Hello community,
here is the log from the commit of package python-jupyter_notebook for
openSUSE:Factory checked in at 2019-03-12 09:55:07
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-jupyter_notebook (Old)
and /work/SRC/openSUSE:Factory/.python-jupyter_notebook.new.28833 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-jupyter_notebook"
Tue Mar 12 09:55:07 2019 rev:17 rq:683911 version:5.7.6
Changes:
--------
---
/work/SRC/openSUSE:Factory/python-jupyter_notebook/python-jupyter_notebook.changes
2019-01-21 10:50:57.247975616 +0100
+++
/work/SRC/openSUSE:Factory/.python-jupyter_notebook.new.28833/python-jupyter_notebook.changes
2019-03-12 09:55:11.543516799 +0100
@@ -1,0 +2,26 @@
+Sun Mar 10 16:48:18 UTC 2019 - Arun Persaud <[email protected]>
+
+- update to version 5.7.6:
+ * 5.7.6 contains a security fix for a cross-site inclusion (XSSI)
+ vulnerability, where files at a known URL could be included in a
+ page from an unauthorized website if the user is logged into a
+ Jupyter server. The fix involves setting the
+ X-Content-Type-Options: nosniff header, and applying CSRF checks
+ previously on all non-GET API requests to GET requests to API
+ endpoints and the /files/ endpoint.
+ The attacking page is able to access some contents of files when
+ using Internet Explorer through script errors, but this has not
+ been demonstrated with other browsers. A CVE has been requested
+ for this vulnerability.
+
+-------------------------------------------------------------------
+Sat Mar 9 16:09:30 UTC 2019 - Arun Persaud <[email protected]>
+
+- update to version 5.7.5:
+ * Fix compatibility with tornado 6 (:ghpull:`4392`, :ghpull:`4449`).
+ * Fix opening integer filedescriptor during startup on Python 2
+ (:ghpull:`4349`)
+ * Fix compatibility with asynchronous KernelManager.restart_kernel
+ methods (:ghpull:`4412`)
+
+-------------------------------------------------------------------
Old:
----
notebook-5.7.4.tar.gz
New:
----
notebook-5.7.6.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ python-jupyter_notebook.spec ++++++
--- /var/tmp/diff_new_pack.ccOpk1/_old 2019-03-12 09:55:12.759516557 +0100
+++ /var/tmp/diff_new_pack.ccOpk1/_new 2019-03-12 09:55:12.763516556 +0100
@@ -12,13 +12,13 @@
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
-# Please submit bugfixes or comments via http://bugs.opensuse.org/
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
%{?!python_module:%define python_module() python-%{**} python3-%{**}}
Name: python-jupyter_notebook
-Version: 5.7.4
+Version: 5.7.6
Release: 0
Summary: Jupyter Notebook
License: BSD-3-Clause
@@ -80,6 +80,7 @@
The Jupyter HTML notebook is a web-based notebook environment for interactive
computing.
%package lang
+# FIXME: consider using %%lang_package macro
Summary: Provides translations for %{name}
Group: System/Localization
Requires: %{name} = %{version}
++++++ jupyter-notebook.pdf ++++++
(binary differes)
++++++ jupyter-notebook.zip ++++++
Binary files /var/tmp/diff_new_pack.ccOpk1/_old and
/var/tmp/diff_new_pack.ccOpk1/_new differ
++++++ notebook-5.7.4.tar.gz -> notebook-5.7.6.tar.gz ++++++
/work/SRC/openSUSE:Factory/python-jupyter_notebook/notebook-5.7.4.tar.gz
/work/SRC/openSUSE:Factory/.python-jupyter_notebook.new.28833/notebook-5.7.6.tar.gz
differ: char 5, line 1
