Sync from SUSE:SLFO:Main python-cryptography revision 6fc21b13b166c01e15dbff57091c8b70
This commit is contained in:
@@ -1,3 +1,148 @@
|
||||
-------------------------------------------------------------------
|
||||
Tue Oct 22 13:26:21 UTC 2024 - Dirk Müller <dmueller@suse.com>
|
||||
|
||||
- update to 43.0.3:
|
||||
* Fixed release metadata for cryptography-vectors
|
||||
* Fixed compilation when using LibreSSL 4.0.0.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sat Sep 28 19:45:04 UTC 2024 - Dirk Müller <dmueller@suse.com>
|
||||
|
||||
- update to 43.0.1:
|
||||
* Updated Windows, macOS, and Linux wheels to be compiled with
|
||||
OpenSSL 3.3.2.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sun Sep 15 08:51:52 UTC 2024 - Andreas Schneider <asn@cryptomilk.org>
|
||||
|
||||
- Fix building on SLE based distributions
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Aug 12 20:36:00 UTC 2024 - Matej Cepl <mcepl@cepl.eu>
|
||||
|
||||
- Fix building optimized binaries with debuginfo.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 31 21:45:43 UTC 2024 - Matej Cepl <mcepl@cepl.eu>
|
||||
|
||||
- Update building of Rust modules to use modern cargo_vendor
|
||||
service
|
||||
- Remove unneeded use-offline-build.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Jul 26 10:33:45 UTC 2024 - Dirk Müller <dmueller@suse.com>
|
||||
|
||||
- update to 43.0.0:
|
||||
* BACKWARDS INCOMPATIBLE: Support for OpenSSL less than 1.1.1e
|
||||
has been removed. Users on older version of OpenSSL will
|
||||
need to upgrade.
|
||||
* BACKWARDS INCOMPATIBLE: Dropped support for LibreSSL < 3.8.
|
||||
* Updated Windows, macOS, and Linux wheels to be compiled with
|
||||
OpenSSL 3.3.1.
|
||||
* Updated the minimum supported Rust version (MSRV) to 1.65.0,
|
||||
from 1.63.0.
|
||||
* :func:`~cryptography.hazmat.primitives.asymmetric.rsa.generat
|
||||
e_private_key` now enforces a minimum RSA key size of
|
||||
1024-bit. Note that 1024-bit is still considered insecure,
|
||||
users should generally use a key size of 2048-bits.
|
||||
* :func:`~cryptography.hazmat.primitives.serialization.pkcs7.se
|
||||
rialize_certificates` now emits ASN.1 that more closely
|
||||
follows the recommendations in RFC 2315.
|
||||
* Added new :doc:`/hazmat/decrepit/index` module which contains
|
||||
outdated and insecure cryptographic primitives. :class:`~cryp
|
||||
tography.hazmat.primitives.ciphers.algorithms.CAST5`, :class:
|
||||
`~cryptography.hazmat.primitives.ciphers.algorithms.SEED`, :c
|
||||
lass:`~cryptography.hazmat.primitives.ciphers.algorithms.IDEA
|
||||
`, and :class:`~cryptography.hazmat.primitives.ciphers.algori
|
||||
thms.Blowfish`, which were deprecated in 37.0.0, have been
|
||||
added to this module. They will be removed from the cipher
|
||||
module in 45.0.0.
|
||||
* Moved :class:`~cryptography.hazmat.primitives.ciphers.algorit
|
||||
hms.TripleDES` and :class:`~cryptography.hazmat.primitives.ci
|
||||
phers.algorithms.ARC4` into :doc:`/hazmat/decrepit/index` and
|
||||
deprecated them in the cipher module. They will be removed
|
||||
from the cipher module in 48.0.0.
|
||||
* Added support for deterministic
|
||||
:class:`~cryptography.hazmat.primitives.asymmetric.ec.ECDSA`
|
||||
(RFC 6979)
|
||||
* Added support for client certificate verification to the
|
||||
:mod:`X.509 path validation <cryptography.x509.verification>`
|
||||
APIs in the form of
|
||||
:class:`~cryptography.x509.verification.ClientVerifier`,
|
||||
:class:`~cryptography.x509.verification.VerifiedClient`, and
|
||||
PolicyBuilder :meth:`~cryptography.x509.verification.PolicyBu
|
||||
ilder.build_client_verifier`.
|
||||
* Added Certificate :attr:`~cryptography.x509.Certificate.publi
|
||||
c_key_algorithm_oid` and Certificate Signing Request :attr:`~
|
||||
cryptography.x509.CertificateSigningRequest.public_key_algori
|
||||
thm_oid` to determine the
|
||||
:class:`~cryptography.hazmat._oid.PublicKeyAlgorithmOID`
|
||||
Object Identifier of the public key found inside the
|
||||
certificate.
|
||||
* Added :attr:`~cryptography.x509.InvalidityDate.invalidity_dat
|
||||
e_utc`, a timezone-aware alternative to the naïve datetime
|
||||
attribute
|
||||
:attr:`~cryptography.x509.InvalidityDate.invalidity_date`.
|
||||
* Added support for parsing empty DN string in
|
||||
:meth:`~cryptography.x509.Name.from_rfc4514_string`.
|
||||
* Added the following properties that return timezone-aware
|
||||
datetime objects:
|
||||
:meth:`~cryptography.x509.ocsp.OCSPResponse.produced_at_utc`,
|
||||
:meth:`~cryptography.x509.ocsp.OCSPResponse.revocation_time_u
|
||||
tc`,
|
||||
:meth:`~cryptography.x509.ocsp.OCSPResponse.this_update_utc`,
|
||||
:meth:`~cryptography.x509.ocsp.OCSPResponse.next_update_utc`,
|
||||
:meth:`~cryptography.x509.ocsp.OCSPSingleResponse.revocation_
|
||||
time_utc`, :meth:`~cryptography.x509.ocsp.OCSPSingleResponse.
|
||||
this_update_utc`, :meth:`~cryptography.x509.ocsp.OCSPSingleRe
|
||||
sponse.next_update_utc`, These are timezone-aware variants of
|
||||
existing properties that return naïve datetime objects.
|
||||
* Added :func:`~cryptography.hazmat.primitives.asymmetric.rsa.r
|
||||
sa_recover_private_exponent`
|
||||
* Added :meth:`~cryptography.hazmat.primitives.ciphers.CipherCo
|
||||
ntext.reset_nonce` for altering the nonce of a cipher context
|
||||
without initializing a new instance. See the docs for
|
||||
additional restrictions.
|
||||
* :class:`~cryptography.x509.NameAttribute` now raises an
|
||||
exception when attempting to create a common name whose
|
||||
length is shorter or longer than RFC 5280 permits.
|
||||
* Added basic support for PKCS7 encryption (including SMIME)
|
||||
via :class:`~cryptography.hazmat.primitives.serialization.pkc
|
||||
s7.PKCS7EnvelopeBuilder`.
|
||||
- add use-offline-build.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sat Jun 8 12:04:15 UTC 2024 - Dirk Müller <dmueller@suse.com>
|
||||
|
||||
- update to 42.0.8:
|
||||
* Updated Windows, macOS, and Linux wheels to be compiled with
|
||||
OpenSSL 3.2.2.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue May 7 16:14:05 UTC 2024 - Dirk Müller <dmueller@suse.com>
|
||||
|
||||
- update to 42.0.7:
|
||||
* Restored Windows 7 compatibility for our pre-built wheels.
|
||||
Note that we do not test on Windows 7 and wheels for our next
|
||||
release will not support it. Microsoft no longer provides
|
||||
support for Windows 7 and users are encouraged to upgrade.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue May 7 07:34:43 UTC 2024 - Dirk Müller <dmueller@suse.com>
|
||||
|
||||
- update to 42.0.6:
|
||||
* Fixed compilation when using LibreSSL 3.9.1.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Apr 2 13:19:19 UTC 2024 - Dirk Müller <dmueller@suse.com>
|
||||
|
||||
- update to 42.0.5:
|
||||
* Limit the number of name constraint checks that will be
|
||||
performed in :mod:`X.509 path validation
|
||||
<cryptography.x509.verification>` to protect against denial
|
||||
of service attacks.
|
||||
* Upgrade pyo3 version, which fixes building on PowerPC.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Feb 22 17:10:39 UTC 2024 - Daniel Garcia <daniel.garcia@suse.com>
|
||||
|
||||
|
||||
Reference in New Issue
Block a user