|
4 | 4 | Change history |
5 | 5 | ================ |
6 | 6 |
|
7 | | -No changes yet. |
| 7 | +.. _version-1.0.1: |
| 8 | + |
| 9 | +1.0.1 |
| 10 | +===== |
| 11 | +:release-date: 17 July, 2024 |
| 12 | +:release-by: Tomer Nosrati |
| 13 | + |
| 14 | +What's Changed |
| 15 | +============== |
| 16 | + |
| 17 | +Fixes & Changes |
| 18 | +--------------- |
| 19 | + |
| 20 | +- Cleanup: pytest-celery[all]==1.0.0b4 -> pytest-celery[all]==1.0.0 (#330) |
| 21 | +- Fixed hybrid_setup example build error with legacy.Dockerfile (#331) |
| 22 | +- Fix typos (#339) |
| 23 | +- Prepare for release: v1.0.1 (#351) |
| 24 | +- Added changelog for v1.0.1 (#350) |
| 25 | + |
| 26 | +Security Fixes |
| 27 | +-------------- |
| 28 | + |
| 29 | +- `CVE-2024-39689 <https://github.com/advisories/GHSA-248v-346w-9cwc>`_: Certifi removes GLOBALTRUST root certificate |
| 30 | +- `CVE-2024-3651 <https://github.com/advisories/GHSA-jjg7-2v4v-x38h>`_: Internationalized Domain Names in Applications (IDNA) vulnerable to denial of service from specially crafted inputs to idna.encode |
| 31 | +- `CVE-2024-34064 <https://github.com/advisories/GHSA-h75v-3vvj-5mfj>`_: Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter |
| 32 | +- `GHSA-753j-mpmx-qq6g <https://github.com/advisories/GHSA-753j-mpmx-qq6g>`_: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') in tornado |
| 33 | +- `GHSA-w235-7p84-xx57 <https://github.com/advisories/GHSA-w235-7p84-xx57>`_: Tornado has a CRLF injection in CurlAsyncHTTPClient headers |
| 34 | +- `CVE-2024-37891 <https://github.com/advisories/GHSA-34jh-p97f-mpxf>`_: urllib3's Proxy-Authorization request header isn't stripped during cross-origin redirects |
| 35 | +- `CVE-2024-5569 <https://github.com/advisories/GHSA-jfmj-5v4g-7637>`_: zipp Denial of Service vulnerability |
| 36 | +- `CVE-2024-35195 <https://github.com/advisories/GHSA-9wx4-h78v-vm56>`_: Requests Session object does not verify requests after making first request with verify=False |
| 37 | + |
| 38 | +Dependencies Updates |
| 39 | +-------------------- |
| 40 | + |
| 41 | +- Build(deps-dev): Bump black from 24.3.0 to 24.4.0 (#289) |
| 42 | +- Build(deps): Bump setuptools from 69.2.0 to 69.5.1 (#290) |
| 43 | +- Build(deps-dev): Bump types-redis from 4.6.0.20240409 to 4.6.0.20240417 (#292) |
| 44 | +- Build(deps): Bump celery from 5.3.6 to 5.4.0 (#293) |
| 45 | +- Build(deps-dev): Bump types-redis from 4.6.0.20240417 to 4.6.0.20240423 (#295) |
| 46 | +- Build(deps-dev): Bump coverage from 7.4.4 to 7.5.0 (#296) |
| 47 | +- Build(deps-dev): Bump mypy from 1.9.0 to 1.10.0 (#298) |
| 48 | +- Build(deps-dev): Bump black from 24.4.0 to 24.4.1 (#299) |
| 49 | +- Build(deps-dev): Bump types-redis from 4.6.0.20240423 to 4.6.0.20240425 (#300) |
| 50 | +- Build(deps): Bump redis from 5.0.3 to 5.0.4 (#297) |
| 51 | +- Build(deps-dev): Bump black from 24.4.1 to 24.4.2 (#301) |
| 52 | +- Build(deps-dev): Bump pytest from 8.1.1 to 8.2.0 (#302) |
| 53 | +- Build(deps-dev): Bump pytest-xdist from 3.5.0 to 3.6.1 (#303) |
| 54 | +- Build(deps-dev): Bump coverage from 7.5.0 to 7.5.1 (#306) |
| 55 | +- Build(deps-dev): Bump sphinx-click from 5.1.0 to 6.0.0 (#308) |
| 56 | +- Build(deps-dev): Bump pytest from 8.2.0 to 8.2.1 (#309) |
| 57 | +- Revert "Build(deps-dev): Bump pytest from 8.2.0 to 8.2.1" (#310) |
| 58 | +- Pinned requests to v2.31.0 due to docker-py bug #3256 (#313) |
| 59 | +- Build(deps-dev): Bump pytest from 8.2.0 to 8.2.1 (#311) |
| 60 | +- Build(deps): Bump setuptools from 69.5.1 to 70.0.0 (#312) |
| 61 | +- Build(deps): Bump docker from 7.0.0 to 7.1.0 (#315) |
| 62 | +- Fixed docker-py & requests issue (#316) |
| 63 | +- Build(deps-dev): Bump coverage from 7.5.1 to 7.5.2 (#317) |
| 64 | +- Build(deps-dev): Bump coverage from 7.5.2 to 7.5.3 (#319) |
| 65 | +- Build(deps-dev): Bump pytest from 8.2.1 to 8.2.2 (#320) |
| 66 | +- Build(deps): Bump redis from 5.0.4 to 5.0.5 (#321) |
| 67 | +- Build(deps): Bump redis from 5.0.5 to 5.0.6 (#323) |
| 68 | +- Build(deps): Bump psutil from 5.9.8 to 6.0.0 (#325) |
| 69 | +- Build(deps): Bump setuptools from 70.0.0 to 70.1.0 (#327) |
| 70 | +- Build(deps-dev): Bump coverage from 7.5.3 to 7.5.4 (#328) |
| 71 | +- Build(deps-dev): Bump mypy from 1.10.0 to 1.10.1 (#329) |
| 72 | +- Build(deps): Bump setuptools from 70.1.0 to 70.1.1 (#332) |
| 73 | +- Build(deps): Bump debugpy from 1.8.1 to 1.8.2 (#333) |
| 74 | +- Build(deps): Bump redis from 5.0.6 to 5.0.7 (#334) |
| 75 | +- Build(deps): Bump setuptools from 70.1.1 to 70.2.0 (#336) |
| 76 | +- Build(deps): Bump certifi from 2024.2.2 to 2024.7.4 (#337) |
| 77 | +- Build(deps-dev): Bump pytest-subtests from 0.12.1 to 0.13.0 (#338) |
| 78 | +- Build(deps): Bump setuptools from 70.2.0 to 70.3.0 (#340) |
| 79 | +- Build(deps-dev): Bump coverage from 7.5.4 to 7.6.0 (#341) |
| 80 | +- Changed "retry" dependency to "tenacity" (#342) |
| 81 | +- Build(deps): Bump idna from 3.6 to 3.7 (#343) |
| 82 | +- Build(deps-dev): Bump jinja2 from 3.1.3 to 3.1.4 (#344) |
| 83 | +- Build(deps-dev): Bump tornado from 6.4 to 6.4.1 (#345) |
| 84 | +- Build(deps): Bump urllib3 from 2.2.1 to 2.2.2 (#346) |
| 85 | +- Build(deps-dev): Bump zipp from 3.18.0 to 3.19.1 (#347) |
| 86 | +- Bumping Dependencies (#348) |
| 87 | +- Build(deps-dev): Bump pytest-subtests from 0.13.0 to 0.13.1 (#349) |
0 commit comments