commit python-mistune for openSUSE:Factory

Source-Sync Mon, 03 Jan 2022 01:49:08 -0800

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package python-mistune for openSUSE:Factory 
checked in at 2022-01-03 10:48:51
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-mistune (Old)
 and      /work/SRC/openSUSE:Factory/.python-mistune.new.1896 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "python-mistune"

Mon Jan  3 10:48:51 2022 rev:11 rq:943348 version:2.0.1

Changes:
--------
--- /work/SRC/openSUSE:Factory/python-mistune/python-mistune.changes    
2021-12-28 12:26:15.716467812 +0100
+++ /work/SRC/openSUSE:Factory/.python-mistune.new.1896/python-mistune.changes  
2022-01-03 10:48:54.775568809 +0100
@@ -1,0 +2,6 @@
+Fri Dec 31 17:09:33 UTC 2021 - Ben Greiner <c...@bnavigator.de>
+
+- Update to 2.0.1
+  * Fix XSS for image link syntax.
+
+-------------------------------------------------------------------

Old:
----
  mistune-2.0.0.tar.gz

New:
----
  mistune-2.0.1.tar.gz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ python-mistune.spec ++++++
--- /var/tmp/diff_new_pack.ipLlEH/_old  2022-01-03 10:48:55.299569011 +0100
+++ /var/tmp/diff_new_pack.ipLlEH/_new  2022-01-03 10:48:55.303569012 +0100
@@ -1,5 +1,5 @@
 #
-# spec file for package python-mistune
+# spec file
 #
 # Copyright (c) 2021 SUSE LLC
 #
@@ -20,7 +20,7 @@
 %define modname mistune
 %define skip_python2 1
 Name:           python-%{modname}
-Version:        2.0.0
+Version:        2.0.1
 Release:        0
 Summary:        Python Markdown parser with renderers and plugins
 License:        BSD-3-Clause

++++++ mistune-2.0.0.tar.gz -> mistune-2.0.1.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/mistune-2.0.0/README.md new/mistune-2.0.1/README.md
--- old/mistune-2.0.0/README.md 2021-12-05 09:12:24.000000000 +0100
+++ new/mistune-2.0.1/README.md 2021-12-30 11:35:05.000000000 +0100
@@ -29,10 +29,10 @@
 
 ## Install
 
-To install v2 of mistune:
+To install mistune:
 
 ```
-$ pip install mistune==2.0.0rc1
+$ pip install mistune
 ```
 
 ## Overview
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/mistune-2.0.0/docs/changes.rst 
new/mistune-2.0.1/docs/changes.rst
--- old/mistune-2.0.0/docs/changes.rst  2021-12-05 09:12:24.000000000 +0100
+++ new/mistune-2.0.1/docs/changes.rst  2021-12-30 11:35:05.000000000 +0100
@@ -3,6 +3,13 @@
 
 Here is the full history of mistune v2.
 
+Version 2.0.1
+~~~~~~~~~~~~~
+
+Released on Dec 30, 2021
+
+XSS fix for image link syntax.
+
 Version 2.0.0
 ~~~~~~~~~~~~~
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/mistune-2.0.0/mistune/__init__.py 
new/mistune-2.0.1/mistune/__init__.py
--- old/mistune-2.0.0/mistune/__init__.py       2021-12-05 09:12:24.000000000 
+0100
+++ new/mistune-2.0.1/mistune/__init__.py       2021-12-30 11:35:05.000000000 
+0100
@@ -60,4 +60,4 @@
     'html', 'create_markdown', 'markdown',
 ]
 
-__version__ = '2.0.0rc2'
+__version__ = '2.0.1'
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/mistune-2.0.0/mistune/inline_parser.py 
new/mistune-2.0.1/mistune/inline_parser.py
--- old/mistune-2.0.0/mistune/inline_parser.py  2021-12-05 09:12:24.000000000 
+0100
+++ new/mistune-2.0.1/mistune/inline_parser.py  2021-12-30 11:35:05.000000000 
+0100
@@ -138,7 +138,7 @@
             title = ESCAPE_CHAR.sub(r'\1', title[1:-1])
 
         if line[0] == '!':
-            return 'image', link, text, title
+            return 'image', escape_url(link), text, title
 
         return self.tokenize_link(line, link, text, title, state)
 
@@ -156,7 +156,7 @@
             title = ESCAPE_CHAR.sub(r'\1', title)
 
         if line[0] == '!':
-            return 'image', link, text, title
+            return 'image', escape_url(link), text, title
 
         return self.tokenize_link(line, link, text, title, state)
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/mistune-2.0.0/pyproject.toml 
new/mistune-2.0.1/pyproject.toml
--- old/mistune-2.0.0/pyproject.toml    2021-12-05 09:12:24.000000000 +0100
+++ new/mistune-2.0.1/pyproject.toml    2021-12-30 11:35:05.000000000 +0100
@@ -1,2 +1,3 @@
 [build-system]
 requires = [ "setuptools", "wheel" ]
+build-backend = "setuptools.build_meta"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/mistune-2.0.0/setup.cfg new/mistune-2.0.1/setup.cfg
--- old/mistune-2.0.0/setup.cfg 2021-12-05 09:12:24.000000000 +0100
+++ new/mistune-2.0.1/setup.cfg 2021-12-30 11:35:05.000000000 +0100
@@ -1,6 +1,6 @@
 [metadata]
 name = mistune
-version = 2.0.0
+version = 2.0.1
 author = Hsiaoming Yang
 author_email = m...@lepture.com
 license = BSD 3-Clause License

commit python-mistune for openSUSE:Factory

Reply via email to