-binary.patch which is not compatible with python310- Some rpmlint cleanup:
* Deduplicate docs
* Remove she-bangs in test files
* Remove empty doc files
* Filter test certificate warning
* Wed Sep 01 2021 Fusion Future - Remove h2 < 4.0 and priority < 2.0 version restriction. (boo#1190036)
* remove-dependency-version-upper-bounds.patch
* Fri Aug 13 2021 Michael Gumsley - Restore no-pygtkcompat.patch due to boo#1110669
* Mon Aug 02 2021 Markéta Machová - typing_extensions is now required
* Sat Jul 31 2021 Matej Cepl - Update to 21.7.0: - Python 3.10 beta is now a supported platform and should be ready for the final 3.10 release. - twisted.web.template.renderElement() now accepts any IRequest implementer instead of only twisted.web.server.Request. Add type hints to twisted.web.template. (#10184) - Type hinting was added to twisted.internet.defer, making this the first release of Twisted where you might reasonably be able to use mypy without your own custom stub files. (#10017)- Patch incremental-21.patch removed, because included in the upstream tarball.
* Mon May 17 2021 Dirk Müller - add incremental-21.patch: support newer incremental versions
* Wed Mar 10 2021 Steve Kowalik - Update to 21.2.0:
* Features - The enableSessions argument to twisted.internet.ssl.CertificateOptions now - actually enables/disables OpenSSL\'s session cache. Also, due to - session-related bugs, it defaults to False. (#9583) - twisted.internet.defer.inlineCallbacks and ensureDeferred will now associate a contextvars.Context with the coroutines they run, meaning that ContextVar objects will maintain their value within the same coroutine, similarly to asyncio Tasks. This functionality requires Python 3.7+, or the contextvars PyPI backport to be installed for Python 3.5-3.6. (#9719, #9826) - twisted.internet.defer.Deferred.fromCoroutine has been added. This is similar to the existing ensureDeferred function, but is named more consistently inside Twisted and does not pass through Deferreds. (#9825) - trial now allows the AATTunittest.skipIf decorator to specify that an entire test class should be skipped. (#9829) - The twisted.python.deprecate.deprecatedKeywordParameter decorator can be used to mark a keyword paramater of a function or method as deprecated. (#9844) - Projects using Twisted can now perform type checking against a Twisted - installation, for example using mypy. (#9908) - twisted.python.util.InsensitiveDict now fully implements MutableMapping. (#9919) - Python 3.8 is now tested and supported. (#9955) - Support a coroutine function in twisted.internet.task.react (#9974) - PyPy 3.7 is now tested and supported. (#10093)
* Bugfixes - twisted.web.twcgi.CGIProcessProtocol.processEnded(...) now handles an already-finished request, for example when request.connectionLost(...) was called previously. (#9468) - Twisted\'s dependency on PyHamcrest has been moved from the base package to the new \"test\" extra. Consequently the test extra must be installed for Twisted\'s test suite to pass. (#9509) - Fixed serialization of timedelta, date, and time objects in twisted.spread. (#9716) - twisted.internet.asyncioreactor.AsyncioSelectorReactor now raises an exception if instantiated with an event loop which is not compatible with asyncio.SelectorEventLoop. This fixes the AsyncioSelectorReactor in Python 3.8+ on Windows, where in bp-34687 the default Windows asyncio event loop was changed to ProactorEventLoop. Applications that use AsyncioSelectorReactor on Windows with Python 3.8+ must call asyncio.set_event_loop_policy(asyncio.WindowsSelectorEventLoopPolicy()) before instantiating and running AsyncioSelectorReactor. (#9766) - twisted.internet.process.registerReapProcessHandler and ._BaseProcess.reapProcess will no longer raise a TypeError when processing a None PID (#9775) - INotify will close its file descriptor if a directory is automatically removed by twisted from the watchlist because it\'s deleted, avoiding orphaned filedescriptors. (#9777) - DelayedCall.reset() is now working properly with asyncioreactor (#9780) - AsyncioSelectorReactor.seconds() now correctly returns an epoch time. (#9787) - The _connDone parameter has been removed from twisted.internet.abstract.FileDescriptor.loseConnection()\'s signature in order to match the signature in the base class twisted.internet._newtls.ConnectionMixin loseConnection(). (#9849) - The Gtk3 reactor now runs on Wayland-only sessions (#9904) - Descriptive error messages from twisted.internet.error are now present when running with \'python -OO\'. (#9918) - Comparator methods such as eq() now always return NotImplemented for uncomparable types. (#9919) - When installing Twisted it now requires a minimum Python 3.5.4 version to match the version used with automated testing. This is the minimum Python version that we know that Twisted works with. (#10098)- Drop patches no-pygtkcompat.patch, python-38-hmac-digestmod.patch, python-38-no-cgi-parseqs.patch, twisted-pr1369-remove-pyopenssl-npn.patch, twisted-pr1487-increase-ffdh-keysize.patch and test-mktime-invalid-tm_isdst.patch as they have been merged.- Refresh other patches.- Add no-cython_test_exception_raiser.patch to avoid another dependency.- Update URL and make use of sitelib, not sitearch macros
* Tue Feb 23 2021 Matej Cepl - Add 1521_delegate_parseqs_stdlib_bpo42967.patch to overcome effects of bpo#42967, which forbade mixing amps and semicolons in query strings as separators (https://twistedmatrix.com/trac/ticket/10096).
* Thu Feb 11 2021 Pedro Monreal - Relax the crypto policies for the test-suite
 
ICM