Hello community, here is the log from the commit of package python-waitress for openSUSE:Factory checked in at 2016-05-29 03:13:23 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python-waitress (Old) and /work/SRC/openSUSE:Factory/.python-waitress.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-waitress" Changes: -------- --- /work/SRC/openSUSE:Factory/python-waitress/python-waitress.changes 2014-12-16 14:48:38.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.python-waitress.new/python-waitress.changes 2016-05-29 03:14:31.000000000 +0200 @@ -1,0 +2,19 @@ +Fri May 20 11:27:26 UTC 2016 - [email protected] + +- update to 0.9.0: + * Security/Protections + - Building on the changes made in pull request 117, add in checking for line + feed/carriage return HTTP Response Splitting in the status line, as well as + the key of a header. See https://github.com/Pylons/waitress/pull/124 and + https://github.com/Pylons/waitress/issues/122. + - Waitress will no longer accept headers or status lines with + newline/carriage returns in them, thereby disallowing HTTP Response + Splitting. + * Bugfixes + - FileBasedBuffer and more important ReadOnlyFileBasedBuffer no longer report + False when tested with bool(), instead always returning True, and becoming + more iterator like. + - Call prune() on the output buffer at the end of a request so that it doesn't + continue to grow without bounds. + +------------------------------------------------------------------- Old: ---- waitress-0.8.9.tar.gz New: ---- waitress-0.9.0.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-waitress.spec ++++++ --- /var/tmp/diff_new_pack.MxOpLP/_old 2016-05-29 03:14:32.000000000 +0200 +++ /var/tmp/diff_new_pack.MxOpLP/_new 2016-05-29 03:14:32.000000000 +0200 @@ -1,7 +1,7 @@ # # spec file for package python-waitress # -# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,13 +17,13 @@ Name: python-waitress -Version: 0.8.9 +Version: 0.9.0 Release: 0 Summary: Waitress WSGI server License: ZPL-2.1 Group: Development/Languages/Python Url: https://github.com/Pylons/waitress -Source: http://pypi.python.org/packages/source/w/waitress/waitress-%{version}.tar.gz +Source: https://pypi.python.org/packages/fd/6c/f26e54acb01ee6731d9e2c8f8718a8ff8c44fbfa0f76f446e821487adec2/waitress-%{version}.tar.gz BuildRequires: python-devel BuildRequires: python-setuptools # Test requirements: ++++++ waitress-0.8.9.tar.gz -> waitress-0.9.0.tar.gz ++++++ ++++ 2592 lines of diff (skipped)
