------------------------------------------------------------------- Mon Jun 3 07:38:00 UTC 2024 - Daniel Garcia - Update CVE-2024-33664.patch with upstream https://github.com/mpdavis/python-jose/pull/352 bsc#1223422 ------------------------------------------------------------------- Tue May 7 09:58:08 UTC 2024 - Daniel Garcia - Make python-pycryptodome dependency only required for Factory. ------------------------------------------------------------------- Mon May 6 07:11:18 UTC 2024 - Daniel Garcia - Add upstream patches: * CVE-2024-33663.patch, bsc#1223417, gh#mpdavis/python-jose#349 * CVE-2024-33664.patch, bsc#1223422, gh#mpdavis/python-jose#345 * fix-tests-ecdsa-019.patch, gh#mpdavis/python-jose#350 ------------------------------------------------------------------- Tue Jun 13 12:18:28 UTC 2023 - ecsos - Add %{?sle15_python_module_pythons} ------------------------------------------------------------------- Sun May 29 19:45:02 UTC 2022 - Ben Greiner - Update to 3.3.0 * Remove support for python 2.7 & 3.5 * Add support for Python 3.9 * Remove PyCrypto backend * Fix deprecation warning from cryptography backend - Add rpm subpackages for the extra backend selection. The missing requires were only discovered because other packages started to fail. * setup.py and README still mention pycrypto and pycryptodome, but it was removed from the code. * Test in flavors - Refresh unpin-deps.patch ------------------------------------------------------------------- Wed Aug 5 12:58:25 UTC 2020 - Marketa Calabkova - Update to 3.2.0 * This will be the last release supporting Python 2.7, 3.5, and the PyCrypto backend. * Use hmac.compare_digest instead of our own constant_time_string_compare #163 * Fix `to_dict` output, which should always be JSON encodeable. #139 and #165 (fixes #127 and #137) * Require setuptools >= 39.2.0 #167 (fixes #161) * Emit a warning when verifying with a private key #168 (fixes #53 and #142) * Avoid loading python-ecdsa when using the cryptography backend, and pinned python-ecdsa dependency to <0.15 #178 - Rebase patch unpin-deps.patch ------------------------------------------------------------------- Tue Mar 10 09:47:42 UTC 2020 - Tomáš Chvátal - Update to 3.1.0: * Improve JWT.decode() #76 (fixes #75) * ort headers when serializing to allow for headless JWT #136 (fixes #80) * djust dependency handling * se PyCryptodome instead of PyCrypto #83 * pdate package dependencies #124 (fixes #158) * void using deprecated methods #85 * upport X509 certificates #107 * solate and flesh out cryptographic backends to enable independent operation #129 (fixes #114) * emove pyca/cryptography backend's dependency on python-ecdsa #117 * Remove pycrypto/dome backends' dependency on python-rsa #121 * Make pyca/cryptography backend the preferred backend if multiple backends are present #122 - Rebase patch unpin-deps.patch ------------------------------------------------------------------- Thu Apr 11 05:11:28 UTC 2019 - John Vandenberg - Activate test suite, using GitHub archive - Add unpin-deps.patch to fix broken installed egg-info, and remove unused dependency on python-future - Remove undesirable < comparator in build and runtime dependencies, and remove duplicated dependencies ------------------------------------------------------------------- Thu Nov 15 00:12:07 UTC 2018 - Todd R - Initial version