Security fix for CVE-2023-47627
https://pagure.io/fesco/issue/3106
https://github.com/aio-libs/aiohttp/blob/v3.8.6/CHANGES.rst#386-2023-10-07
llhttp
to v9.1.3: https://github.com/aio-libs/aiohttp/security/advisories/GHSA-pjjw-qhg8-p2p9fallback_charset_resolver
parameter in ClientSession
to allow a user-supplied character set detection function. Character set detection will no longer be included in 3.9 as a default. If this feature is needed, please use fallback_charset_resolver
.PermissionError
when .netrc
is unreadable due to permissions.\n
.GunicornWebWorker
max_requests_jitter not working.filter_cookies
to use cookie with longest path.BadStatusLine
messages from llhttp
.Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:
sudo dnf upgrade --refresh --advisory=FEDORA-2023-5130a73b00
Please login to add feedback.
This update's test gating status has been changed to 'waiting'.
This update has been submitted for testing by bodhi.
This update's test gating status has been changed to 'ignored'.
This update has been pushed to testing.
no regressions noted
This update can be pushed to stable now if the maintainer wishes
This update has been submitted for stable by bodhi.
This update has been pushed to stable.