linux/meta-openembedded.git/meta-python/recipes-devtools/python/python3-aiohttp_3.8.5.bb, branch kirkstone-next Mirror of git.openembedded.org/meta-openembedded https://git.enea.com/cgit/linux/meta-openembedded.git/atom?h=kirkstone-next 2024-02-07T23:41:41+00:00 python3-aiohttp: upgrade 3.8.5 -> 3.8.6 2024-02-07T23:41:41+00:00 Narpat Mali narpat.mali@windriver.com 2024-01-09T10:02:15+00:00 urn:sha1:4af7df792940b42378ed9181d8a01bb7c7b09487 The delta between 3.8.5 & 3.8.6 contains the CVE-2023-47627 fix and other bugfixes. https://github.com/aio-libs/aiohttp/security/advisories/GHSA-gfw2-4jvh-wgfg Changelog: ---------- https://docs.aiohttp.org/en/stable/changes.html#id72 The git log --oneline v3.8.5..v3.8.6 shows: 996de262 (tag: v3.8.6) Release v3.8.6 (#7668) 8c128d4f [PR #7651/45f98b7d backport][3.8] Fix BadStatusLine message (#7666) 89b7df15 Allow lax response parsing on Py parser (#7663) (#7664) d5c12ba8 [PR #7661/85713a48 backport][3.8] Update Python parser for RFCs 9110/9112 (#7662) 8a3977ac [PR #7272/b2a7983a backport][3.8] Fix Read The Docs config (#7650) bcc416e5 [PR #7647/1303350e backport][3.8] Upgrade to llhttp 9.1.3 (#7648) b30c0cd2 Remove chardet/charset-normalizer. (#7589) 5946c743 CookieJar - return 'best-match' and not LIFO (#7577) (#7588) 8c4ec62f [PR #7518/8bd42e74 backport][3.8] Fix GunicornWebWorker max_requests_jitter not work (#7519) a0d234df Use lenient headers for response parser (#7490) (#7492) f92b27b0 Update to LLHTTP 9 (#7485) (#7487) 8129d26f [PR #7480/1fb06bbc backport][3.8] Fix error pointer on linebreaks (#7482) 8d701c3d Fix PermissionError when loading .netrc (#7237) (#7378) (#7395) Signed-off-by: Narpat Mali <narpat.mali@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> python3-aiohttp: upgrade 3.8.1 -> 3.8.5 2023-08-30T17:41:52+00:00 Narpat Mali narpat.mali@windriver.com 2023-08-21T11:34:05+00:00 urn:sha1:ea23e7f0c0f8c5cf911a0bda1a6d6fe833d1a6fb The delta between 3.8.1 & 3.8.5 contains the CVE-2023-37276 fix and other bugfixes. https://github.com/aio-libs/aiohttp/security/advisories/GHSA-45c4-8wx5-qw6w Changelog: https://docs.aiohttp.org/en/stable/changes.html - Increased the upper boundary of the multidict dependency to allow for the version 6 - License-Update: Update copyright year from 2020 to 2022 - Fixed incorrectly overwriting cookies with the same name and domain, but different path - Fixed ConnectionResetError not being raised after client disconnection in SSL environments - Upgraded the vendored copy of llhttp_ to v8.1.1 - Added information to C parser exceptions to show which character caused the error - Fixed a transport is :data:None error Upstream master patches: 3.8.1 -> 3.8.3 : https://git.openembedded.org/meta-openembedded/commit/?id=c0d2a5bcc87ee8564a5b9be35f3e2b930e384a59 3.8.3 -> 3.8.4 : https://git.openembedded.org/meta-openembedded/commit/?id=1fc465466cd138e1fcc87de18e84f88e2c5f1b4f 3.8.4 -> 3.8.5 : https://git.openembedded.org/meta-openembedded/commit/?id=ba5d26d1d8b30d71cb648f95b6431c16134e82e9 Signed-off-by: Narpat Mali <narpat.mali@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>