Ubuntu
requests package

Change logs for requests source package in Trusty

  1. Trusty (14.04)
  2. Change log 
  • requests (2.2.1-1ubuntu0.4) trusty-security; urgency=medium

  * SECURITY UPDATE: Creadentials through HTTP Authorization header
    - debian/patches/CVE-2018-18074.patch: fix in requests/sessions.py.
    - CVE-2018-18074

 -- <email address hidden> (Leonidas S. Barbosa)  Wed, 10 Oct 2018 13:24:54 -0300
  • requests (2.2.1-1ubuntu0.3) trusty-proposed; urgency=medium

  * SRU, update python3.4 for trusty. LP: #1433324.
  * Build a -whl package (setuptools is needed to build the wheel package).
 -- Matthias Klose <email address hidden>   Tue, 17 Mar 2015 23:40:09 +0100
  • requests (2.2.1-1ubuntu0.2) trusty-security; urgency=medium

  * SECURITY UPDATE: Session fixation and cookie stealing issue
    (LP: #1432555).
    - debian/patches/CVE-2015-2296.patch: extract cookies from the original
      request (which still has the host which returned the cookies)
    - CVE-2015-2296
 -- Daniel Watkins <email address hidden>   Mon, 16 Mar 2015 10:11:03 +0000
  • requests (2.2.1-1ubuntu0.1) trusty-security; urgency=medium

  * SECURITY UPDATE: Authorization header disclosure on redirect
    - debian/patches/CVE-2014-1829.patch: if redirected, strip
      authentication header in requests/sessions.py, add
      should_bypass_proxies() to requests/utils.py.
    - CVE-2014-1829
  * SECURITY UPDATE: Proxy-Authorization header disclosure on redirect
    - debian/patches/CVE-2014-1830.patch: also strip proxy headers in
      requests/sessions.py, added test to test_requests.py.
    - CVE-2014-1830
 -- Marc Deslauriers <email address hidden>   Tue, 30 Sep 2014 16:13:52 -0400
  • requests (2.2.1-1) unstable; urgency=medium


  * New upstream release
  * debian/control
    - Bumped Standards-Version to 3.9.5 (no changes needed)
  * debian/copyright
    - Updated copyright years
  * debian/patches/02_use-system-chardet-and-urllib3.patches
    - Refreshed

 -- Daniele Tricoli <email address hidden>  Mon, 27 Jan 2014 04:58:17 +0100
  • requests (2.0.0-1) unstable; urgency=low


  * New upstream release (Closes: #725784)
  * Switched to pybuild
  * debian/clean
    - Switched to debian/clean for cleaning instead of using debian/rules
  * debian/control
    - Bumped python(3)-urllib3 to (>=1.7.1)
  * debian/copyright
    - Updated copyright year
  * debian/patches/02_use-system-chardet-and-urllib3.patches
    - Refreshed
  * debian/watch
    - Switched download URL to https

 -- Daniele Tricoli <email address hidden>  Fri, 18 Oct 2013 19:20:21 +0200
  • requests (1.2.3-1) unstable; urgency=low


  * New upstream release (Closes: #712915) (LP: #1187429)
    - Thanks to Scott Moser for the report
  * debian/compat
    - Bumped debhelper compatibility level to 9
  * debian/control
    - Bumped debhelper B-D to (>= 9)
    - Temporarily bumped X-Python-Version to >= 2.7 to prevent FTBFS
      due to lack of python-urllib3 for Python 2.6
  * debian/patches/02_use-system-chardet-and-urllib3.patches
    - Refreshed

 -- Daniele Tricoli <email address hidden>  Fri, 21 Jun 2013 08:52:39 +0200