Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

python311-waitress-2.1.2-150400.12.4.1 RPM for noarch

From OpenSuSE Leap 15.6 for noarch

Name: python311-waitress Distribution: SUSE Linux Enterprise 15
Version: 2.1.2 Vendor: SUSE LLC <https://www.suse.com/>
Release: 150400.12.4.1 Build date: Thu Feb 22 15:00:20 2024
Group: Development/Languages/Python Build host: h03-ch2d
Size: 359883 Source RPM: python-waitress-2.1.2-150400.12.4.1.src.rpm
Packager: https://www.suse.com/
Url: https://github.com/Pylons/waitress
Summary: Waitress WSGI server
 
Waitress is a pure-Python WSGI server. It has no dependencies except
ones which live in the Python standard library. It supports HTTP/1.0
and HTTP/1.1.

For more information, see the "docs" directory of the Waitress package or
http://docs.pylonsproject.org/projects/waitress/en/latest/ .

Provides

Requires

License

ZPL-2.1

Changelog

* Mon Dec 04 2023 ana.guerrero@suse.com
  - Add BuildRequires on python-setuptools for both flavors.
* Wed Jul 26 2023 bwiedemann@suse.com
  - Drop sphinx doctrees for reproducible builds
* Sat Jun 10 2023 ecsos@opensuse.org
  - Fix build error for waitress:doc
* Wed May 03 2023 mliska@suse.cz
  - Use sphinx-build and do not depend on removed build_sphinx
    in Sphinx 7.0 (boo#1211051).
* Fri Apr 21 2023 dmueller@suse.com
  - add sle15_python_module_pythons (jsc#PED-68)
* Thu Aug 18 2022 code@bnavigator.de
  - Remove code coverage checking for packaging tests
* Tue May 31 2022 arun@gmx.de
  - specfile:
    * be more specific in %files section
  - update to version 2.1.2 (bsc#1200126, CVE-2022-31015):
    * Bugfix
      + When expose_tracebacks is enabled waitress would fail to
      properly encode unicode thereby causing another error during
      error handling. See https://github.com/Pylons/waitress/pull/378
      + Header length checking had a calculation that was done
      incorrectly when the data was received across multple socket
      reads. This calculation has been corrected, and no longer will
      Waitress send back a 413 Request Entity Too Large. See
      https://github.com/Pylons/waitress/pull/376
    * Security Bugfix
      + in 2.1.0 a new feature was introduced that allowed the WSGI
      thread to start sending data to the socket. However this
      introduced a race condition whereby a socket may be closed in
      the sending thread while the main thread is about to call
      select() therey causing the entire application to be taken down.
      Waitress will no longer close the socket in the WSGI thread,
      instead waking up the main thread to cleanup. See
      https://github.com/Pylons/waitress/pull/377
* Thu Mar 17 2022 dmueller@suse.com
  - update to 2.1.1 (bsc#1197255, CVE-2022-24761):
    * Waitress now validates that chunked encoding extensions are valid, and don’t
      contain invalid characters that are not allowed. They are still skipped/not
      processed, but if they contain invalid data we no longer continue in and return
      a 400 Bad Request. This stops potential HTTP desync/HTTP request smuggling.
      Thanks to Zhang Zeyu for reporting this issue. See
      https://github.com/Pylons/waitress/security/advisories/GHSA-4f7p-27jc-3c36
    * Waitress now validates that the chunk length is only valid hex digits when
      parsing chunked encoding, and values such as 0x01 and +01 are no longer
      supported. This stops potential HTTP desync/HTTP request smuggling. Thanks
      to Zhang Zeyu for reporting this issue. See
      https://github.com/Pylons/waitress/security/advisories/GHSA-4f7p-27jc-3c36
    * Waitress now validates that the Content-Length sent by a remote contains only
      digits in accordance with RFC7230 and will return a 400 Bad Request when the
      Content-Length header contains invalid data, such as +10 which would
      previously get parsed as 10 and accepted. This stops potential HTTP
      desync/HTTP request smuggling Thanks to Zhang Zeyu for reporting this issue.
      See
      https://github.com/Pylons/waitress/security/advisories/GHSA-4f7p-27jc-3c36
* Fri Aug 27 2021 schubi@suse.de
  - Use libalternatives instead of update-alternatives.
* Fri Aug 27 2021 pgajdos@suse.com
  - version update to 2.0.0
    - Friendly Reminder
      This release still contains a variety of deprecation notices about defaults
      that can be set for a variety of options.
      Please note that this is your last warning, and you should update your
      configuration if you do NOT want to use the new defaults.
      See the arguments documentation page for all supported options, and pay
      attention to the warnings:
      https://docs.pylonsproject.org/projects/waitress/en/stable/arguments.html
    - Fix a crash on startup when listening to multiple interfaces.
      See https://github.com/Pylons/waitress/pull/332
    - Waitress no longer attempts to guess at what the ``server_name`` should be for
      a listen socket, instead it always use a new adjustment/argument named
      ``server_name``.
      Please see the documentation for ``server_name`` in
      https://docs.pylonsproject.org/projects/waitress/en/latest/arguments.html and
      see https://github.com/Pylons/waitress/pull/329
    - Allow tasks to notice if the client disconnected.
      This inserts a callable ``waitress.client_disconnected`` into the environment
      that allows the task to check if the client disconnected while waiting for
      the response at strategic points in the execution and to cancel the
      operation.
      It requires setting the new adjustment ``channel_request_lookahead`` to a value
      larger than 0, which continues to read requests from a channel even if a
      request is already being processed on that channel, up to the given count,
      since a client disconnect is detected by reading from a readable socket and
      receiving an empty result.
      See https://github.com/Pylons/waitress/pull/310
    - Drop Python 2.7 and 3.5 support
    - The server now issues warning output when it there are enough open
      connections (controlled by "connection_limit"), that it is no longer
      accepting new connections. This situation was previously difficult to
      diagnose.
      See https://github.com/Pylons/waitress/pull/322
* Thu Oct 01 2020 hpj@urpla.net
  - Update to version 1.4.4 (2020-06-01)
    + Fix an issue with keep-alive connections in which memory usage
      was higher than expected because output buffers were being
      reused across requests on a long-lived connection and each
      buffer would not be freed until it was full or the connection
      was closed. Buffers are now rotated per-request to stabilize
      their behavior.
    + See https://github.com/Pylons/waitress/pull/300
    + Waitress threads have been updated to contain their thread
      number. This will allow loggers that use that information to
      print the thread that the log is coming from.
    + See https://github.com/Pylons/waitress/pull/302
  - Switch to pytest, disable one test, that requires network
  - Create _multibuild for doc package
    It requires installation of base package now
* Wed Jun 17 2020 jtomasiak@suse.com
  - make sure UTF8 locale is used when runnning tests
    * Sometimes functional tests executed in python3 failed if stdout was not
      set to UTF-8. The error message was:
      ValueError: underlying buffer has been detached
* Mon May 18 2020 pgajdos@suse.com
  - %python3_only -> %python_alternative
* Thu Feb 06 2020 mcalabkova@suse.com
  - update to 1.4.3
    * Waitress did not properly validate that the HTTP headers it received
      were properly formed, thereby potentially allowing a front-end server
      to treat a request different from Waitress. This could lead to HTTP
      request smuggling/splitting.
  - drop patch local-intersphinx-inventories.patch
    * it was commented out, anyway
* Fri Dec 20 2019 dmueller@suse.com
  - update to 1.4.0:
    - Waitress used to slam the door shut on HTTP pipelined requests without
    setting the ``Connection: close`` header as appropriate in the response. This
    is of course not very friendly. Waitress now explicitly sets the header when
    responding with an internally generated error such as 400 Bad Request or 500
    Internal Server Error to notify the remote client that it will be closing the
    connection after the response is sent.
    - Waitress no longer allows any spaces to exist between the header field-name
    and the colon. While waitress did not strip the space and thereby was not
    vulnerable to any potential header field-name confusion, it should have sent
    back a 400 Bad Request. See https://github.com/Pylons/waitress/issues/273
    - CRLR handling Security fixes
* Thu Aug 29 2019 mcalabkova@suse.com
  - update to 1.3.1
    * Waitress won’t accidentally throw away part of the path if it
      starts with a double slash
* Mon May 06 2019 pgajdos@suse.com
  - version update to 1.3.0
    Deprecations
    ~~~~~~~~~~~~
    - The ``send_bytes`` adjustment now defaults to ``1`` and is deprecated
      pending removal in a future release.
      and https://github.com/Pylons/waitress/pull/246
    Features
    ~~~~~~~~
    - Add a new ``outbuf_high_watermark`` adjustment which is used to apply
      backpressure on the ``app_iter`` to avoid letting it spin faster than data
      can be written to the socket. This stabilizes responses that iterate quickly
      with a lot of data.
      See https://github.com/Pylons/waitress/pull/242
    - Stop early and close the ``app_iter`` when attempting to write to a closed
      socket due to a client disconnect. This should notify a long-lived streaming
      response when a client hangs up.
      See https://github.com/Pylons/waitress/pull/238
      and https://github.com/Pylons/waitress/pull/240
      and https://github.com/Pylons/waitress/pull/241
    - Adjust the flush to output ``SO_SNDBUF`` bytes instead of whatever was
      set in the ``send_bytes`` adjustment. ``send_bytes`` now only controls how
      much waitress will buffer internally before flushing to the kernel, whereas
      previously it used to also throttle how much data was sent to the kernel.
      This change enables a streaming ``app_iter`` containing small chunks to
      still be flushed efficiently.
      See https://github.com/Pylons/waitress/pull/246
    Bugfixes
    ~~~~~~~~
    - Upon receiving a request that does not include HTTP/1.0 or HTTP/1.1 we will
      no longer set the version to the string value "None". See
      https://github.com/Pylons/waitress/pull/252 and
      https://github.com/Pylons/waitress/issues/110
    - When a client closes a socket unexpectedly there was potential for memory
      leaks in which data was written to the buffers after they were closed,
      causing them to reopen.
      See https://github.com/Pylons/waitress/pull/239
    - Fix the queue depth warnings to only show when all threads are busy.
      See https://github.com/Pylons/waitress/pull/243
      and https://github.com/Pylons/waitress/pull/247
    - Trigger the ``app_iter`` to close as part of shutdown. This will only be
      noticeable for users of the internal server api. In more typical operations
      the server will die before benefiting from these changes.
      See https://github.com/Pylons/waitress/pull/245
    - Fix a bug in which a streaming ``app_iter`` may never cleanup data that has
      already been sent. This would cause buffers in waitress to grow without
      bounds. These buffers now properly rotate and release their data.
      See https://github.com/Pylons/waitress/pull/242
    - Fix a bug in which non-seekable subclasses of ``io.IOBase`` would trigger
      an exception when passed to the ``wsgi.file_wrapper`` callback.
      See https://github.com/Pylons/waitress/pull/249
* Wed Mar 20 2019 jengelh@inai.de
  - Trim marketing wording and other platform mentions.
* Mon Feb 25 2019 toddrme2178@gmail.com
  - Add fetch-intersphinx-inventories.sh to sources
  - Add local-intersphinx-inventories.patch for generating the docs
    correctly
* Thu Feb 07 2019 hpj@urpla.net
  - update to version 1.2.1:
    too many changes to list here, see:
    https://github.com/Pylons/waitress/blob/master/CHANGES.txt
    or even:
    https://github.com/Pylons/waitress/commits/master
* Tue Dec 04 2018 mcepl@suse.com
  - Remove superfluous devel dependency for noarch package
* Fri Oct 13 2017 arun@gmx.de
  - update to version 1.1.0:
    * Features
      + Waitress now has a __main__ and thus may be called with "python
    - mwaitress"
    * Bugfixes
      + Waitress no longer allows lowercase HTTP verbs. This change was
      made to fall in line with most HTTP servers. See
      https://github.com/Pylons/waitress/pull/170
      + When receiving non-ascii bytes in the request URL, waitress will
      no longer abruptly close the connection, instead returning a 400
      Bad Request. See https://github.com/Pylons/waitress/pull/162 and
      https://github.com/Pylons/waitress/issues/64
* Mon May 01 2017 toddrme2178@gmail.com
  - Update to 1.0.2
    * Python 3.6 is now officially supported in Waitress
    * Add a work-around for libc issue on Linux not following the
      documented standards. If getnameinfo() fails because of DNS not
      being available it should return the IP address instead of the
      reverse DNS entry, however instead getnameinfo() raises. We
      catch this, and ask getnameinfo() for the same information
      again, explicitly asking for IP address instead of reverse
      DNS hostname.
  - Implement single-spec version.
  - Fix source URL.
* Tue Nov 15 2016 tbechtold@suse.com
  - update to 1.0.1:
    - IPv6 support on Windows was broken due to missing constants in the socket
      module. This has been resolved by setting the constants on Windows if they
      are missing. See https://github.com/Pylons/waitress/issues/138
    - A ValueError was raised on Windows when passing a string for the port, on
      Windows in Python 2 using service names instead of port numbers doesn't work
      with `getaddrinfo`. This has been resolved by attempting to convert the port
      number to an integer, if that fails a ValueError will be raised. See
      https://github.com/Pylons/waitress/issues/139
    - Removed `AI_ADDRCONFIG` from the call to `getaddrinfo`, this resolves an
      issue whereby `getaddrinfo` wouldn't return any addresses to `bind` to on
      hosts where there is no internet connection but localhost is requested to be
      bound to. See https://github.com/Pylons/waitress/issues/131 for more
      information.
  - disable tests. need network access.
* Fri May 20 2016 dmueller@suse.com
  - update to 0.9.0:
    * Security/Protections
    - Building on the changes made in pull request 117, add in checking for line
      feed/carriage return HTTP Response Splitting in the status line, as well as
      the key of a header. See https://github.com/Pylons/waitress/pull/124 and
      https://github.com/Pylons/waitress/issues/122.
    - Waitress will no longer accept headers or status lines with
      newline/carriage returns in them, thereby disallowing HTTP Response
      Splitting.
    * Bugfixes
    - FileBasedBuffer and more important ReadOnlyFileBasedBuffer no longer report
      False when tested with bool(), instead always returning True, and becoming
      more iterator like.
    - Call prune() on the output buffer at the end of a request so that it doesn't
      continue to grow without bounds.
* Fri Dec 12 2014 tbechtold@suse.com
  - update to 0.8.9:
    - Fix tests under Windows.  NB: to run tests under Windows, you cannot run
      "setup.py test" or "setup.py nosetests".  Instead you must run ``python.exe
    - c "import nose; nose.main()"``.  If you try to run the tests using the
      normal method under Windows, each subprocess created by the test suite will
      attempt to run the test suite again.  See
      https://github.com/nose-devs/nose/issues/407 for more information.
    - Give the WSGI app_iter generated when ``wsgi.file_wrapper`` is used
      (ReadOnlyFileBasedBuffer) a ``close`` method.  Do not call ``close`` on an
      instance of such a class when it's used as a WSGI app_iter, however.  This is
      part of a fix which prevents a leakage of file descriptors; the other part of
      the fix was in WebOb
      (https://github.com/Pylons/webob/commit/951a41ce57bd853947f842028bccb500bd5237da).
    - Allow trusted proxies to override ``wsgi.url_scheme`` via a request header,
      ``X_FORWARDED_PROTO``.  Allows proxies which serve mixed HTTP / HTTPS
      requests to control signal which are served as HTTPS.  See
      https://github.com/Pylons/waitress/pull/42.
    - Fix some cases where the creation of extremely large output buffers (greater
      than 2GB, suspected to be buffers added via ``wsgi.file_wrapper``) might
      cause an OverflowError on Python 2.  See
      https://github.com/Pylons/waitress/issues/47.
    - When the ``url_prefix`` adjustment starts with more than one slash, all
      slashes except one will be stripped from its beginning.  This differs from
      older behavior where more than one leading slash would be preserved in
      ``url_prefix``.
    - If a client somehow manages to send an empty path, we no longer convert the
      empty path to a single slash in ``PATH_INFO``.  Instead, the path remains
      empty.  According to RFC 2616 section "5.1.2 Request-URI", the scenario of a
      client sending an empty path is actually not possible because the request URI
      portion cannot be empty.
    - If the ``url_prefix`` adjustment matches the request path exactly, we now
      compute ``SCRIPT_NAME`` and ``PATH_INFO`` properly.  Previously, if the
      ``url_prefix`` was ``/foo`` and the path received from a client was ``/foo``,
      we would set *both* ``SCRIPT_NAME`` and ``PATH_INFO`` to ``/foo``.  This was
      incorrect.  Now in such a case we set ``PATH_INFO`` to the empty string and
      we set ``SCRIPT_NAME`` to ``/foo``.  Note that the change we made has no
      effect on paths that do not match the ``url_prefix`` exactly (such as
      ``/foo/bar``); these continue to operate as they did.  See
      https://github.com/Pylons/waitress/issues/46
    - Preserve header ordering of headers with the same name as per RFC 2616.  See
      https://github.com/Pylons/waitress/pull/44
    - When waitress receives a ``Transfer-Encoding: chunked`` request, we no longer
      send the ``TRANSFER_ENCODING`` nor the ``HTTP_TRANSFER_ENCODING`` value to
      the application in the environment.  Instead, we pop this header.  Since we
      cope with chunked requests by buffering the data in the server, we also know
      when a chunked request has ended, and therefore we know the content length.
      We set the content-length header in the environment, such that applications
      effectively never know the original request was a T-E: chunked request; it
      will appear to them as if the request is a non-chunked request with an
      accurate content-length.
    - Cope with the fact that the ``Transfer-Encoding`` value is case-insensitive.
    - When the ``--unix-socket-perms`` option was used as an argument to
      ``waitress-serve``, a ``TypeError`` would be raised.  See
      https://github.com/Pylons/waitress/issues/50.
  - Enable testsuite during build

Files

/etc/alternatives/waitress-serve
/usr/bin/waitress-serve
/usr/bin/waitress-serve-3.11
/usr/lib/python3.11/site-packages/waitress
/usr/lib/python3.11/site-packages/waitress-2.1.2-py3.11.egg-info
/usr/lib/python3.11/site-packages/waitress-2.1.2-py3.11.egg-info/PKG-INFO
/usr/lib/python3.11/site-packages/waitress-2.1.2-py3.11.egg-info/SOURCES.txt
/usr/lib/python3.11/site-packages/waitress-2.1.2-py3.11.egg-info/dependency_links.txt
/usr/lib/python3.11/site-packages/waitress-2.1.2-py3.11.egg-info/entry_points.txt
/usr/lib/python3.11/site-packages/waitress-2.1.2-py3.11.egg-info/requires.txt
/usr/lib/python3.11/site-packages/waitress-2.1.2-py3.11.egg-info/top_level.txt
/usr/lib/python3.11/site-packages/waitress/__init__.py
/usr/lib/python3.11/site-packages/waitress/__main__.py
/usr/lib/python3.11/site-packages/waitress/__pycache__
/usr/lib/python3.11/site-packages/waitress/__pycache__/__init__.cpython-311.opt-1.pyc
/usr/lib/python3.11/site-packages/waitress/__pycache__/__init__.cpython-311.pyc
/usr/lib/python3.11/site-packages/waitress/__pycache__/__main__.cpython-311.opt-1.pyc
/usr/lib/python3.11/site-packages/waitress/__pycache__/__main__.cpython-311.pyc
/usr/lib/python3.11/site-packages/waitress/__pycache__/adjustments.cpython-311.opt-1.pyc
/usr/lib/python3.11/site-packages/waitress/__pycache__/adjustments.cpython-311.pyc
/usr/lib/python3.11/site-packages/waitress/__pycache__/buffers.cpython-311.opt-1.pyc
/usr/lib/python3.11/site-packages/waitress/__pycache__/buffers.cpython-311.pyc
/usr/lib/python3.11/site-packages/waitress/__pycache__/channel.cpython-311.opt-1.pyc
/usr/lib/python3.11/site-packages/waitress/__pycache__/channel.cpython-311.pyc
/usr/lib/python3.11/site-packages/waitress/__pycache__/compat.cpython-311.opt-1.pyc
/usr/lib/python3.11/site-packages/waitress/__pycache__/compat.cpython-311.pyc
/usr/lib/python3.11/site-packages/waitress/__pycache__/parser.cpython-311.opt-1.pyc
/usr/lib/python3.11/site-packages/waitress/__pycache__/parser.cpython-311.pyc
/usr/lib/python3.11/site-packages/waitress/__pycache__/proxy_headers.cpython-311.opt-1.pyc
/usr/lib/python3.11/site-packages/waitress/__pycache__/proxy_headers.cpython-311.pyc
/usr/lib/python3.11/site-packages/waitress/__pycache__/receiver.cpython-311.opt-1.pyc
/usr/lib/python3.11/site-packages/waitress/__pycache__/receiver.cpython-311.pyc
/usr/lib/python3.11/site-packages/waitress/__pycache__/rfc7230.cpython-311.opt-1.pyc
/usr/lib/python3.11/site-packages/waitress/__pycache__/rfc7230.cpython-311.pyc
/usr/lib/python3.11/site-packages/waitress/__pycache__/runner.cpython-311.opt-1.pyc
/usr/lib/python3.11/site-packages/waitress/__pycache__/runner.cpython-311.pyc
/usr/lib/python3.11/site-packages/waitress/__pycache__/server.cpython-311.opt-1.pyc
/usr/lib/python3.11/site-packages/waitress/__pycache__/server.cpython-311.pyc
/usr/lib/python3.11/site-packages/waitress/__pycache__/task.cpython-311.opt-1.pyc
/usr/lib/python3.11/site-packages/waitress/__pycache__/task.cpython-311.pyc
/usr/lib/python3.11/site-packages/waitress/__pycache__/trigger.cpython-311.opt-1.pyc
/usr/lib/python3.11/site-packages/waitress/__pycache__/trigger.cpython-311.pyc
/usr/lib/python3.11/site-packages/waitress/__pycache__/utilities.cpython-311.opt-1.pyc
/usr/lib/python3.11/site-packages/waitress/__pycache__/utilities.cpython-311.pyc
/usr/lib/python3.11/site-packages/waitress/__pycache__/wasyncore.cpython-311.opt-1.pyc
/usr/lib/python3.11/site-packages/waitress/__pycache__/wasyncore.cpython-311.pyc
/usr/lib/python3.11/site-packages/waitress/adjustments.py
/usr/lib/python3.11/site-packages/waitress/buffers.py
/usr/lib/python3.11/site-packages/waitress/channel.py
/usr/lib/python3.11/site-packages/waitress/compat.py
/usr/lib/python3.11/site-packages/waitress/parser.py
/usr/lib/python3.11/site-packages/waitress/proxy_headers.py
/usr/lib/python3.11/site-packages/waitress/receiver.py
/usr/lib/python3.11/site-packages/waitress/rfc7230.py
/usr/lib/python3.11/site-packages/waitress/runner.py
/usr/lib/python3.11/site-packages/waitress/server.py
/usr/lib/python3.11/site-packages/waitress/task.py
/usr/lib/python3.11/site-packages/waitress/trigger.py
/usr/lib/python3.11/site-packages/waitress/utilities.py
/usr/lib/python3.11/site-packages/waitress/wasyncore.py
/usr/share/doc/packages/python311-waitress
/usr/share/doc/packages/python311-waitress/COPYRIGHT.txt
/usr/share/doc/packages/python311-waitress/README.rst
/usr/share/licenses/python311-waitress
/usr/share/licenses/python311-waitress/LICENSE.txt

Generated by rpm2html 1.8.1

Fabrice Bellet, Fri Apr 26 23:30:45 2024