-
requests (2.9.1-3ubuntu0.1) xenial-security; urgency=medium
* SECURITY UPDATE: Creadentials through HTTP Authorization header
- debian/patches/CVE-2018-18074.patch: fix in requests/sessions.py,
test_requests.py.
- CVE-2018-18074
-- <email address hidden> (Leonidas S. Barbosa) Thu, 11 Oct 2018 10:30:18 -0300
-
requests (2.9.1-3) unstable; urgency=medium
* debian/control
- Remove python-requests-whl as it's no longer necessary.
- Remove python3-wheel from Build-Depends.
- Fix Vcs-Git URI.
- Bump Standards-Version to 3.9.7 (no changes needed).
- Bump X-Python3-Version to >= 3.3.
* debian/copyright
- Updated copyright years.
* debian/python-requests-whl.install
- Remove.
* debian/rules
- Remove override_dh_auto_install since we no longer need to
build the wheel package.
-- Daniele Tricoli <email address hidden> Fri, 12 Feb 2016 07:23:58 +0100
-
requests (2.9.1-2) unstable; urgency=medium
* debian/control
- Tweak fixed dependency on urllib3 1.13.1 to accommodate
packaging changes, as the version requirement is upstream version
only. Thanks James Page for report and patch. (Closes: #809485)
- Use HTTPS scheme for Vcs-Git.
-- Daniele Tricoli <email address hidden> Sun, 24 Jan 2016 21:12:17 +0100
-
requests (2.9.1-1ubuntu1) xenial; urgency=medium
* d/control: Tweak fixed dependency on urllib3 1.13.1 to accomodate
packaging changes, as the version requirement is upstream version
only.
-- James Page <email address hidden> Thu, 31 Dec 2015 07:52:30 +0000
-
requests (2.9.1-1) unstable; urgency=medium
* New upstream release.
* debian/control
- Bump python{,3}-urllib3 to = 1.13.1-1 both in Build-Depends and Depends.
Tighten urllib3 dependency is needed because, otherwise, any programs
depending to requests through pkgresources will fail. Thanks to Vincent
Bernat for the report.
* debian/patches/02_populate-install_requires.patch
- Refresh. (Closes: #809031)
-- Daniele Tricoli <email address hidden> Sun, 27 Dec 2015 13:14:02 +0100
-
requests (2.8.1-1) unstable; urgency=medium
* New upstream release. (Closes: #802760)
* debian/control
- Bump python{,3}-urllib3 to >= 1.12 both in Build-Depends and Depends.
* debian/patches/05_upstream_devendorize.patch
- Remove because included since version 2.8.0.
* debian/patches/02_populate-install_requires.patch
- Populate install_requires for unbundled packages to avoid breakage
updating urllib3 via pip when requests/urllib3 are already installed
via the system packages.
-- Daniele Tricoli <email address hidden> Sat, 24 Oct 2015 17:46:58 +0200
-
requests (2.7.0-3) unstable; urgency=medium
[ Barry Warsaw ]
* debian/patches:
- 02_use-system-chardet-and-urllib3.patch and
04_make-requests.packages.urllib3-same-as-urllib3.patch: Removed in
favor of upstream's pull request #2567
- 05_upstream_devendorize.patch: Upstream's pull request to better
support the devendorizing of urllib3 and chardet.
(Closes: #771349, #788383)
[ Daniele Tricoli ]
* debian/python{,3}-requests.pyremove
- Remove embedded copy of chardet and urllib3. Previously it was done by
02_use-system-chardet-and-urllib3.patch.
-- Daniele Tricoli <email address hidden> Thu, 11 Jun 2015 01:39:13 +0200