Revisions of saltbundlepy-cryptography

Yeray Gutiérrez Cedrés's avatar Yeray Gutiérrez Cedrés (ygutierrez) accepted request 1196241 from Victor Zhestkov's avatar Victor Zhestkov (vizhestkov) (revision 12)
- Fix the definitions of RSA_get0_key, EVP_MD_CTX_new,
  EVP_MD_CTX_free and X509_NAME_ENTRY_set to prevent segfaults
  on running Salt Testsuite with old OpenSSL versions.
- Modified:
  * fix-build-with-old-ssl.patch
Yeray Gutiérrez Cedrés's avatar Yeray Gutiérrez Cedrés (ygutierrez) accepted request 1193875 from Victor Zhestkov's avatar Victor Zhestkov (vizhestkov) (revision 11)
- Make patch for missing ERR_GET_... definitions more flexible
  for different OpenSSL versions
- Add simple test into %check section to check if the definitions
  are in place on building the package
- Modified:
  * definitions-ERR_GET.patch
Pablo Suárez Hernández's avatar Pablo Suárez Hernández (PSuarezHernandez) accepted request 1190515 from Victor Zhestkov's avatar Victor Zhestkov (vizhestkov) (revision 10)
- Apply fips-mode.patch and definitions-ERR_GET.patch on
  Ubuntu 24.04 and fix the condition in advance for future products
Pablo Suárez Hernández's avatar Pablo Suárez Hernández (PSuarezHernandez) accepted request 1175445 from Victor Zhestkov's avatar Victor Zhestkov (vizhestkov) (revision 9)
- Apply fips-mode.patch and definitions-ERR_GET.patch on SL Micro 6.0
  and other new SUSE clients.
Pablo Suárez Hernández's avatar Pablo Suárez Hernández (PSuarezHernandez) accepted request 1101948 from Victor Zhestkov's avatar Victor Zhestkov (vizhestkov) (revision 7)
- Adding missing file reference:
  * saltbundlepy-cryptography.keyring
Alexander Graul's avatar Alexander Graul (agraul) accepted request 1081260 from Pablo Suárez Hernández's avatar Pablo Suárez Hernández (PSuarezHernandez) (revision 6)
- Add patch CVE-2023-23931-dont-allow-update-into.patch (bsc#1208036, CVE-2023-23931)
  * Don't allow update_into to mutate immutable objects
Pablo Suárez Hernández's avatar Pablo Suárez Hernández (PSuarezHernandez) accepted request 991245 from Victor Zhestkov's avatar Victor Zhestkov (vzhestkov) (revision 5)
- update to 3.3.2 (bsc#1182066, CVE-2020-36242, bsc#1198331):
  * SECURITY ISSUE: Fixed a bug where certain sequences of update()
    calls when symmetrically encrypting very large payloads (>2GB) could
    result in an integer overflow, leading to buffer overflows.
    CVE-2020-36242
  - drops CVE-2020-36242-buffer-overflow.patch on older dists
- update to 3.3.1:
  * Re-added a legacy symbol causing problems for older ``pyOpenSSL`` use 
- update to 3.3.0
  - BACKWARDS INCOMPATIBLE: Support for Python 3.5 has been removed
    due to low usage and maintenance burden.
  - BACKWARDS INCOMPATIBLE: The GCM and AESGCM now require 64-bit
    to 1024-bit (8 byte to 128 byte) initialization vectors. This
    change is to conform with an upcoming OpenSSL release that will
    no longer support sizes outside this window.
  - BACKWARDS INCOMPATIBLE: When deserializing asymmetric keys we
    now raise ValueError rather than UnsupportedAlgorithm when an
    unsupported cipher is used. This change is to conform with an
    upcoming OpenSSL release that will no longer distinguish
    between error types.
  - BACKWARDS INCOMPATIBLE: We no longer allow loading of finite
    field Diffie-Hellman parameters of less than 512 bits in
    length. This change is to conform with an upcoming OpenSSL
    release that no longer supports smaller sizes. These keys were
    already wildly insecure and should not have been used in any
    application outside of testing.
  - Updated Windows, macOS, and manylinux wheels to be compiled
    with OpenSSL 1.1.1i.
  - Python 2 support is deprecated in cryptography. This is the
    last release that will support Python 2.
Victor Zhestkov's avatar Victor Zhestkov (vzhestkov) accepted request 988367 from Victor Zhestkov's avatar Victor Zhestkov (vzhestkov) (revision 4)
- Drop support for older LibreSSL for RH 9 and higher based distros
Pablo Suárez Hernández's avatar Pablo Suárez Hernández (PSuarezHernandez) accepted request 980317 from Victor Zhestkov's avatar Victor Zhestkov (vzhestkov) (revision 3)
- Drop support for older LibreSSL for Ubuntu 22.04
- Added:
  * drop-older-libressl.patch
Alexander Graul's avatar Alexander Graul (agraul) committed (revision 2)
osc copypac from project:systemsmanagement:saltstack:bundle:next package:saltbundlepy-cryptography revision:7
Pablo Suárez Hernández's avatar Pablo Suárez Hernández (PSuarezHernandez) committed (revision 1)
osc copypac from project:systemsmanagement:saltstack:bundle package:saltbundlepy-cryptography revision:5
Displaying all 12 revisions
openSUSE Build Service is sponsored by