search

PaloAltoNetworks / minemeld-core

Engine of MineMeld
Apache License 2.0
141 stars 95 forks source link

Bump libtaxii from 1.1.107 to 1.1.118 #388

Open dependabot[bot] opened 3 years ago

dependabot[bot] commented 3 years ago

Bumps libtaxii from 1.1.107 to 1.1.118.

Release notes

Sourced from libtaxii's releases.

Version 1.1.118

This release includes the following changes:

#247 [CVE-2020-27197] Avoid SSRF on parsing XML (@​orsinium)

Version 1.1.117

This release includes the following changes:

Version 1.1.116

This release includes the following changes:

Version 1.1.115

This release includes the following changes:

  • #239 Convert the HTTP response body to a string type (PY3 this will be bytes) (@​sddj)

Version 1.1.114

This release includes the following changes:

  • #237 Support converting dicts to content bindings (@​danielsamuels)
  • #238 Provide XMLParser copies instead of reusing the cached instance. Prevents future messages to lose namespace

Version 1.1.113

This release includes the following changes:

  • #234 Add ability to load a configuration file when executing a script
  • #232 Fix TLS handshake failure when a server requires SNI (@​marcelslotema)

Version 1.1.112

This release includes the following changes:

  • #227 Fixes to poll_client script (Python3 compatibility)
  • #226 Clean-up documentation warnings
  • #228 Fix 'HTTPMessage' has no attribute 'getheader' (Python3 compatibility)
  • #225 Fix checks that involve xpath (lxml) to prevent FutureWarning message
  • #230 Fix parsing status message round-trip (@​danielsamuels)

Version 1.1.111

  • Fix #222, #224 - Update clients.py to work with Python 2.6, 3.3, 3.5, and 3.6.
  • Fix #221 - Add Python 3.6 support.
  • Fix #219 - Handle Unicode- and byte-strings consistently.
  • Fix #214 - Add timeout parameter to call_taxii_service2 (@​mbekavac)
  • Fix #192 - Add support for STIX 1.2.
  • Add user_agent parameter to call_taxii_service2 (@​kralka)

... (truncated)

Changelog

Sourced from libtaxii's changelog.

1.1.118 (2020-10-19)

(diff) <https://github.com/TAXIIProject/libtaxii/compare/1.1.117...1.1.118>__

1.1.117 (2020-05-26)

(diff) <https://github.com/TAXIIProject/libtaxii/compare/1.1.116...1.1.117>__

1.1.116 (2020-02-14)

(diff) <https://github.com/TAXIIProject/libtaxii/compare/1.1.115...1.1.116>__

1.1.115 (2019-11-12)

(diff) <https://github.com/TAXIIProject/libtaxii/compare/1.1.114...1.1.115>__

  • #239 Convert the HTTP response body to a string type (PY3 this will be bytes) (@​sddj)

1.1.114 (2019-07-26)

(diff) <https://github.com/TAXIIProject/libtaxii/compare/1.1.113...1.1.114>__

  • #237 Support converting dicts to content bindings (@​danielsamuels)
  • #238 Provide XMLParser copies instead of reusing the cached instance. Prevents future messages to lose namespace

1.1.113 (2019-04-11)

(diff) <https://github.com/TAXIIProject/libtaxii/compare/1.1.112...1.1.113>__

  • #234 Add ability to load a configuration file when executing a script
  • #232 Fix TLS handshake failure when a server requires SNI (@​marcelslotema)

1.1.112 (2018-11-27)

(diff) <https://github.com/TAXIIProject/libtaxii/compare/1.1.111...1.1.112>__

  • #227 Fixes to poll_client script (Python3 compatibility)

... (truncated)

Commits
  • 12367f7 Bump version: 1.1.117 → 1.1.118
  • 1b5ee6c update release notes for 1.1.118
  • 23c6f7b Merge pull request #247 from orsinium-forks/fix-ssrf
  • 587d180 provide a few simple tests
  • d207cc2 check if no protocol specified
  • 3c980ed use from_string if no URL allowed
  • e8918f0 avoid loading files in some cases
  • c8e9c9b Bump version: 1.1.116 → 1.1.117
  • 22b3491 update release notes for 1.1.117
  • c553627 Merge pull request #245 from emmanvg/243-unicode-serialisation
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/PaloAltoNetworks/minemeld-core/network/alerts).