SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for python3-tornado-4.5.3-150000.3.6.1.x86_64.rpm :

* Mon May 29 2023 qzhaoAATTsuse.com- Add tornado-Fix-an-open-redirect-in-StaticFileHandler.patch: Backport from upstream, Fix an open redirect in StaticFileHandler. Under some configurations the default_filename redirect could be exploited to redirect to an attacker-controlled site. This change refuses to redirect to URLs that could be misinterpreted (CVE-2023-28370 bsc#1211741).
* Tue Sep 17 2019 vcizekAATTsuse.com- Add patch to skip tests failing with OpenSSL 1.1.1 (bsc#1149792)
* it happens only when using TLS 1.3, so if user wants to use tornado, they can hand disable the TLS 1.3 and continue
* add tornado-skip-failing-tests.patch
* Fri Mar 16 2018 roAATTsuse.de- add tornado-testsuite_timeout.patch (bsc#1085661) extend timeouts in testsuite to allow successful build on ppc64le
* Wed Mar 07 2018 aplanasAATTsuse.com- Allows Recommends and Suggest in Fedora
* Tue Feb 27 2018 aplanasAATTsuse.com- Recommends only for SUSE
* Tue Feb 13 2018 toddrme2178AATTgmail.com- Update to version 4.5.3 + tornado.curl_httpclient
* Improved debug logging on Python 3. + tornado.httpserver
* ``Content-Length`` and ``Transfer-Encoding`` headers are no longer sent with 1xx or 204 responses (this was already true of 304 responses).
* Reading chunked requests no longer leaves the connection in a broken state. + tornado.iostream
* Writing a `memoryview` can no longer result in \"BufferError: Existing exports of data: object cannot be re-sized\". + tornado.options
* Duplicate option names are now detected properly whether they use hyphens or underscores. + tornado.testing
* `.AsyncHTTPTestCase.fetch` now uses ``127.0.0.1`` instead of ``localhost``, improving compatibility with systems that have partially-working ipv6 stacks. + tornado.web
* It is no longer allowed to send a body with 1xx or 204 responses. + tornado.websocket
* Requests with invalid websocket headers now get a response with status code 400 instead of a closed connection.
* Thu Jan 04 2018 jmatejekAATTsuse.com- only buildrequire futures / singledispatch if python2 is present (fixes build in environments that don\'t have python2 at all)
* Wed Dec 06 2017 tchvatalAATTsuse.com- Distribute license file
* Wed Nov 22 2017 arunAATTgmx.de- specfile:
* removed tornado-configtest.patch: fixed upstream
* update tornado-async-deprecation.patch (partly integrated)- update to version 4.5.2:
* Tornado now sets the FD_CLOEXEC flag on all file descriptors it creates. This prevents hanging client connections and resource leaks when the tornado.autoreload module (or Application(debug=True)) is used.- changes from version 4.5.1:
* tornado.log + Improved detection of libraries for colorized logging.
* tornado.httputil + url_concat once again treats None as equivalent to an empty sequence.- changes from version 4.5.0:
* long changelog, see http://www.tornadoweb.org/en/stable/releases/v4.5.0.html for details
* Tue Oct 17 2017 opensuse_buildserviceAATTojkastl.de- added %{python_module backports.ssl_match_hostname} on SLES12 GA aka SP0, to avoid build errors- explicit BuildRequires for certifi on SLES12 GA aka SP0 only
* Tue Oct 17 2017 opensuse_buildserviceAATTojkastl.de- added certifi to BuildRequires, to fix \'ImportError: No module named certifi\'
* Wed Aug 09 2017 toddrme2178AATTgmail.com- Fix tests
* Fri Jun 23 2017 jmatejekAATTsuse.com- in %pre, remove egg-info file if installed, because it\'s being replaced by a directory (bsc#1035604)
* Tue Jun 13 2017 jmatejekAATTsuse.com- replace the complicated condition for requiring backports.ssl_match_hostname with unconditional requirement for Python >= 2.7.9
* Wed May 31 2017 dmuellerAATTsuse.com- require python-backports.ssl_hostname only on python 2.x
* Fri Apr 07 2017 toddrme2178AATTgmail.com- update to 4.4.3
* The `tornado.auth` module has been updated for compatibility with `a change to Facebook\'s access_token endpoint.
* Thu Apr 06 2017 jmatejekAATTsuse.com- tornado-configtest.patch: fix test failure when __file__ is not absolute- tornado-async-deprecations.patch: filter test failures due to async deprecation warnings, to fix build on python 3.6- update for multipython build- enable test suite
* Mon Nov 14 2016 dmuellerAATTsuse.com- update to 4.4.2:
* Tornado now requires Python 2.7 or 3.3+; versions 2.6 and 3.2 are no longer supported. Pypy3 is still supported even though its latest release is mainly based on Python 3.2.
* The `monotonic `_ package is now supported as an alternative to `Monotime `_ for monotonic clock support on Python 2.
* Wed Dec 23 2015 jmassaguerplaAATTsuse.com- add singledispatch and backports_abc dependencies as stated in docs/releases/v4.3.0.rst
* Tornado has several new dependencies: (...) ``singledispatch`` on all Python versions prior to 3.4 (This was an optional dependency in prior versions of Tornado, and is now mandatory), and ``backports_abc>=0.4`` on all versions prior to 3.5 Since this python module works with python version >= 2.7.9 (otherwise it would be called python3-tornado, afaiu)
* Wed Dec 09 2015 toddrme2178AATTgmail.com- Switch to pypi tarball. It uses \"4.3\" instead of \"4.3.0\"
* Tue Dec 08 2015 kkaempfAATTsuse.com- Update to 4.3.0 - The new async/await keywords in Python 3.5 are supported. Deprecation notice - This will be the last release of Tornado to support Python 2.6 or 3.2. See http://www.tornadoweb.org/en/stable/releases/v4.3.0.html
* Sat Oct 17 2015 mcAATTsuse.com- fix macro- use package name python-backports-ssl_match_hostname on rhel7- define py_ver where it does not exist
* Wed Sep 30 2015 fcastelliAATTsuse.com- python-certifi is an optional depedency when python 2.7.9 is available.
* Sat Sep 26 2015 toddrme2178AATTgmail.com- python-certifi is a hard dependency, not an optional one.
* Wed Sep 23 2015 tampakrapAATTopensuse.org- Remove python-Twisted BuildRequires. It causes a python-cryptography build dependency, which is currently broken on SLE11SP4 due to old OpenSSL version
* Thu Sep 10 2015 aboe76AATTgmail.com- Update to 4.2.1: Security fix:
* This release fixes a path traversal vulnerability in StaticFileHandler, in which files whose names started with the static_path directory but were not actually in that directory could be accessed.- Update to 4.2: Backwards-compatibility:
* SSLIOStream.connect and IOStream.start_tls now validate certificates by default.
* Certificate validation will now use the system CA root certificates instead of certifi when possible (i.e. Python 2.7.9+ or 3.4+). This includes IOStream and simple_httpclient, but not curl_httpclient
* The default SSL configuration has become stricter, using ssl.create_default_context where available on the client side. (On the server side, applications are encouraged to migrate from the ssl_options dict-based API to pass an ssl.SSLContext instead).
* The deprecated classes in the tornado.auth module, GoogleMixin, FacebookMixin, and FriendFeedMixin have been removed.
* see more details: http://www.tornadoweb.org/en/stable/releases/v4.2.0.html
* Wed Aug 12 2015 seife+obsAATTb1-systems.com- fix build with non-SUSE distributions
* Wed Apr 22 2015 mciharAATTsuse.cz- Update to 4.1:
* If a `.Future` contains an exception but that exception is never examined or re-raised (e.g. by yielding the `.Future`), a stack trace will be logged when the `.Future` is garbage-collected.
* New class `tornado.gen.WaitIterator` provides a way to iterate over ``Futures`` in the order they resolve.
* The `tornado.websocket` module now supports compression via the \"permessage-deflate\" extension. Override `.WebSocketHandler.get_compression_options` to enable on the server side, and use the ``compression_options`` keyword argument to `.websocket_connect` on the client side.
* When the appropriate packages are installed, it is possible to yield `asyncio.Future` or Twisted ``Defered`` objects in Tornado coroutines.
  
ICM