commit python-Werkzeug for openSUSE:Factory

Sun, 29 Oct 2023 11:39:38 -0700 

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package python-Werkzeug for openSUSE:Factory 
checked in at 2023-10-29 19:39:26
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-Werkzeug (Old)
 and      /work/SRC/openSUSE:Factory/.python-Werkzeug.new.17445 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "python-Werkzeug"

Sun Oct 29 19:39:26 2023 rev:45 rq:1120656 version:3.0.1

Changes:
--------
--- /work/SRC/openSUSE:Factory/python-Werkzeug/python-Werkzeug.changes  
2023-09-26 22:08:07.054373345 +0200
+++ 
/work/SRC/openSUSE:Factory/.python-Werkzeug.new.17445/python-Werkzeug.changes   
    2023-10-29 19:39:28.486300192 +0100
@@ -1,0 +2,15 @@
+Fri Oct 27 03:06:50 UTC 2023 - Steve Kowalik <[email protected]>
+
+- Update to 3.0.1:
+  * Fix slow multipart parsing for large parts potentially enabling DoS
+    attacks. (CVE-2023-46136, bsc#1216581)
+  * Remove previously deprecated code.
+  * Deprecate the ``__version__`` attribute. Use feature detection, or
+    ``importlib.metadata.version("werkzeug")``, instead.
+  * ``generate_password_hash`` uses scrypt by default.
+  * Add the ``"werkzeug.profiler"`` item to the  WSGI ``environ`` dictionary
+    passed to `ProfilerMiddleware`'s `filename_format` function. It contains
+    the ``elapsed`` and ``time`` values for the profiled request.
+  * Explicitly marked the PathConverter as non path isolating.
+
+-------------------------------------------------------------------

Old:
----
  werkzeug-2.3.7.tar.gz

New:
----
  werkzeug-3.0.1.tar.gz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ python-Werkzeug.spec ++++++
--- /var/tmp/diff_new_pack.rx6sGv/_old  2023-10-29 19:39:29.354331771 +0100
+++ /var/tmp/diff_new_pack.rx6sGv/_new  2023-10-29 19:39:29.354331771 +0100
@@ -27,7 +27,7 @@
 
 %{?sle15_python_module_pythons}
 Name:           python-Werkzeug%{psuffix}
-Version:        2.3.7
+Version:        3.0.1
 Release:        0
 Summary:        The Swiss Army knife of Python web development
 License:        BSD-3-Clause

++++++ werkzeug-2.3.7.tar.gz -> werkzeug-3.0.1.tar.gz ++++++
++++ 4766 lines of diff (skipped)

Reply via email to