SUSE-RU-2017:2296-1: Recommended update for python-requests
sle-updates at lists.suse.com
sle-updates at lists.suse.com
Tue Aug 29 16:07:43 MDT 2017
SUSE Recommended Update: Recommended update for python-requests
Announcement ID: SUSE-RU-2017:2296-1
SUSE Linux Enterprise Server 12-SP3
SUSE Linux Enterprise High Availability 12-SP3
SUSE Linux Enterprise Desktop 12-SP3
An update that has one recommended fix can now be installed.
This update provides python-requests 2.11.1, which brings many fixes and
- Strip Content-Type and Transfer-Encoding headers from the header block
when following a redirect that transforms the verb from POST/PUT to GET.
- Added support for the ALL_PROXY environment variable.
- Reject header values that contain leading whitespace or newline
characters to reduce risk
of header smuggling.
- Fixed occasional TypeError when attempting to decode a JSON response
that occurred in an error case. Now correctly returns a ValueError.
- Requests would incorrectly ignore a non-CIDR IP address in the NO_PROXY
environment variables: Requests now treats it as a specific IP.
- Fixed a bug when sending JSON data that could cause us to encounter
obscure OpenSSL errors in certain network conditions.
- Added type checks to ensure that iter_content only accepts integers and
None for chunk sizes.
- Fixed issue where responses whose body had not been fully consumed would
have the underlying connection closed but not returned to the connection
pool, which could cause Requests to hang in situations where the
HTTPAdapter had been configured to use a blocking connection pool.
- Change built-in CaseInsensitiveDict to use OrderedDict as its underlying
- Don't use redirect_cache if allow_redirects=False.
- When passed objects that throw exceptions from tell(), send them via
chunked transfer encoding instead of failing.
- Raise a ProxyError for proxy related connection issues.
- The verify keyword argument now supports being passed a path to a
directory of CA certificates, not just a single-file bundle.
- Warnings are now emitted when sending files opened in text mode.
- Added the 511 Network Authentication Required status code to the status
- For file-like objects that are not seeked to the very beginning, we now
send the content length for the number of bytes we will actually read,
rather than the total size of the file, allowing partial file uploads.
- When uploading file-like objects, if they are empty or have no obvious
content length we set Transfer-Encoding: chunked rather than
- We correctly receive the response in buffered mode when uploading
- We now handle being passed a query string as a bytestring on Python 3,
by decoding it as UTF-8.
- Sessions are now closed in all cases (exceptional and not) when using
the functional API rather than leaking and waiting for the garbage
collector to clean them up.
- Correctly handle digest auth headers with a malformed qop directive that
contains no token, by treating it the same as if no qop directive was
provided at all.
- Minor performance improvements when removing specific cookies by name.
To install this SUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 12-SP3:
zypper in -t patch SUSE-SLE-SERVER-12-SP3-2017-1412=1
- SUSE Linux Enterprise High Availability 12-SP3:
zypper in -t patch SUSE-SLE-HA-12-SP3-2017-1412=1
- SUSE Linux Enterprise Desktop 12-SP3:
zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2017-1412=1
To bring your system up-to-date, use "zypper patch".
- SUSE Linux Enterprise Server 12-SP3 (noarch):
- SUSE Linux Enterprise High Availability 12-SP3 (noarch):
- SUSE Linux Enterprise Desktop 12-SP3 (noarch):
More information about the sle-updates