Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

python313-waitress-3.0.2-1.2 RPM for noarch

From OpenSuSE Tumbleweed for noarch

Name: python313-waitress Distribution: openSUSE Tumbleweed
Version: 3.0.2 Vendor: openSUSE
Release: 1.2 Build date: Wed Nov 20 18:06:45 2024
Group: Development/Languages/Python Build host: reproducible
Size: 341584 Source RPM: python-waitress-3.0.2-1.2.src.rpm
Packager: https://bugs.opensuse.org
Url: https://github.com/Pylons/waitress
Summary: Waitress WSGI server
Waitress is a pure-Python WSGI server. It has no dependencies except
ones which live in the Python standard library. It supports HTTP/1.0
and HTTP/1.1.

For more information, see the "docs" directory of the Waitress package or
http://docs.pylonsproject.org/projects/waitress/en/latest/ .

Provides

Requires

License

ZPL-2.1

Changelog

* Wed Nov 20 2024 Dirk Müller <dmueller@suse.com>
  - update to 3.0.2:
    * When using Waitress to process trusted proxy headers,
      Waitress will now update the headers to drop any untrusted
      values, thereby making sure that WSGI apps only get trusted
      and validated values that Waitress itself used to update the
      environ.
* Wed Oct 30 2024 Daniel Garcia <daniel.garcia@suse.com>
  - Update to 3.0.1 (bsc#1232554, bsc#1232556, CVE-2024-49769, CVE-2024-49768):
    * Fix a bug that would lead to Waitress busy looping on select()
      on a half-open socket due to a race condition that existed when
      creating a new HTTPChannel. See
      https://github.com/Pylons/waitress/pull/435,
      https://github.com/Pylons/waitress/issues/418 and
      https://github.com/Pylons/waitress/security/advisories/GHSA-3f84-rpwh-47g6
    * No longer strip the header values before passing them to the
      WSGI environ. See https://github.com/Pylons/waitress/pull/434
      and https://github.com/Pylons/waitress/issues/432
    * Fix a race condition in Waitress when
      `channel_request_lookahead` is enabled that could lead to HTTP
      request smuggling.
    * See https://github.com/Pylons/waitress/security/advisories/GHSA-9298-4cf8-g4wj
* Sun Jun 30 2024 Dirk Müller <dmueller@suse.com>
  - update to 3.0.0:
    * Fixed testing of vendored asyncore code to not rely on
      particular naming for errno's.
    * HTTP Request methods and versions are now validated to meet
      the HTTP standards thereby dropping invalid requests on the floor.
    * No longer close the connection when sending a HEAD request
      response.
    * Always attempt to send the Connection: close response header
      when we are going to close the connection to let the remote
      know in more instances.
    * Document that trusted_proxy may be set to a wildcard value to
      trust all proxies.
    * clear_untrusted_proxy_headers is set to True by default.
* Mon Dec 04 2023 Ana Guerrero <ana.guerrero@suse.com>
  - Add BuildRequires on python-setuptools for both flavors.
* Wed Jul 26 2023 Bernhard Wiedemann <bwiedemann@suse.com>
  - Drop sphinx doctrees for reproducible builds
* Sat Jun 10 2023 ecsos <ecsos@opensuse.org>
  - Fix build error for waitress:doc
* Wed May 03 2023 Martin Liška <mliska@suse.cz>
  - Use sphinx-build and do not depend on removed build_sphinx
    in Sphinx 7.0 (boo#1211051).
* Fri Apr 21 2023 Dirk Müller <dmueller@suse.com>
  - add sle15_python_module_pythons (jsc#PED-68)
* Thu Aug 18 2022 Ben Greiner <code@bnavigator.de>
  - Remove code coverage checking for packaging tests
* Tue May 31 2022 Arun Persaud <arun@gmx.de>
  - specfile:
    * be more specific in %files section
  - update to version 2.1.2 (bsc#1200126, CVE-2022-31015):
    * Bugfix
      + When expose_tracebacks is enabled waitress would fail to
      properly encode unicode thereby causing another error during
      error handling. See https://github.com/Pylons/waitress/pull/378
      + Header length checking had a calculation that was done
      incorrectly when the data was received across multple socket
      reads. This calculation has been corrected, and no longer will
      Waitress send back a 413 Request Entity Too Large. See
      https://github.com/Pylons/waitress/pull/376
    * Security Bugfix
      + in 2.1.0 a new feature was introduced that allowed the WSGI
      thread to start sending data to the socket. However this
      introduced a race condition whereby a socket may be closed in
      the sending thread while the main thread is about to call
      select() therey causing the entire application to be taken down.
      Waitress will no longer close the socket in the WSGI thread,
      instead waking up the main thread to cleanup. See
      https://github.com/Pylons/waitress/pull/377
* Thu Mar 17 2022 Dirk Müller <dmueller@suse.com>
  - update to 2.1.1 (bsc#1197255, CVE-2022-24761):
    * Waitress now validates that chunked encoding extensions are valid, and don’t
      contain invalid characters that are not allowed. They are still skipped/not
      processed, but if they contain invalid data we no longer continue in and return
      a 400 Bad Request. This stops potential HTTP desync/HTTP request smuggling.
      Thanks to Zhang Zeyu for reporting this issue. See
      https://github.com/Pylons/waitress/security/advisories/GHSA-4f7p-27jc-3c36
    * Waitress now validates that the chunk length is only valid hex digits when
      parsing chunked encoding, and values such as 0x01 and +01 are no longer
      supported. This stops potential HTTP desync/HTTP request smuggling. Thanks
      to Zhang Zeyu for reporting this issue. See
      https://github.com/Pylons/waitress/security/advisories/GHSA-4f7p-27jc-3c36
    * Waitress now validates that the Content-Length sent by a remote contains only
      digits in accordance with RFC7230 and will return a 400 Bad Request when the
      Content-Length header contains invalid data, such as +10 which would
      previously get parsed as 10 and accepted. This stops potential HTTP
      desync/HTTP request smuggling Thanks to Zhang Zeyu for reporting this issue.
      See
      https://github.com/Pylons/waitress/security/advisories/GHSA-4f7p-27jc-3c36
* Fri Aug 27 2021 Stefan Schubert <schubi@suse.de>
  - Use libalternatives instead of update-alternatives.
* Fri Aug 27 2021 pgajdos@suse.com
  - version update to 2.0.0
    - Friendly Reminder
      This release still contains a variety of deprecation notices about defaults
      that can be set for a variety of options.
      Please note that this is your last warning, and you should update your
      configuration if you do NOT want to use the new defaults.
      See the arguments documentation page for all supported options, and pay
      attention to the warnings:
      https://docs.pylonsproject.org/projects/waitress/en/stable/arguments.html
    - Fix a crash on startup when listening to multiple interfaces.
      See https://github.com/Pylons/waitress/pull/332
    - Waitress no longer attempts to guess at what the ``server_name`` should be for
      a listen socket, instead it always use a new adjustment/argument named
      ``server_name``.
      Please see the documentation for ``server_name`` in
      https://docs.pylonsproject.org/projects/waitress/en/latest/arguments.html and
      see https://github.com/Pylons/waitress/pull/329
    - Allow tasks to notice if the client disconnected.
      This inserts a callable ``waitress.client_disconnected`` into the environment
      that allows the task to check if the client disconnected while waiting for
      the response at strategic points in the execution and to cancel the
      operation.
      It requires setting the new adjustment ``channel_request_lookahead`` to a value
      larger than 0, which continues to read requests from a channel even if a
      request is already being processed on that channel, up to the given count,
      since a client disconnect is detected by reading from a readable socket and
      receiving an empty result.
      See https://github.com/Pylons/waitress/pull/310
    - Drop Python 2.7 and 3.5 support
    - The server now issues warning output when it there are enough open
      connections (controlled by "connection_limit"), that it is no longer
      accepting new connections. This situation was previously difficult to
      diagnose.
      See https://github.com/Pylons/waitress/pull/322

Files

/usr/bin/waitress-serve
/usr/bin/waitress-serve-3.13
/usr/lib/python3.13/site-packages/waitress
/usr/lib/python3.13/site-packages/waitress-3.0.2.dist-info
/usr/lib/python3.13/site-packages/waitress-3.0.2.dist-info/INSTALLER
/usr/lib/python3.13/site-packages/waitress-3.0.2.dist-info/LICENSE.txt
/usr/lib/python3.13/site-packages/waitress-3.0.2.dist-info/METADATA
/usr/lib/python3.13/site-packages/waitress-3.0.2.dist-info/RECORD
/usr/lib/python3.13/site-packages/waitress-3.0.2.dist-info/REQUESTED
/usr/lib/python3.13/site-packages/waitress-3.0.2.dist-info/WHEEL
/usr/lib/python3.13/site-packages/waitress-3.0.2.dist-info/entry_points.txt
/usr/lib/python3.13/site-packages/waitress-3.0.2.dist-info/top_level.txt
/usr/lib/python3.13/site-packages/waitress/__init__.py
/usr/lib/python3.13/site-packages/waitress/__main__.py
/usr/lib/python3.13/site-packages/waitress/__pycache__
/usr/lib/python3.13/site-packages/waitress/__pycache__/__init__.cpython-313.opt-1.pyc
/usr/lib/python3.13/site-packages/waitress/__pycache__/__init__.cpython-313.pyc
/usr/lib/python3.13/site-packages/waitress/__pycache__/__main__.cpython-313.opt-1.pyc
/usr/lib/python3.13/site-packages/waitress/__pycache__/__main__.cpython-313.pyc
/usr/lib/python3.13/site-packages/waitress/__pycache__/adjustments.cpython-313.opt-1.pyc
/usr/lib/python3.13/site-packages/waitress/__pycache__/adjustments.cpython-313.pyc
/usr/lib/python3.13/site-packages/waitress/__pycache__/buffers.cpython-313.opt-1.pyc
/usr/lib/python3.13/site-packages/waitress/__pycache__/buffers.cpython-313.pyc
/usr/lib/python3.13/site-packages/waitress/__pycache__/channel.cpython-313.opt-1.pyc
/usr/lib/python3.13/site-packages/waitress/__pycache__/channel.cpython-313.pyc
/usr/lib/python3.13/site-packages/waitress/__pycache__/compat.cpython-313.opt-1.pyc
/usr/lib/python3.13/site-packages/waitress/__pycache__/compat.cpython-313.pyc
/usr/lib/python3.13/site-packages/waitress/__pycache__/parser.cpython-313.opt-1.pyc
/usr/lib/python3.13/site-packages/waitress/__pycache__/parser.cpython-313.pyc
/usr/lib/python3.13/site-packages/waitress/__pycache__/proxy_headers.cpython-313.opt-1.pyc
/usr/lib/python3.13/site-packages/waitress/__pycache__/proxy_headers.cpython-313.pyc
/usr/lib/python3.13/site-packages/waitress/__pycache__/receiver.cpython-313.opt-1.pyc
/usr/lib/python3.13/site-packages/waitress/__pycache__/receiver.cpython-313.pyc
/usr/lib/python3.13/site-packages/waitress/__pycache__/rfc7230.cpython-313.opt-1.pyc
/usr/lib/python3.13/site-packages/waitress/__pycache__/rfc7230.cpython-313.pyc
/usr/lib/python3.13/site-packages/waitress/__pycache__/runner.cpython-313.opt-1.pyc
/usr/lib/python3.13/site-packages/waitress/__pycache__/runner.cpython-313.pyc
/usr/lib/python3.13/site-packages/waitress/__pycache__/server.cpython-313.opt-1.pyc
/usr/lib/python3.13/site-packages/waitress/__pycache__/server.cpython-313.pyc
/usr/lib/python3.13/site-packages/waitress/__pycache__/task.cpython-313.opt-1.pyc
/usr/lib/python3.13/site-packages/waitress/__pycache__/task.cpython-313.pyc
/usr/lib/python3.13/site-packages/waitress/__pycache__/trigger.cpython-313.opt-1.pyc
/usr/lib/python3.13/site-packages/waitress/__pycache__/trigger.cpython-313.pyc
/usr/lib/python3.13/site-packages/waitress/__pycache__/utilities.cpython-313.opt-1.pyc
/usr/lib/python3.13/site-packages/waitress/__pycache__/utilities.cpython-313.pyc
/usr/lib/python3.13/site-packages/waitress/__pycache__/wasyncore.cpython-313.opt-1.pyc
/usr/lib/python3.13/site-packages/waitress/__pycache__/wasyncore.cpython-313.pyc
/usr/lib/python3.13/site-packages/waitress/adjustments.py
/usr/lib/python3.13/site-packages/waitress/buffers.py
/usr/lib/python3.13/site-packages/waitress/channel.py
/usr/lib/python3.13/site-packages/waitress/compat.py
/usr/lib/python3.13/site-packages/waitress/parser.py
/usr/lib/python3.13/site-packages/waitress/proxy_headers.py
/usr/lib/python3.13/site-packages/waitress/receiver.py
/usr/lib/python3.13/site-packages/waitress/rfc7230.py
/usr/lib/python3.13/site-packages/waitress/runner.py
/usr/lib/python3.13/site-packages/waitress/server.py
/usr/lib/python3.13/site-packages/waitress/task.py
/usr/lib/python3.13/site-packages/waitress/trigger.py
/usr/lib/python3.13/site-packages/waitress/utilities.py
/usr/lib/python3.13/site-packages/waitress/wasyncore.py
/usr/share/doc/packages/python313-waitress
/usr/share/doc/packages/python313-waitress/COPYRIGHT.txt
/usr/share/doc/packages/python313-waitress/README.rst
/usr/share/libalternatives/waitress-serve
/usr/share/libalternatives/waitress-serve/313.conf
/usr/share/licenses/python313-waitress
/usr/share/licenses/python313-waitress/LICENSE.txt


Generated by rpm2html 1.8.1

Fabrice Bellet, Sun Jan 12 00:30:25 2025