Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: python313-waitress | Distribution: openSUSE Tumbleweed |
Version: 3.0.2 | Vendor: openSUSE |
Release: 1.1 | Build date: Wed Nov 20 18:06:45 2024 |
Group: Development/Languages/Python | Build host: reproducible |
Size: 341584 | Source RPM: python-waitress-3.0.2-1.1.src.rpm |
Packager: http://bugs.opensuse.org | |
Url: https://github.com/Pylons/waitress | |
Summary: Waitress WSGI server |
Waitress is a pure-Python WSGI server. It has no dependencies except ones which live in the Python standard library. It supports HTTP/1.0 and HTTP/1.1. For more information, see the "docs" directory of the Waitress package or http://docs.pylonsproject.org/projects/waitress/en/latest/ .
ZPL-2.1
* Wed Nov 20 2024 Dirk Müller <[email protected]> - update to 3.0.2: * When using Waitress to process trusted proxy headers, Waitress will now update the headers to drop any untrusted values, thereby making sure that WSGI apps only get trusted and validated values that Waitress itself used to update the environ. * Wed Oct 30 2024 Daniel Garcia <[email protected]> - Update to 3.0.1 (bsc#1232554, bsc#1232556, CVE-2024-49769, CVE-2024-49768): * Fix a bug that would lead to Waitress busy looping on select() on a half-open socket due to a race condition that existed when creating a new HTTPChannel. See https://github.com/Pylons/waitress/pull/435, https://github.com/Pylons/waitress/issues/418 and https://github.com/Pylons/waitress/security/advisories/GHSA-3f84-rpwh-47g6 * No longer strip the header values before passing them to the WSGI environ. See https://github.com/Pylons/waitress/pull/434 and https://github.com/Pylons/waitress/issues/432 * Fix a race condition in Waitress when `channel_request_lookahead` is enabled that could lead to HTTP request smuggling. * See https://github.com/Pylons/waitress/security/advisories/GHSA-9298-4cf8-g4wj * Sun Jun 30 2024 Dirk Müller <[email protected]> - update to 3.0.0: * Fixed testing of vendored asyncore code to not rely on particular naming for errno's. * HTTP Request methods and versions are now validated to meet the HTTP standards thereby dropping invalid requests on the floor. * No longer close the connection when sending a HEAD request response. * Always attempt to send the Connection: close response header when we are going to close the connection to let the remote know in more instances. * Document that trusted_proxy may be set to a wildcard value to trust all proxies. * clear_untrusted_proxy_headers is set to True by default. * Mon Dec 04 2023 Ana Guerrero <[email protected]> - Add BuildRequires on python-setuptools for both flavors. * Wed Jul 26 2023 Bernhard Wiedemann <[email protected]> - Drop sphinx doctrees for reproducible builds * Sat Jun 10 2023 ecsos <[email protected]> - Fix build error for waitress:doc * Wed May 03 2023 Martin Liška <[email protected]> - Use sphinx-build and do not depend on removed build_sphinx in Sphinx 7.0 (boo#1211051). * Fri Apr 21 2023 Dirk Müller <[email protected]> - add sle15_python_module_pythons (jsc#PED-68) * Thu Aug 18 2022 Ben Greiner <[email protected]> - Remove code coverage checking for packaging tests * Tue May 31 2022 Arun Persaud <[email protected]> - specfile: * be more specific in %files section - update to version 2.1.2 (bsc#1200126, CVE-2022-31015): * Bugfix + When expose_tracebacks is enabled waitress would fail to properly encode unicode thereby causing another error during error handling. See https://github.com/Pylons/waitress/pull/378 + Header length checking had a calculation that was done incorrectly when the data was received across multple socket reads. This calculation has been corrected, and no longer will Waitress send back a 413 Request Entity Too Large. See https://github.com/Pylons/waitress/pull/376 * Security Bugfix + in 2.1.0 a new feature was introduced that allowed the WSGI thread to start sending data to the socket. However this introduced a race condition whereby a socket may be closed in the sending thread while the main thread is about to call select() therey causing the entire application to be taken down. Waitress will no longer close the socket in the WSGI thread, instead waking up the main thread to cleanup. See https://github.com/Pylons/waitress/pull/377 * Thu Mar 17 2022 Dirk Müller <[email protected]> - update to 2.1.1 (bsc#1197255, CVE-2022-24761): * Waitress now validates that chunked encoding extensions are valid, and don’t contain invalid characters that are not allowed. They are still skipped/not processed, but if they contain invalid data we no longer continue in and return a 400 Bad Request. This stops potential HTTP desync/HTTP request smuggling. Thanks to Zhang Zeyu for reporting this issue. See https://github.com/Pylons/waitress/security/advisories/GHSA-4f7p-27jc-3c36 * Waitress now validates that the chunk length is only valid hex digits when parsing chunked encoding, and values such as 0x01 and +01 are no longer supported. This stops potential HTTP desync/HTTP request smuggling. Thanks to Zhang Zeyu for reporting this issue. See https://github.com/Pylons/waitress/security/advisories/GHSA-4f7p-27jc-3c36 * Waitress now validates that the Content-Length sent by a remote contains only digits in accordance with RFC7230 and will return a 400 Bad Request when the Content-Length header contains invalid data, such as +10 which would previously get parsed as 10 and accepted. This stops potential HTTP desync/HTTP request smuggling Thanks to Zhang Zeyu for reporting this issue. See https://github.com/Pylons/waitress/security/advisories/GHSA-4f7p-27jc-3c36 * Fri Aug 27 2021 Stefan Schubert <[email protected]> - Use libalternatives instead of update-alternatives. * Fri Aug 27 2021 [email protected] - version update to 2.0.0 - Friendly Reminder This release still contains a variety of deprecation notices about defaults that can be set for a variety of options. Please note that this is your last warning, and you should update your configuration if you do NOT want to use the new defaults. See the arguments documentation page for all supported options, and pay attention to the warnings: https://docs.pylonsproject.org/projects/waitress/en/stable/arguments.html - Fix a crash on startup when listening to multiple interfaces. See https://github.com/Pylons/waitress/pull/332 - Waitress no longer attempts to guess at what the ``server_name`` should be for a listen socket, instead it always use a new adjustment/argument named ``server_name``. Please see the documentation for ``server_name`` in https://docs.pylonsproject.org/projects/waitress/en/latest/arguments.html and see https://github.com/Pylons/waitress/pull/329 - Allow tasks to notice if the client disconnected. This inserts a callable ``waitress.client_disconnected`` into the environment that allows the task to check if the client disconnected while waiting for the response at strategic points in the execution and to cancel the operation. It requires setting the new adjustment ``channel_request_lookahead`` to a value larger than 0, which continues to read requests from a channel even if a request is already being processed on that channel, up to the given count, since a client disconnect is detected by reading from a readable socket and receiving an empty result. See https://github.com/Pylons/waitress/pull/310 - Drop Python 2.7 and 3.5 support - The server now issues warning output when it there are enough open connections (controlled by "connection_limit"), that it is no longer accepting new connections. This situation was previously difficult to diagnose. See https://github.com/Pylons/waitress/pull/322
/usr/bin/waitress-serve /usr/bin/waitress-serve-3.13 /usr/lib/python3.13/site-packages/waitress /usr/lib/python3.13/site-packages/waitress-3.0.2.dist-info /usr/lib/python3.13/site-packages/waitress-3.0.2.dist-info/INSTALLER /usr/lib/python3.13/site-packages/waitress-3.0.2.dist-info/LICENSE.txt /usr/lib/python3.13/site-packages/waitress-3.0.2.dist-info/METADATA /usr/lib/python3.13/site-packages/waitress-3.0.2.dist-info/RECORD /usr/lib/python3.13/site-packages/waitress-3.0.2.dist-info/REQUESTED /usr/lib/python3.13/site-packages/waitress-3.0.2.dist-info/WHEEL /usr/lib/python3.13/site-packages/waitress-3.0.2.dist-info/entry_points.txt /usr/lib/python3.13/site-packages/waitress-3.0.2.dist-info/top_level.txt /usr/lib/python3.13/site-packages/waitress/__init__.py /usr/lib/python3.13/site-packages/waitress/__main__.py /usr/lib/python3.13/site-packages/waitress/__pycache__ /usr/lib/python3.13/site-packages/waitress/__pycache__/__init__.cpython-313.opt-1.pyc /usr/lib/python3.13/site-packages/waitress/__pycache__/__init__.cpython-313.pyc /usr/lib/python3.13/site-packages/waitress/__pycache__/__main__.cpython-313.opt-1.pyc /usr/lib/python3.13/site-packages/waitress/__pycache__/__main__.cpython-313.pyc /usr/lib/python3.13/site-packages/waitress/__pycache__/adjustments.cpython-313.opt-1.pyc /usr/lib/python3.13/site-packages/waitress/__pycache__/adjustments.cpython-313.pyc /usr/lib/python3.13/site-packages/waitress/__pycache__/buffers.cpython-313.opt-1.pyc /usr/lib/python3.13/site-packages/waitress/__pycache__/buffers.cpython-313.pyc /usr/lib/python3.13/site-packages/waitress/__pycache__/channel.cpython-313.opt-1.pyc /usr/lib/python3.13/site-packages/waitress/__pycache__/channel.cpython-313.pyc /usr/lib/python3.13/site-packages/waitress/__pycache__/compat.cpython-313.opt-1.pyc /usr/lib/python3.13/site-packages/waitress/__pycache__/compat.cpython-313.pyc /usr/lib/python3.13/site-packages/waitress/__pycache__/parser.cpython-313.opt-1.pyc /usr/lib/python3.13/site-packages/waitress/__pycache__/parser.cpython-313.pyc /usr/lib/python3.13/site-packages/waitress/__pycache__/proxy_headers.cpython-313.opt-1.pyc /usr/lib/python3.13/site-packages/waitress/__pycache__/proxy_headers.cpython-313.pyc /usr/lib/python3.13/site-packages/waitress/__pycache__/receiver.cpython-313.opt-1.pyc /usr/lib/python3.13/site-packages/waitress/__pycache__/receiver.cpython-313.pyc /usr/lib/python3.13/site-packages/waitress/__pycache__/rfc7230.cpython-313.opt-1.pyc /usr/lib/python3.13/site-packages/waitress/__pycache__/rfc7230.cpython-313.pyc /usr/lib/python3.13/site-packages/waitress/__pycache__/runner.cpython-313.opt-1.pyc /usr/lib/python3.13/site-packages/waitress/__pycache__/runner.cpython-313.pyc /usr/lib/python3.13/site-packages/waitress/__pycache__/server.cpython-313.opt-1.pyc /usr/lib/python3.13/site-packages/waitress/__pycache__/server.cpython-313.pyc /usr/lib/python3.13/site-packages/waitress/__pycache__/task.cpython-313.opt-1.pyc /usr/lib/python3.13/site-packages/waitress/__pycache__/task.cpython-313.pyc /usr/lib/python3.13/site-packages/waitress/__pycache__/trigger.cpython-313.opt-1.pyc /usr/lib/python3.13/site-packages/waitress/__pycache__/trigger.cpython-313.pyc /usr/lib/python3.13/site-packages/waitress/__pycache__/utilities.cpython-313.opt-1.pyc /usr/lib/python3.13/site-packages/waitress/__pycache__/utilities.cpython-313.pyc /usr/lib/python3.13/site-packages/waitress/__pycache__/wasyncore.cpython-313.opt-1.pyc /usr/lib/python3.13/site-packages/waitress/__pycache__/wasyncore.cpython-313.pyc /usr/lib/python3.13/site-packages/waitress/adjustments.py /usr/lib/python3.13/site-packages/waitress/buffers.py /usr/lib/python3.13/site-packages/waitress/channel.py /usr/lib/python3.13/site-packages/waitress/compat.py /usr/lib/python3.13/site-packages/waitress/parser.py /usr/lib/python3.13/site-packages/waitress/proxy_headers.py /usr/lib/python3.13/site-packages/waitress/receiver.py /usr/lib/python3.13/site-packages/waitress/rfc7230.py /usr/lib/python3.13/site-packages/waitress/runner.py /usr/lib/python3.13/site-packages/waitress/server.py /usr/lib/python3.13/site-packages/waitress/task.py /usr/lib/python3.13/site-packages/waitress/trigger.py /usr/lib/python3.13/site-packages/waitress/utilities.py /usr/lib/python3.13/site-packages/waitress/wasyncore.py /usr/share/doc/packages/python313-waitress /usr/share/doc/packages/python313-waitress/COPYRIGHT.txt /usr/share/doc/packages/python313-waitress/README.rst /usr/share/libalternatives/waitress-serve /usr/share/libalternatives/waitress-serve/313.conf /usr/share/licenses/python313-waitress /usr/share/licenses/python313-waitress/LICENSE.txt
Generated by rpm2html 1.8.1
Fabrice Bellet, Mon Dec 9 23:39:48 2024