openSUSE Build Service

Overview Repositories Revisions Requests Users Attributes Meta

Revisions of python-cryptography

Dominique Leuenberger (dimstar_suse) accepted request 1222847 from

Matej Cepl (mcepl) 16 days ago (revision 97)

Ana Guerrero (anag+factory) accepted request 1221413 from

Markéta Machová (mcalabkova) 19 days ago (revision 96)

Ana Guerrero (anag+factory) accepted request 1217043 from

Dirk Mueller (dirkmueller) about 1 month ago (revision 95)

- update to 43.0.3:
  * Fixed release metadata for cryptography-vectors
  * Fixed compilation when using LibreSSL 4.0.0.

Ana Guerrero (anag+factory) accepted request 1204397 from

Dirk Mueller (dirkmueller) about 2 months ago (revision 94)

- update to 43.0.1:
  * Updated Windows, macOS, and Linux wheels to be compiled with
    OpenSSL 3.3.2.

Ana Guerrero (anag+factory) accepted request 1201401 from

Markéta Machová (mcalabkova) 2 months ago (revision 93)

Dominique Leuenberger (dimstar_suse) accepted request 1193532 from

Matej Cepl (mcepl) 3 months ago (revision 92)

- Fix building optimized binaries with debuginfo.

- Update building of Rust modules to use modern cargo_vendor
  service
- Remove unneeded use-offline-build.patch

Dominique Leuenberger (dimstar_suse) accepted request 1189786 from

Dirk Mueller (dirkmueller) 4 months ago (revision 91)

- update to 43.0.0:
  * BACKWARDS INCOMPATIBLE: Support for OpenSSL less than 1.1.1e
    has been removed.  Users on older version of OpenSSL will
    need to upgrade.
  * BACKWARDS INCOMPATIBLE: Dropped support for LibreSSL < 3.8.
  * Updated Windows, macOS, and Linux wheels to be compiled with
    OpenSSL 3.3.1.
  * Updated the minimum supported Rust version (MSRV) to 1.65.0,
    from 1.63.0.
  * :func:`~cryptography.hazmat.primitives.asymmetric.rsa.generat
    e_private_key` now enforces a minimum RSA key size of
    1024-bit. Note that 1024-bit is still considered insecure,
    users should generally use a key size of 2048-bits.
  * :func:`~cryptography.hazmat.primitives.serialization.pkcs7.se
    rialize_certificates` now emits ASN.1 that more closely
    follows the recommendations in RFC 2315.
  * Added new :doc:`/hazmat/decrepit/index` module which contains
    outdated and insecure cryptographic primitives. :class:`~cryp
    tography.hazmat.primitives.ciphers.algorithms.CAST5`, :class:
    `~cryptography.hazmat.primitives.ciphers.algorithms.SEED`, :c
    lass:`~cryptography.hazmat.primitives.ciphers.algorithms.IDEA
    `, and :class:`~cryptography.hazmat.primitives.ciphers.algori
    thms.Blowfish`, which were deprecated in 37.0.0, have been
    added to this module. They will be removed from the cipher
    module in 45.0.0.
  * Moved :class:`~cryptography.hazmat.primitives.ciphers.algorit
    hms.TripleDES` and :class:`~cryptography.hazmat.primitives.ci
    phers.algorithms.ARC4` into :doc:`/hazmat/decrepit/index` and
    deprecated them in the cipher module. They will be removed
    from the cipher module in 48.0.0.

Ana Guerrero (anag+factory) accepted request 1179508 from

Dirk Mueller (dirkmueller) 6 months ago (revision 90)

- update to 42.0.8:
  * Updated Windows, macOS, and Linux wheels to be compiled with
    OpenSSL 3.2.2.

Ana Guerrero (anag+factory) accepted request 1174053 from

Factory Maintainer (factory-maintainer) 6 months ago (revision 89)

Automatic submission by obs-autosubmit

Dominique Leuenberger (dimstar_suse) accepted request 1172344 from

Dirk Mueller (dirkmueller) 7 months ago (revision 88)

- update to 42.0.6:
  * Fixed compilation when using LibreSSL 3.9.1.

Ana Guerrero (anag+factory) accepted request 1164122 from

Dirk Mueller (dirkmueller) 8 months ago (revision 87)

- update to 42.0.5:
  * Limit the number of name constraint checks that will be
    performed in :mod:`X.509 path validation
    <cryptography.x509.verification>` to protect against denial
    of service attacks.
  * Upgrade pyo3 version, which fixes building on PowerPC.

Ana Guerrero (anag+factory) accepted request 1149625 from

Daniel Garcia (dgarcia) 9 months ago (revision 86)

- update to 42.0.4 (bsc#1220210, CVE-2024-26130):
  * Fixed a null-pointer-dereference and segfault that could occur
    when creating a PKCS#12 bundle. Credit to Alexander-Programming
    for reporting the issue. CVE-2024-26130
  * Fixed ASN.1 encoding for PKCS7/SMIME signed messages. The fields
    SMIMECapabilities and SignatureAlgorithmIdentifier should now be
    correctly encoded according to the definitions in :rfc:2633
    :rfc:3370.
- update to 42.0.3:
  * Fixed an initialization issue that caused key loading failures for some
    users.
- Drop patch skip_openssl_memleak_test.patch not needed anymore.

Ana Guerrero (anag+factory) accepted request 1129560 from

Dirk Mueller (dirkmueller) 12 months ago (revision 85)

- update to 41.0.7 (CVE-2023-49083, bsc#1217592):
  * Fixed compilation when using LibreSSL 3.8.2.
  * Fixed a null-pointer-dereference and segfault that could
    occur when loading certificates from a PKCS#7 bundle.
    Credit to **pkuzco** for reporting the issue. **CVE-2023-49083**

Ana Guerrero (anag+factory) accepted request 1124982 from

Dirk Mueller (dirkmueller) about 1 year ago (revision 84)

- update to 41.0.5:
  * Updated Windows, macOS, and Linux wheels to be compiled with
    OpenSSL 3.1.4.
  * Added a function to support an upcoming ``pyOpenSSL``
    release.

    parameters in X.509 certificates, which are
  * Fixed error when using py2app to build an application with a cryptography dependency.
  * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 1.1.1n.
- split tests in a multibuild variant to optimize rebuild time a bit
  * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 1.1.1m.
- drop disable-RustExtension.patch: building rust extension now
  * Re-added a legacy symbol causing problems for older ``pyOpenSSL`` use
    signature.
  * wheels compiled with OpenSSL 1.1.1h.
    - Removed support for calling public_bytes() with no arguments, as per
  * BACKWARDS INCOMPATIBLE:
    Removedcryptography.hazmat.primitives.asymmetric.utils.encode_rfc6979_signature
    andcryptography.hazmat.primitives.asymmetric.utils.decode_rfc6979_signature,
    which had been deprecated for nearly 4 years. Use encode_dss_signature()
  * BACKWARDS INCOMPATIBLE: Removed cryptography.x509.Certificate.serial, which
  * Add support for easily mapping an object identifier to its elliptic curve
  * Add support for OpenSSL when compiled with the no-engine
  * BACKWARDS INCOMPATIBLE: U-label strings were deprecated in version 2.1,
    but this version removes the default idna dependency as well. If you still
    need this deprecated path please install cryptography with the idna extra:
  * Numerous classes and functions have been updated to allow bytes-like
    types for keying material and passwords, including symmetric algorithms,
  * Added rfc4514_string() method to x509.Name,
    x509.RelativeDistinguishedName, and x509.NameAttribute to format the name

Ana Guerrero (anag+factory) accepted request 1115782 from

Dirk Mueller (dirkmueller) about 1 year ago (revision 83)

- update to 41.0.4:
  * ~~~~~~~~~~~~~~~~~~~
  * Updated Windows, macOS, and Linux wheels to be compiled with
    OpenSSL 3.1.3.
  * .. _v41-0-3:

Ana Guerrero (anag+factory) accepted request 1109339 from

Dirk Mueller (dirkmueller) about 1 year ago (revision 82)

- Update to 39.0.1 (bsc#1208036, CVE-2023-23931):
  * drops CVE-2023-23931-dont-allow-update-into.patch in older dists

Dominique Leuenberger (dimstar_suse) accepted request 1102868 from

Dirk Mueller (dirkmueller) over 1 year ago (revision 81)

- update to 41.0.3:
  * Fixed performance regression loading DH public keys.
  * Fixed a memory leak when using
  * :class:`~cryptography.hazmat.primitives.ciphers.aead.ChaCha20
    Poly1305`.

Ana Guerrero (anag+factory) accepted request 1100618 from

Factory Maintainer (factory-maintainer) over 1 year ago (revision 80)

Automatic submission by obs-autosubmit

Dominique Leuenberger (dimstar_suse) accepted request 1098185 from

Dirk Mueller (dirkmueller) over 1 year ago (revision 79)

- update to 41.0.2:
  * Fixed bugs in creating and parsing SSH certificates where
    critical options with values were handled incorrectly.
    Certificates are now created correctly and parsing accepts
    correct values as well as the previously generated
    invalid forms with a warning. In the next release, support
    for parsing these invalid forms will be removed.

- remove patch remove_python_3_6_deprecation_warning.patch as the
  warning was already removed upstream

- Add no-pytest_benchmark.patch, which remove dependency on
  pytest-benchmark and coveralls (We don't need no benchmarking
  and coverage measurement; bsc#1213005).

Dominique Leuenberger (dimstar_suse) accepted request 1095411 from

Daniel Garcia (dgarcia) over 1 year ago (revision 78)

- update to 41.0.1 (bsc#1212568):
  * Temporarily allow invalid ECDSA signature algorithm
    parameters in X.509 certificates, which are 
    generated by older versions of Java.
  * Allow null bytes in pass phrases when serializing private
    keys.
  * **BACKWARDS INCOMPATIBLE:** Support for OpenSSL less than
    1.1.1d has been removed.  Users on older version of
    OpenSSL will need to upgrade.
  * **BACKWARDS INCOMPATIBLE:** Support for Python 3.6 has been
    removed.
  * **BACKWARDS INCOMPATIBLE:** Dropped support for LibreSSL <
    3.6.
  * Updated the minimum supported Rust version (MSRV) to 1.56.0,
    from 1.48.0.
  * Added support for the
    :class:`~cryptography.x509.OCSPAcceptableResponses`
    OCSP extension.
  * Added support for the
    :class:`~cryptography.x509.MSCertificateTemplate`
    proprietary Microsoft certificate extension.
  * Implemented support for equality checks on all asymmetric
    public key types.
  * Added support for ``aes256-gcm@openssh.com`` encrypted keys
    in :func:`~cryptography.hazmat.primitives.serialization.load_ssh
    _private_key`.
  * Added support for obtaining X.509 certificate signature
    algorithm parameters (including PSS)

Displaying revisions 1 - 20 of 97

Places

Revisions of python-cryptography

Places