SUSE-RU-2017:1820-1: Recommended update for python-requests

sle-updates at lists.suse.com sle-updates at lists.suse.com
Fri Jul 7 19:10:26 MDT 2017 

   SUSE Recommended Update: Recommended update for python-requests
______________________________________________________________________________

Announcement ID:    SUSE-RU-2017:1820-1
Rating:             low
References:         #967128 
Affected Products:
                    SUSE Manager Tools 12
                    SUSE Linux Enterprise Server for Raspberry Pi 12-SP2
                    SUSE Linux Enterprise Server 12-SP2
                    SUSE Linux Enterprise Module for Public Cloud 12
                    SUSE Linux Enterprise Module for Advanced Systems Management 12
                    SUSE Linux Enterprise High Availability 12-SP2
                    SUSE Linux Enterprise Desktop 12-SP2
______________________________________________________________________________

   An update that has one recommended fix can now be installed.

Description:


   This update provides python-requests 2.11.1, which brings many fixes and
   enhancements:

   - Strip Content-Type and Transfer-Encoding headers from the header block
     when following a redirect that transforms the verb from POST/PUT to GET.
   - Added support for the ALL_PROXY environment variable.
   - Reject header values that contain leading whitespace or newline
     characters to reduce risk
     of header smuggling.
   - Fixed occasional TypeError when attempting to decode a JSON response
     that occurred in an error case. Now correctly returns a ValueError.
   - Requests would incorrectly ignore a non-CIDR IP address in the NO_PROXY
     environment variables: Requests now treats it as a specific IP.
   - Fixed a bug when sending JSON data that could cause us to encounter
     obscure OpenSSL errors in certain network conditions.
   - Added type checks to ensure that iter_content only accepts integers and
     None for chunk sizes.
   - Fixed issue where responses whose body had not been fully consumed would
     have the underlying connection closed but not returned to the connection
     pool, which could cause Requests to hang in situations where the
     HTTPAdapter had been configured to use a blocking connection pool.
   - Change built-in CaseInsensitiveDict to use OrderedDict as its underlying
     datastore.
   - Don't use redirect_cache if allow_redirects=False.
   - When passed objects that throw exceptions from tell(), send them via
     chunked transfer encoding instead of failing.
   - Raise a ProxyError for proxy related connection issues.
   - The verify keyword argument now supports being passed a path to a
     directory of CA certificates, not just a single-file bundle.
   - Warnings are now emitted when sending files opened in text mode.
   - Added the 511 Network Authentication Required status code to the status
     code registry.
   - For file-like objects that are not seeked to the very beginning, we now
     send the content length for the number of bytes we will actually read,
     rather than the total size of the file, allowing partial file uploads.
   - When uploading file-like objects, if they are empty or have no obvious
     content length we set Transfer-Encoding: chunked rather than
     Content-Length: 0.
   - We correctly receive the response in buffered mode when uploading
     chunked bodies.
   - We now handle being passed a query string as a bytestring on Python 3,
     by decoding it as UTF-8.
   - Sessions are now closed in all cases (exceptional and not) when using
     the functional API rather than leaking and waiting for the garbage
     collector to clean them up.
   - Correctly handle digest auth headers with a malformed qop directive that
     contains no token, by treating it the same as if no qop directive was
     provided at all.
   - Minor performance improvements when removing specific cookies by name.


Patch Instructions:

   To install this SUSE Recommended Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Manager Tools 12:

      zypper in -t patch SUSE-SLE-Manager-Tools-12-2017-1126=1

   - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:

      zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-1126=1

   - SUSE Linux Enterprise Server 12-SP2:

      zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1126=1

   - SUSE Linux Enterprise Module for Public Cloud 12:

      zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2017-1126=1

   - SUSE Linux Enterprise Module for Advanced Systems Management 12:

      zypper in -t patch SUSE-SLE-Module-Adv-Systems-Management-12-2017-1126=1

   - SUSE Linux Enterprise High Availability 12-SP2:

      zypper in -t patch SUSE-SLE-HA-12-SP2-2017-1126=1

   - SUSE Linux Enterprise Desktop 12-SP2:

      zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-1126=1

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Manager Tools 12 (noarch):

      python-requests-2.11.1-6.20.1

   - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (noarch):

      python-requests-2.11.1-6.20.1

   - SUSE Linux Enterprise Server 12-SP2 (noarch):

      python-requests-2.11.1-6.20.1

   - SUSE Linux Enterprise Module for Public Cloud 12 (noarch):

      python-requests-2.11.1-6.20.1

   - SUSE Linux Enterprise Module for Advanced Systems Management 12 (noarch):

      python-requests-2.11.1-6.20.1

   - SUSE Linux Enterprise High Availability 12-SP2 (noarch):

      python-requests-2.11.1-6.20.1

   - SUSE Linux Enterprise Desktop 12-SP2 (noarch):

      python-requests-2.11.1-6.20.1


References:

   https://bugzilla.suse.com/967128

More information about the sle-updates mailing list