-
python-urllib3 (1.6-2) unstable; urgency=high
* debian/patches/06_fix_abuse_of_match_hostname_for_DoS.patch
- Added upstream patch to fix possible abuse of ssl.match_hostname()
for denial of service using certificates with many wildcards
(CVE-2013-2099) (Closes: #709070) Thanks Henri Salo and Jakub
Wilk for the report
-- Daniele Tricoli <email address hidden> Mon, 20 May 2013 19:34:17 +0200
-
python-urllib3 (1.6-1) unstable; urgency=low
[ Jakub Wilk ]
* Use canonical URIs for Vcs-* fields.
[ Daniele Tricoli ]
* New upstream release
* Upload to unstable (Closes: #707780)
* debian/control
- Added python3-six to Build-Depends field
- Bumped debhelper dependency to 8.1 for build-{arch,indep} support
- Removed python-setuptools from Build-Depends field
* debian/copyright
- Updated copyright years
- Added stanza for urllib3/packages/ordered_dict.py
* debian/patches/01_do-not-use-embedded-python-six.patch
- Refreshed
* debian/patches/02_require-cert-verification.patch
- Refreshed
* debian/patches/03_no-setuptools.patch
- Do not use setuptools
* debian/patches/04_relax_nosetests_options.patch
- Do not use logging-clear-handlers to see all logging output and
disabled cover-min-percentage since it require python-nose (>= 1.3):
this way it will be easier to backport python-urllib3 to Wheezy.
* debian/patches/05_fix_python3_syntax_error_in_ntlmpool.patch
- Fix syntax error 'unicodeescape' codec can't decode bytes in
position 130-132 for Python3
-- Daniele Tricoli <email address hidden> Sat, 11 May 2013 15:15:38 +0200
-
python-urllib3 (1.5-0ubuntu1) raring; urgency=low
* New upstream release. Remaining changes:
- 01_do-not-use-embedded-python-six.patch: refreshed
- 02_require-cert-verification.patch: refreshed
- 03-fix-appenginge.patch: removed
-- Barry Warsaw <email address hidden> Thu, 01 Nov 2012 15:31:36 +0100