-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 20 May 2022 16:11:00 -0400 Source: python-scrapy Architecture: source Version: 2.4.1-2+deb11u1 Distribution: bullseye Urgency: medium Maintainer: Debian Python Team <team+python@tracker.debian.org> Changed-By: Stefano Rivera <stefanor@debian.org> Closes: 1008234 Changes: python-scrapy (2.4.1-2+deb11u1) bullseye; urgency=medium . * Team upload. * Security fix for CVE-2021-41125: Don't send authentication data with all requests. Provide a http_auth_domain spider attribute to control which domains are allowed to receive the configured HTTP authentication credentials. * Security Fix CVE-2022-0577: Don't expose cookies cross-domain when redirected. (Closes: #1008234) Checksums-Sha1: 5957f93c49364e68e7e243440b8920353e243e4d 2079 python-scrapy_2.4.1-2+deb11u1.dsc c1790964cebe6579aa6eba4945e6268141112025 12392 python-scrapy_2.4.1-2+deb11u1.debian.tar.xz 066aa46316d611cabe53dd8575de7352ca207752 5883 python-scrapy_2.4.1-2+deb11u1_source.buildinfo Checksums-Sha256: 8c9b345575927a829f8f65b1a03118de9de8f89b0489991699b88471d40ddf14 2079 python-scrapy_2.4.1-2+deb11u1.dsc 5e9eecdffe80d641537dffb7b46e02f2e06452fdbe9f65778a5c394f4a02b9d1 12392 python-scrapy_2.4.1-2+deb11u1.debian.tar.xz 435427868aa21c97a7c778e5d33df1f3ab2b2b84f7f2fc1a6fafa8461258f028 5883 python-scrapy_2.4.1-2+deb11u1_source.buildinfo Files: 46e1fbf6fa0bc97ba93f4cccfbfef10f 2079 python optional python-scrapy_2.4.1-2+deb11u1.dsc 0456d7806dc64f56edc1dbf9cb114071 12392 python optional python-scrapy_2.4.1-2+deb11u1.debian.tar.xz d73d685f195f6961728f26fd89353410 5883 python optional python-scrapy_2.4.1-2+deb11u1_source.buildinfo -----BEGIN PGP SIGNATURE----- iIoEARYKADIWIQTumtb5BSD6EfafSCRHew2wJjpU2AUCYof2ERQcc3RlZmFub3JA ZGViaWFuLm9yZwAKCRBHew2wJjpU2FkqAP0TGJay7ksBCuUSnOe8pFD/yv8zxX16 D5RAFrq+BIN3wAD8CPjCN3MJl1nfrSI8mofoCOOl4JFOHFpA8KyZ+KPXdAw= =wInu -----END PGP SIGNATURE-----