Hello community, here is the log from the commit of package python-Twisted for openSUSE:Factory checked in at 2019-06-18 14:49:45 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python-Twisted (Old) and /work/SRC/openSUSE:Factory/.python-Twisted.new.4811 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-Twisted" Tue Jun 18 14:49:45 2019 rev:35 rq:709323 version:19.2.1 Changes: -------- --- /work/SRC/openSUSE:Factory/python-Twisted/python-Twisted.changes 2019-02-28 21:37:28.393657739 +0100 +++ /work/SRC/openSUSE:Factory/.python-Twisted.new.4811/python-Twisted.changes 2019-06-18 14:49:48.677673932 +0200 @@ -1,0 +2,23 @@ +Wed Jun 12 05:55:44 UTC 2019 - Thomas Bechtold <[email protected]> + +- update to 19.2.1 (bsc#1137825, CVE-2019-12387): + * Prevent CRLF injections described in CVE-2019-12387 + +------------------------------------------------------------------- +Wed May 22 09:59:19 UTC 2019 - Tomáš Chvátal <[email protected]> + +- Update to 19.2.0: + * twisted.internet.ssl.CertificateOptions now uses 32 random bytes instead of an MD5 hash for the ssl session identifier context. (#9463) + * DeferredLock and DeferredSemaphore can be used as asynchronous context managers on Python 3.5+. (#9546) + * t.i.b.BaseConnector has custom __repr__ (#9548) + * twisted.internet.ssl.optionsForClientTLS now supports validating IP addresses from the certificate subjectAltName (#9585) + * Twisted's minimum Cryptography requirement is now 2.5. (#9592) + * twisted.conch.ssh.keys can now read private keys in the new "openssh-key-v1" format, introduced in OpenSSH 6.5 and made the default in OpenSSH 7.8. (#9515) + * twisted.web.client.HostnameCachingHTTPSPolicy was added as a new contextFactory option. The policy caches a specified number of twisted.internet.interfaces.IOpenSSLClientConnectionCreator instances to to avoid the cost of instantiating a connection creator for multiple requests to the same host. (#9138) +- Remove merged patches: + * openssl-errormsg.aptch + * openssl111.patch +- Add patch to tests for new hyperlink: + * hyperlink.patch + +------------------------------------------------------------------- Old: ---- Twisted-18.9.0.tar.bz2 openssl-errormsg.aptch openssl111.patch New: ---- Twisted-19.2.1.tar.bz2 hyperlink.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-Twisted.spec ++++++ --- /var/tmp/diff_new_pack.cI4dyq/_old 2019-06-18 14:49:49.341673636 +0200 +++ /var/tmp/diff_new_pack.cI4dyq/_new 2019-06-18 14:49:49.345673634 +0200 @@ -20,7 +20,7 @@ %define oldpython python %define modname Twisted Name: python-Twisted -Version: 18.9.0 +Version: 19.2.1 Release: 0 Summary: An asynchronous networking framework written in Python License: MIT @@ -28,16 +28,16 @@ URL: http://twistedmatrix.com/ Source: https://files.pythonhosted.org/packages/source/T/Twisted/%{modname}-%{version}.tar.bz2 Patch1: skip_MultiCast.patch -Patch2: openssl111.patch -Patch3: no-pygtkcompat.patch -Patch4: test-mktime-invalid-tm_isdst.patch -Patch5: openssl-errormsg.aptch +Patch2: no-pygtkcompat.patch +Patch3: test-mktime-invalid-tm_isdst.patch +Patch4: hyperlink.patch BuildRequires: %{python_module Automat >= 0.3.0} BuildRequires: %{python_module PyHamcrest >= 1.9.0} BuildRequires: %{python_module appdirs >= 1.4.0} BuildRequires: %{python_module attrs >= 17.4.0} +BuildRequires: %{python_module bcrypt >= 3.0.0} BuildRequires: %{python_module constantly >= 15.1} -BuildRequires: %{python_module cryptography >= 1.5} +BuildRequires: %{python_module cryptography >= 2.5} BuildRequires: %{python_module devel} BuildRequires: %{python_module h2 >= 3.0} BuildRequires: %{python_module hyperlink >= 17.1.1} @@ -50,7 +50,7 @@ BuildRequires: %{python_module pytest} BuildRequires: %{python_module python-subunit} BuildRequires: %{python_module pytz} -BuildRequires: %{python_module service_identity} +BuildRequires: %{python_module service_identity >= 18.1.0} BuildRequires: %{python_module setuptools} BuildRequires: %{python_module zope.interface >= 4.4.2} BuildRequires: fdupes @@ -59,8 +59,9 @@ Requires: python-PyHamcrest >= 1.9.0 Requires: python-appdirs >= 1.4.0 Requires: python-attrs >= 17.4.0 +Requires: python-bcrypt >= 3.0.0 Requires: python-constantly >= 15.1 -Requires: python-cryptography >= 1.5 +Requires: python-cryptography >= 2.5 Requires: python-h2 >= 3.0 Requires: python-hyperlink >= 17.1.1 Requires: python-idna >= 0.6 @@ -68,7 +69,7 @@ Requires: python-pyOpenSSL >= 16.0.0 Requires: python-pyasn1 Requires: python-pyserial >= 3.0 -Requires: python-service_identity +Requires: python-service_identity >= 18.1.0 Requires: python-zope.interface >= 4.4.2 %ifpython2 Provides: %{oldpython}-twisted = %{version} @@ -168,7 +169,7 @@ %python3_only %{_mandir}/man1/cftp.1%{?ext_man} %python3_only %{_mandir}/man1/ckeygen.1%{?ext_man} %python3_only %{_mandir}/man1/conch.1%{?ext_man} -%python3_only %{_mandir}/man1/mailmail.1%{?ext_man} +%python2_only %{_mandir}/man1/mailmail.1%{?ext_man} %python3_only %{_mandir}/man1/pyhtmlizer.1%{?ext_man} %python3_only %{_mandir}/man1/tkconch.1%{?ext_man} %python3_only %{_mandir}/man1/trial.1%{?ext_man} ++++++ Twisted-18.9.0.tar.bz2 -> Twisted-19.2.1.tar.bz2 ++++++ ++++ 5222 lines of diff (skipped) ++++++ hyperlink.patch ++++++ >From 46fc370d6b49a241fb05815ccdc7406f0e430183 Mon Sep 17 00:00:00 2001 From: Tom Most <[email protected]> Date: Mon, 8 Apr 2019 22:38:23 -0700 Subject: [PATCH] Remove test_parseEqualSignInParamValue Twisted should not test Hyperlink's behavior so extensively, as discussed at https://github.com/python-hyper/hyperlink/pull/39 --- src/twisted/python/test/test_url.py | 14 -------------- 1 file changed, 14 deletions(-) diff --git a/src/twisted/python/test/test_url.py b/src/twisted/python/test/test_url.py index e36c2ca01b..7d55f10fd1 100644 --- a/src/twisted/python/test/test_url.py +++ b/src/twisted/python/test/test_url.py @@ -476,20 +476,6 @@ def test_queryRemove(self): ) - def test_parseEqualSignInParamValue(self): - """ - Every C{=}-sign after the first in a query parameter is simply included - in the value of the parameter. - """ - u = URL.fromText('http://localhost/?=x=x=x') - self.assertEqual(u.get(u''), ['x=x=x']) - self.assertEqual(u.asText(), 'http://localhost/?=x%3Dx%3Dx') - u = URL.fromText('http://localhost/?foo=x=x=x&bar=y') - self.assertEqual(u.query, (('foo', 'x=x=x'), - ('bar', 'y'))) - self.assertEqual(u.asText(), 'http://localhost/?foo=x%3Dx%3Dx&bar=y') - - def test_empty(self): """ An empty L{URL} should serialize as the empty string.
