Change logs for requests source package in Oracular

requests (2.31.0+dfsg-1ubuntu3) oracular; urgency=medium

  * SECURITY REGRESSION: the security fix introduced regressions in other
    packages, such as docker, and the upstream release containing this fix
    was yanked.
    - debian/patches/CVE-2024-35195.patch: removed pending a better fix.

 -- Marc Deslauriers <email address hidden>  Wed, 22 May 2024 09:02:24 -0400

requests (2.31.0+dfsg-1ubuntu2) oracular; urgency=medium

  * SECURITY UPDATE: cert validation still disabled after first request
    - debian/patches/CVE-2024-35195.patch: use TLS settings in selecting
      connection pool in requests/adapters.py, tests/test_requests.py,
      tox.ini.
    - CVE-2024-35195

 -- Marc Deslauriers <email address hidden>  Tue, 21 May 2024 12:58:35 -0400

requests (2.31.0+dfsg-1ubuntu1) mantic; urgency=medium

  * Merge with Debian unstable (LP: #2018104). Remaining changes:
    - d/p/remove-charset-normalizer-dependency.patch: Remove charset-normalizer
      as a dependency of requests (LP #1975541)
  * Dropped changes:
    - d/p/CVE-2023-32681.patch: Unintended leak of Proxy-Authorization header
    [Fixed upstream in 2.31.0]
    - d/p/0002-Fix-tests-with-HTTP-proxy.patch: Fix autopkgtest when
      http_proxy, https_proxy or no_proxy variable is set (LP #1974182)
    [Fixed in 2.31.0+dfsg-1]

 -- Lena Voytek <email address hidden>  Tue, 25 Jul 2023 14:54:56 -0700