Package Release Info

python-Twisted-19.10.0-3.6.1

Update Info: SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-499
Available in Package Hub : 15 SP3 Subpackages Updates

platforms

AArch64
ppc64le
s390x
x86-64

subpackages

python3-Twisted

Change Logs

* Sat Feb 12 2022 mcepl@suse.com
- Add CVE-2022-21712-sec-expo-CO-redirect.patch to properly
  remove sensitive headers when redirecting to a different origin
  (CVE-2022-21712, bsc#1195667).
* Wed Dec 04 2019 steven.kowalik@suse.com
- Update to 19.10.0 bsc#1162424:
  * twisted.trial.successResultOf, twisted.trial.failureResultOf, and twisted.trial.assertNoResult accept coroutines as well as Deferreds. (#9006)
  * Fixed circular import in twisted.trial.reporter, introduced in Twisted 16.0.0. (#8267)
  * The POP3 server implemented by twisted.mail.pop3 now accepts passwords that contain spaces. (#9100)
  * Incoming HTTP/2 connections will now not time out if they persist for longer than one minute. (#9653)
  * twisted.conch.ssh.keys now correctly writes the "iqmp" parameter in serialized RSA private keys as q^-1 mod p rather than p^-1 mod q. (#9681)
  * twisted.web.server.Request will now use twisted.web.server.Site.getContentFile, if it exists, to get a file into which to write request content. If getContentFile is not provided by the site, it will fall back to the previous behavior of using io.BytesIO for small requests and tempfile.TemporaryFile for large ones. (#9655)
  * twisted.web.client.FileBodyProducer will now stop producing when the Deferred returned by FileBodyProducer.startProducing is cancelled. (#9547)
  * The HTTP/2 server implementation now enforces TCP flow control on control frame messages and times out clients that send invalid data without reading responses. This closes CVE-2019-9512 (Ping Flood), CVE-2019-9514 (Reset Flood), and CVE-2019-9515 (Settings Flood). Thanks to Jonathan Looney and Piotr Sikora. (#9694)
- Add python-38-xml-namespace.patch to fix dictionary mutation under Python 3.8
- Add python-38-hmac-digestmod.patch to add digestmod parameter where required
- Add python-38-no-cgi-parseqs.patch to no longer import parse_qs from cgi
* Sat Sep 14 2019 jayvdb@gmail.com
- Remove mailmail when only building Python 3 flavour
* Fri Sep 13 2019 tchvatal@suse.com
- Update to 19.7.0:
  * The callable argument to twisted.internet.task.deferLater() is no longer required. (#9577)
  * twisted.internet.utils.getProcessOutputAndValue now accepts stdinBytes to write to the child process's standard input. (#9607)
  * Add new twisted.logger.capturedLogs context manager for capturing observed log events in tests. (#9617)
  * twisted.internet.base.PluggableResolverMixin, which implements the pluggable resolver interfaces for easier re-use in other reactors, has been factored out of ReactorBase. (#9632)
  * The PyPI page for Twisted has been enhanced to include more information and useful links. (#9648)
- Refresh patch:
  * skip_MultiCast.patch
- Remove merged patch hyperlink.patch
- Remove patch 0001-Prevent-CRLF-injections-described-in-CVE-2019-12387.patch
- Remove patch PR-1147.patch
* Wed Aug 14 2019 tbechtold@suse.com
- Add PR-1147.patch (bsc#1138461, CVE-2019-12855)
  In words.protocols.jabber.xmlstream in Twisted through 19.2.1,
  XMPP support did not verify certificates when used with TLS,
  allowing an attacker to MITM connections.
* Wed Jun 12 2019 tbechtold@suse.com
- Add 0001-Prevent-CRLF-injections-described-in-CVE-2019-12387.patch
  (bsc#1137825, CVE-2019-12387)
  Prevent CRLF injections
* Wed Jun 12 2019 tbechtold@suse.com
- update to 19.2.1 (bsc#1137825, CVE-2019-12387):
  * Prevent CRLF injections described in CVE-2019-12387
* Wed May 22 2019 tchvatal@suse.com
- Update to 19.2.0:
  * twisted.internet.ssl.CertificateOptions now uses 32 random bytes instead of an MD5 hash for the ssl session identifier context. (#9463)
  * DeferredLock and DeferredSemaphore can be used as asynchronous context managers on Python 3.5+. (#9546)
  * t.i.b.BaseConnector has custom __repr__ (#9548)
  * twisted.internet.ssl.optionsForClientTLS now supports validating IP addresses from the certificate subjectAltName (#9585)
  * Twisted's minimum Cryptography requirement is now 2.5. (#9592)
  * twisted.conch.ssh.keys can now read private keys in the new "openssh-key-v1" format, introduced in OpenSSH 6.5 and made the default in OpenSSH 7.8. (#9515)
  * twisted.web.client.HostnameCachingHTTPSPolicy was added as a new contextFactory option. The policy caches a specified number of twisted.internet.interfaces.IOpenSSLClientConnectionCreator instances to to avoid the cost of instantiating a connection creator for multiple requests to the same host. (#9138)
- Remove merged patches:
  * openssl-errormsg.aptch
  * openssl111.patch
- Add patch to tests for new hyperlink:
  * hyperlink.patch
* Mon Feb 18 2019 tchvatal@suse.com
- Add another patch for openssl 1.1.1 (from upstream git):
  * openssl-errormsg.aptch
* Thu Jan 24 2019 schwab@suse.de
- test-mktime-invalid-tm_isdst.patch: don't pass invalid tm_isdst value to
  mktime (see also bpo-15750)
* Thu Nov 08 2018 mcepl@suse.com
- Add no-pygtkcompat.patch to avoid dependency on Gtk (boo#1110669)
* Thu Nov 01 2018 tchvatal@suse.com
- Version update to 18.9.0:
  * Fixes for the 3.7 python
- Remove merged python37.patch
- Add patch openssl111.patch which fixes tests with new pyOpenssl
  * Asserts changed behaviour
* Mon Oct 22 2018 tchvatal@suse.com
- Do not write bytecode stuff when running the tests
* Fri Oct 19 2018 mcepl@suse.com
- Add BuildRequires python-tz, which seems to be required to test suite
  to pass.
- Also, add skip_MultiCast.patch to skip tests requiring full
  netrworking stack.
* Fri Oct 12 2018 ecsos@opensuse.org
- Add missing Requires.
* Thu Oct 11 2018 tchvatal@suse.com
- Fix the dependencies to match up upstream setup.py
- Run the tests
- Add patch to build with python3.7:
  * python37.patch
- Add missing dependency on pyamcrest
- Remove unused patch lp1102685.diff
* Tue Jul 17 2018 dmueller@suse.com
- update to 18.7.0:
  for full list of changes please see
  https://github.com/twisted/twisted/blob/twisted-18.7.0/NEWS.rst
* Tue May 29 2018 bjorn.lie@gmail.com
- Add python-service_identity Recommends.
* Fri May 18 2018 termim@gmail.com
- update to 18.4.0
  For full list of changes please see:
  https://github.com/twisted/twisted/blob/twisted-18.4.0/NEWS.rst
Version: 17.9.0-bp150.3.1
* Fri Nov 10 2017 mimi.vx@gmail.com
- update to 17.9.0
  For full list of changes please see:
  https://github.com/twisted/twisted/blob/twisted-17.9.0/NEWS.rst
  * mailman is only in python2 package
* Tue Jul 04 2017 tbechtold@suse.com
- Adjust Requires and BuildRequires
- Fix rpmlint warnings
* Wed Jun 21 2017 jmatejek@suse.com
- remove alternatives altogether in favor of versioned executables
- clean up spec file
- update to 17.5.0
  * too many changes to list, see full changelog in NEWS.rst
* Sat Jun 17 2017 okurz@suse.com
- Simplify alternatives handling
- Fix RPM warnings
* Tue Mar 07 2017 okurz@suse.com
- Change to singlespec approach
* Wed Sep 28 2016 arun@gmx.de
- specfile:
  * make twistd the update-alternative master, same as in the python3
    version (bnc #1001523)
* Fri Sep 02 2016 termim@gmail.com
- Update to version 16.4.0
  For the complete list of changes plese see
  https://github.com/twisted/twisted/blob/twisted-16.4.0/NEWS
- Update to version 16.3.0
  For the complete list of changes plese see
  https://github.com/twisted/twisted/blob/twisted-16.3.0/NEWS
- Update to version 16.2.0
  For the complete list of changes plese see
  https://github.com/twisted/twisted/blob/twisted-16.2.0/NEWS
- Update to version 16.1.1
  For the complete list of changes plese see
  https://github.com/twisted/twisted/blob/twisted-16.1.1/NEWS
- Update to version 16.1.0
  For the complete list of changes plese see
  https://github.com/twisted/twisted/blob/twisted-16.1.0/NEWS
- Update to version 16.0.0
  For the complete list of changes plese see
  https://github.com/twisted/twisted/blob/twisted-16.0.0/NEWS
* Wed Dec 02 2015 termim@gmail.com
- Update to version 15.5.0
  * This is the last Twisted release where Python 2.6 is supported, on
    any platform. Python 3.5 (on POSIX) support has been added.
  * This release introduces changes that are required for Conch's SSH
    implementation to work with OpenSSH 6.9+ servers.
  * twisted.python.url is a new abstraction for URLs, supporting RFC
    3987 IRIs. (#5388)
  * twisted.python.logfile is now ported to Python 3. (#6749)
  * twisted.python.zippath has been ported to Python 3. (#6917)
  * twisted.internet.ssl.CertificateOptions and
    twisted.internet.ssl.optionsForClientTLS now take a
    acceptableProtocols parameter that enables negotiation of the next
    protocol to speak after the TLS handshake has completed. This field
    advertises protocols over both NPN and ALPN. Also added new
    INegotiated interface for TLS interfaces that support protocol
    negotiation. This interface adds a negotiatedProtocol property that
    reports what protocol, if any, was negotiated in the TLS handshake.
    (#7860)
  * twisted.python.urlpath.URLPath now operates correctly on Python 3,
    using bytes instead of strings, and introduces the fromBytes
    constructor to assist with creating them cross-version. (#7994)
  * twisted.application.strports is now ported to Python 3. (#8011)
  * twistd (the Twisted Daemon) is now ported to Python 3. (#8012)
  * Python 3.5 is now supported on POSIX platforms. (#8042)
  * twisted.internet.serialport is now ported on Python 3. (#8099)
  * twisted.logger.formatEvent now can format an event if it was
    flattened (twisted.logger.eventAsJSON does this) and has text after
    the last replacement field. (#8003)
  * twisted.cred.checkers.FilePasswordDB now logs an error if the
    credentials db file does not exist, no longer raises an unhandled
    error. (#8028)
  * twisted.python.threadpool.ThreadPool now properly starts enough
    threads to do any work scheduled before ThreadPool.start() is
    called, such as when work is scheduled in the reactor via
    reactor.callInThread() before reactor.run(). (#8090)
  * Twisted Development test standard documentation now contain
    information about avoiding test data files. (#6535)
  * The documentation for twisted.internet.defer.DeferredSemaphore now
    describes the actual usage for limit and tokens instance
    attributes. (#8024)
  * twisted.python._initgroups, a C extension, has been removed and
    stdlib support is now always used instead. (#5861)
  * Python 2.6 is no longer supported. (#8017)
  * twisted.python.util.OrderedDict is now deprecated, and uses of it
    in Twisted are replaced with collections.OrderedDict. (#8051)
  * twisted.persisted.sob.load, twisted.persisted.sob.loadValueFromFile
    and twisted.persisted.sob.Persistent.save() are now deprecated when
    used with a passphrase. The encyption used by these methods are
    weak. (#8081)
  * twisted.internet.interfaces.IStreamClientEndpointStringParser has
    been removed and Twisted will no longer use parsers implementing
    this interface. (#8094)
  * #5976, #6628, #6894, #6980, #7228, #7693, #7731, #7997, #8046,
    [#8054], #8056, #8060, #8063, #8064, #8068, #8072, #8091, #8095,
    [#8096], #8098, #8106
* Mon Oct 12 2015 toddrme2178@gmail.com
- Make "trial" the master file for update-alternatives, since it
  is the only one that supports python 3 so far.
* Mon Oct 12 2015 toddrme2178@gmail.com
- Implement update-alternatives in preparation for python 3 version.
* Sat Sep 12 2015 termim@gmail.com
- Update to version 15.4.0
  * add dependency on setuptools
  * lore removed
  * please see the NEWS file
* Tue Aug 11 2015 seife+obs@b1-systems.com
- change dep from python-asn1 to python-pyasn1 (renamed long ago)
* Thu Jun 04 2015 termim@gmail.com
- Wrong dependency rpm name, should be python-pycrypto
* Fri May 29 2015 termim@gmail.com
- Add missing dependencies on python-asn1 and python-Crypto
- Update to version 15.2.1:
  * twisted.logger now marks the `isError` key correctly on legacy
    events generated by writes to stderr. (#7903)
  * twisted.logger's documentation is now correctly listed in the table
    of contents. (#7904)
- Changes from version 15.2.0:
  * twisted.internet.process has now been ported to Python 3. (#5987)
  * twisted.cred.credentials is now ported to Python 3. (#6176)
  * twisted.trial.unittest.TestCase's assertEqual, assertTrue, and
    assertFalse methods now pass through the standard library's more
    informative failure messages. (#6306)
  * The new package twisted.logger provides a new, fully tested, and
    feature-rich logging framework. The old module twisted.python.log
    is now implemented using the new framework. The new logger HOWTO
    documents the new framework. (#6750)
  * twisted.python.modules is now ported to Python 3. (#7804)
  * twisted.python.filepath.FilePath now supports Unicode (text) paths.
    Like the os module, instantiating it with a Unicode path will
    return a Unicode-mode FilePath, instantiating with a bytes path
    will return a bytes-mode FilePath. (#7805)
  * twisted.internet.kqreactor is now ported to Python 3 (#7823)
  * twisted.internet.endpoints.ProcessEndpoint is now ported to Python
    3. (#7824)
  * twisted.python.filepath.FilePath now has asBytesMode and asTextMode
    methods which return a FilePath in the requested mode. (#7830)
  * twisted.python.components.proxyForInterface now creates method
    proxies that can be used with functools.wraps. (#7832)
  * The tls optional dependency will now also install the idna package
    to validate idna2008 names. (#7853)
  * Don't raise an exception if `DefaultLogObserver.emit()` gets an
    event with a message that raises when `repr()` is called on it.
    Specifically: use `textFromEventDict()` instead of a separate (and
    inferior) message rendering implementation. (#6569)
  * twisted.cred.credentials.DigestedCredentials incorrectly handled
    md5-sess hashing according to the RFC, which has now been fixed.
    (#7835)
  * Fixed an issue with twisted.internet.task.LoopingCall.withCount
    where sometimes the passed callable would be invoked with "0" when
    we got close to tricky floating point boundary conditions. (#7836)
  * twisted.internet.defer now properly works with the new logging
    system. (#7851)
  * Change `messages` key to `log_io` for events generated by
    `LoggingFile`. (#7852)
  * twisted.logger had literal characters in docstrings that are now
    quoted. (#7854)
  * twisted.logger now correctly formats a log event with a key named
    `message` when passed to a legacy log observer. (#7855)
  * twisted.internet.endpoints.HostnameEndpoint now uses getaddrinfo
    properly on Python 3.4 and above. (#7886)
  * Fix a typo in narrative documentation for logger (#7875)
  * tkunzip and tapconvert in twisted.scripts were deprecated in 11.0
    and 12.1 respectively, and are now removed. (#6747)
  * twisted.protocols.gps is deprecated in preference to
    twisted.positioning. (#6810)
  * twisted.scripts.tap2deb and twisted.scripts.tap2rpm are now
    deprecated. (#7682)
  * twisted.trial.reporter.TestResult and
    twisted.trial.reporter.Reporter contained deprecated methods (since
    8.0) which have now been removed. (#7815)
  * #6027, #7287, #7701, #7727, #7758, #7776, #7786, #7812, #7819,
    [#7831], #7838, #7865, #7866, #7869, #7872, #7877, #7878, #7885
  * twisted.conch.ssh.forwarding now supports local->remote forwarding
    of IPv6 (#7751)
  * twisted.mail.smtp.sendmail now uses ESMTP. It will
    opportunistically enable encryption and allow the use of
    authentication. (#7257)
  * twisted.web.static is now ported to Python 3. (#6177)
  * twisted.web.server.Site accepts requestFactory as constructor
    argument. (#7016)
  * twisted.web.util had some HTML generation functions deprecated
    since 12.1 that have now been removed. (#7828)
  * #6927, #7797, #7802, #7846
  * The resumeOffset argument to
    twisted.words.protocol.irc.DccFileReceive now works as it is
    documented. (#7775)
* Thu May 07 2015 jmatejek@suse.cz
- Version 15.1.0:
  * deprecated MSN protocol support
  * improved docs for Trial
  * removed deprecated UDPClient
  * twisted.web.static.File allows defining a custom resource for
    rendering forbidden pages.
  * minor bugfixes
* Sat Mar 14 2015 matwey.kornilov@gmail.com
- Version 15.0.0:
  + please, see NEWS file
- Update lp1102685.diff
* Thu Oct 02 2014 p.drouand@gmail.com
- Remove unprovided python-service_identity; it's not required in any
  way
* Thu Sep 18 2014 termim@gmail.com
- Update to version 14.0.2:
  + No significant changes have been made for this release.
- Update to version 14.0.1:
  + BrowserLikePolicyForHTTPS would always ignore the specified
    trustRoot and use the system trust root instead, which has been
    rectified. (#7647)
* Thu May 15 2014 hpj@urpla.net
- add dependency python-service_identity for testing purposes
* Wed May 14 2014 hpj@urpla.net
- Update to version 14.0.0:
  + too many changes to list here: check NEWS file
Version: 17.9.0-bp150.4.3.1
* Wed Jun 12 2019 Thomas Bechtold <tbechtold@suse.com>
- update to 19.2.1 (bsc#1137825, CVE-2019-12387):
  * Prevent CRLF injections described in CVE-2019-12387
Version: 17.9.0-bp150.4.6.1
* Wed Aug 14 2019 Thomas Bechtold <tbechtold@suse.com>
- Add PR-1147.patch (bsc#1138461, CVE-2019-12855)
  In words.protocols.jabber.xmlstream in Twisted through 19.2.1,
  XMPP support did not verify certificates when used with TLS,
  allowing an attacker to MITM connections.
Version: 19.10.0-150200.3.12.1
* Wed May 25 2022 mcepl@suse.com
- Add CVE-2022-21716-ssh-inf-data.patch fixing bsc#1196739
  (CVE-2022-21716), where ssh server accepts an infinite amount
  of data.
- Switch off tests for Python 2, we haven?t manage to find out
  the reason for multiple timeouts.
Version: 19.10.0-150200.3.9.1
* Wed Apr 20 2022 steven.kowalik@suse.com
- Add patch CVE-2022-24801-http-1.1-leniency.patch:
  * Do not be as lenient as earlier HTTP/1.1 RFCs to prevent HTTP
    request smuggling. (CVE-2022-24801, bsc#1198086)
- Add patch remove-spurious-xml-whitespace-test.patch:
  * Drop a now spurious test that causes failures with stricter XML
    parsing.
- Add patch skip-getpayload-test.patch:
  * Skip a test that causes problems (and has been removed upstream.)