Now
MAIN commitmail json YAML
pkgsrc/www/py-notebook/ALTERNATIVES@1.3
/
diff
pkgsrc/www/py-notebook/Makefile@1.9 / diff
pkgsrc/www/py-notebook/PLIST@1.7 / diff
pkgsrc/www/py-notebook/distinfo@1.7 / diff
pkgsrc/www/py-notebook/Makefile@1.9 / diff
pkgsrc/www/py-notebook/PLIST@1.7 / diff
pkgsrc/www/py-notebook/distinfo@1.7 / diff
py-notebook: updated to 5.7.2
5.7.2
5.7.2 contains a security fix preventing malicious directory names
from being able to execute javascript. CVE request pending.
5.7.1
5.7.1 contains a security fix preventing nbconvert endpoints from executing javascript with access to the server API. CVE request pending.
5.7.0
New features:
- Update to CodeMirror to 5.37, which includes f-string sytax for Python 3.6
- Update jquery-ui to 1.12
- Check Host header to more securely protect localhost deployments from DNS rebinding.
This is a pre-emptive measure, not fixing a known vulnerability
Use .NotebookApp.allow_remote_access and .NotebookApp.local_hostnames to configure
access.
- Allow access-control-allow-headers to be overridden
- Allow configuring max_body_size and max_buffer_size
- Allow configuring get_secure_cookie keyword-args
- Respect nbconvert entrypoints as sources for exporters
- Include translation sources in source distributions
- Various improvements to documentation
Fixing problems:
- Fix breadcrumb link when running with a base url
- Fix possible type error when closing activity stream
- Disable metadata editing for non-editable cells
- Fix some styling and alignment of prompts caused by regressions in 5.6.0.
- Enter causing page reload in shortcuts editor
- Fix uploading to the same file twice
5.7.2
5.7.2 contains a security fix preventing malicious directory names
from being able to execute javascript. CVE request pending.
5.7.1
5.7.1 contains a security fix preventing nbconvert endpoints from executing javascript with access to the server API. CVE request pending.
5.7.0
New features:
- Update to CodeMirror to 5.37, which includes f-string sytax for Python 3.6
- Update jquery-ui to 1.12
- Check Host header to more securely protect localhost deployments from DNS rebinding.
This is a pre-emptive measure, not fixing a known vulnerability
Use .NotebookApp.allow_remote_access and .NotebookApp.local_hostnames to configure
access.
- Allow access-control-allow-headers to be overridden
- Allow configuring max_body_size and max_buffer_size
- Allow configuring get_secure_cookie keyword-args
- Respect nbconvert entrypoints as sources for exporters
- Include translation sources in source distributions
- Various improvements to documentation
Fixing problems:
- Fix breadcrumb link when running with a base url
- Fix possible type error when closing activity stream
- Disable metadata editing for non-editable cells
- Fix some styling and alignment of prompts caused by regressions in 5.6.0.
- Enter causing page reload in shortcuts editor
- Fix uploading to the same file twice