This update for python3-requests provides the following fix:
python-requests was updated to 2.20.1.
Update to version 2.20.1:
* Fixed bug with unintended Authorization header stripping for redirects using default ports (http/80, https/443).
Update to version 2.20.0:
* Bugfixes
+ Content-Type header parsing is now case-insensitive (e.g. charset=utf8 v Charset=utf8). + Fixed exception leak where certain redirect urls would raise uncaught urllib3 exceptions. + Requests removes Authorization header from requests redirected from https to http on the same hostname. (CVE-2018-18074) + should_bypass_proxies now handles URIs without hostnames (e.g. files).
Update to version 2.19.1:
* Fixed issue where status_codes.py’s init function failed trying to append to a __doc__ value of None.
Update to version 2.19.0:
* Improvements
+ Warn about possible slowdown with cryptography version < 1.3.4 + Check host in proxy URL, before forwarding request to adapter. + Maintain fragments properly across redirects. (RFC7231 7.1.2) + Removed use of cgi module to expedite library load time. + Added support for SHA-256 and SHA-512 digest auth algorithms. + Minor performance improvement to Request.content.
* Bugfixes
+ Parsing empty Link headers with parse_header_links() no longer return one bogus entry. + Fixed issue where loading the default certificate bundle from a zip archive would raise an IOError. + Fixed issue with unexpected ImportError on windows system which do not support winreg module. + DNS resolution in proxy bypass no longer includes the username and password in the request. This also fixes the issue of DNS queries failing on macOS. + Properly normalize adapter prefixes for url comparison. + Passing None as a file pointer to the files param no longer raises an exception. + Calling copy on a RequestsCookieJar will now preserve the cookie policy correctly.
Update to version 2.18.4:
* Improvements
+ Error messages for invalid headers now include the header name for easier debugging
Update to version 2.18.3:
* Improvements + Running $ python -m requests.help now includes the installed version of idna. * Bugfixes + Fixed issue where Requests would raise ConnectionError instead of SSLError when encountering SSL problems when using urllib3 v1.22.
- Add ca-certificates (and ca-certificates-mozilla) to dependencies, otherwise https connections will fail.
openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8