| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| 0001-Disable-hoverxref-and-notfound-Sphinx-extensions.patch | Disable hoverxref and notfound Sphinx extensions. | Andrey Rahmatullin <wrar@debian.org> | no | 2020-08-23 | ||
| CVE-2021-41125.patch | Add http_auth_domain to HttpAuthMiddleware. Fixes CVE-2021-41125 |
Andrey Rakhmatullin <wrar@wrar.name> | no | upstream, https://github.com/scrapy/scrapy/commit/b01d69a1bf48060daec8f751368622352d8b85a6 | 2019-08-16 | |
| CVE-2022-0577.patch | Merge pull request from GHSA-cjvr-mfj7-j4j8 * Do not carry over cookies to a different domain on redirect * Cover the cookie-domain redirect fix in the release notes * Cover 1.8.2 in the release notes * Fix redirect Cookie handling when the cookie middleware is disabled * Update the 1.8.2 release date Fixes CVE-2022-0577 |
=?utf-8?q?Adri=C3=A1n_Chaves?= <adrian@chaves.io> | no | debian | upstream, https://github.com/scrapy/scrapy/commit/8ce01b3b76d4634f55067d6cfdf632ec70ba304a | 2022-03-01 |