Recommended update for python-requests

SUSE Recommended Update: Recommended update for python-requests
Announcement ID: SUSE-RU-2017:2296-1
Rating: low
References: #967128
Affected Products:
  • SUSE Linux Enterprise Server 12-SP3
  • SUSE Linux Enterprise High Availability 12-SP3
  • SUSE Linux Enterprise Desktop 12-SP3

  • An update that has one recommended fix can now be installed.


    This update provides python-requests 2.11.1, which brings many fixes and

    - Strip Content-Type and Transfer-Encoding headers from the header block
    when following a redirect that transforms the verb from POST/PUT to GET.
    - Added support for the ALL_PROXY environment variable.
    - Reject header values that contain leading whitespace or newline
    characters to reduce risk
    of header smuggling.
    - Fixed occasional TypeError when attempting to decode a JSON response
    that occurred in an error case. Now correctly returns a ValueError.
    - Requests would incorrectly ignore a non-CIDR IP address in the NO_PROXY
    environment variables: Requests now treats it as a specific IP.
    - Fixed a bug when sending JSON data that could cause us to encounter
    obscure OpenSSL errors in certain network conditions.
    - Added type checks to ensure that iter_content only accepts integers and
    None for chunk sizes.
    - Fixed issue where responses whose body had not been fully consumed would
    have the underlying connection closed but not returned to the connection
    pool, which could cause Requests to hang in situations where the
    HTTPAdapter had been configured to use a blocking connection pool.
    - Change built-in CaseInsensitiveDict to use OrderedDict as its underlying
    - Don't use redirect_cache if allow_redirects=False.
    - When passed objects that throw exceptions from tell(), send them via
    chunked transfer encoding instead of failing.
    - Raise a ProxyError for proxy related connection issues.
    - The verify keyword argument now supports being passed a path to a
    directory of CA certificates, not just a single-file bundle.
    - Warnings are now emitted when sending files opened in text mode.
    - Added the 511 Network Authentication Required status code to the status
    code registry.
    - For file-like objects that are not seeked to the very beginning, we now
    send the content length for the number of bytes we will actually read,
    rather than the total size of the file, allowing partial file uploads.
    - When uploading file-like objects, if they are empty or have no obvious
    content length we set Transfer-Encoding: chunked rather than
    Content-Length: 0.
    - We correctly receive the response in buffered mode when uploading
    chunked bodies.
    - We now handle being passed a query string as a bytestring on Python 3,
    by decoding it as UTF-8.
    - Sessions are now closed in all cases (exceptional and not) when using
    the functional API rather than leaking and waiting for the garbage
    collector to clean them up.
    - Correctly handle digest auth headers with a malformed qop directive that
    contains no token, by treating it the same as if no qop directive was
    provided at all.
    - Minor performance improvements when removing specific cookies by name.

    Patch Instructions:

    To install this SUSE Recommended Update use YaST online_update.
    Alternatively you can run the command listed for your product:

    • SUSE Linux Enterprise Server 12-SP3:
      zypper in -t patch SUSE-SLE-SERVER-12-SP3-2017-1412=1
    • SUSE Linux Enterprise High Availability 12-SP3:
      zypper in -t patch SUSE-SLE-HA-12-SP3-2017-1412=1
    • SUSE Linux Enterprise Desktop 12-SP3:
      zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2017-1412=1

    To bring your system up-to-date, use "zypper patch".

    Package List:

    • SUSE Linux Enterprise Server 12-SP3 (noarch):
      • python-requests-2.11.1-6.22.1
    • SUSE Linux Enterprise High Availability 12-SP3 (noarch):
      • python-requests-2.11.1-6.22.1
    • SUSE Linux Enterprise Desktop 12-SP3 (noarch):
      • python-requests-2.11.1-6.22.1