This notably fixes a security issue, CVE-2020-27197.
Version 1.1.118:
* #247 [CVE-2020-27197] Avoid SSRF on parsing XML (@orsinium)
Version 1.1.117:
* #244 SSL Verify Server not working correctly (@motok) (@nschwane)
* #245 Unicode lxml.etree.SerialisationError on lxml 4.5.0+ (@advptr)
Version 1.1.116:
* #240 PY3 Compatibility changes for HTTP Response Body (@nschwane)
Version 1.1.115:
* #239 Convert the HTTP response body to a string type (PY3 this will be bytes) (@sddj)
Version 1.1.114:
* #237 Support converting dicts to content bindings (@danielsamuels)
* #238 Provide XMLParser copies instead of reusing the cached instance. Prevents future messages to lose namespace
Version 1.1.113:
* #234 Add ability to load a configuration file when executing a script
* #232 Fix TLS handshake failure when a server requires SNI (@marcelslotema)
Version 1.1.112:
* #227 Fixes to poll_client script (Python3 compatibility)
* #226 Clean-up documentation warnings
* #228 Fix 'HTTPMessage' has no attribute 'getheader' (Python3 compatibility)
* #225 Fix checks that involve xpath (lxml) to prevent FutureWarning message
* #230 Fix parsing status message round-trip (@danielsamuels)
Thanks leot@ and pkgsrc's security team for the heads up!
Pull-up to be requested.
bd93b9d914