87 lines
3.6 KiB
Plaintext
87 lines
3.6 KiB
Plaintext
-------------------------------------------------------------------
|
|
Mon Jun 3 07:38:00 UTC 2024 - Daniel Garcia <daniel.garcia@suse.com>
|
|
|
|
- Update CVE-2024-33664.patch with upstream
|
|
https://github.com/mpdavis/python-jose/pull/352
|
|
bsc#1223422
|
|
|
|
-------------------------------------------------------------------
|
|
Tue May 7 09:58:08 UTC 2024 - Daniel Garcia <daniel.garcia@suse.com>
|
|
|
|
- Make python-pycryptodome dependency only required for Factory.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon May 6 07:11:18 UTC 2024 - Daniel Garcia <daniel.garcia@suse.com>
|
|
|
|
- Add upstream patches:
|
|
* CVE-2024-33663.patch, bsc#1223417, gh#mpdavis/python-jose#349
|
|
* CVE-2024-33664.patch, bsc#1223422, gh#mpdavis/python-jose#345
|
|
* fix-tests-ecdsa-019.patch, gh#mpdavis/python-jose#350
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jun 13 12:18:28 UTC 2023 - ecsos <ecsos@opensuse.org>
|
|
|
|
- Add %{?sle15_python_module_pythons}
|
|
|
|
-------------------------------------------------------------------
|
|
Sun May 29 19:45:02 UTC 2022 - Ben Greiner <code@bnavigator.de>
|
|
|
|
- Update to 3.3.0
|
|
* Remove support for python 2.7 & 3.5
|
|
* Add support for Python 3.9
|
|
* Remove PyCrypto backend
|
|
* Fix deprecation warning from cryptography backend
|
|
- Add rpm subpackages for the extra backend selection. The missing
|
|
requires were only discovered because other packages started to
|
|
fail.
|
|
* setup.py and README still mention pycrypto and pycryptodome, but
|
|
it was removed from the code.
|
|
* Test in flavors
|
|
- Refresh unpin-deps.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Aug 5 12:58:25 UTC 2020 - Marketa Calabkova <mcalabkova@suse.com>
|
|
|
|
- Update to 3.2.0
|
|
* This will be the last release supporting Python 2.7, 3.5, and the PyCrypto
|
|
backend.
|
|
* Use hmac.compare_digest instead of our own constant_time_string_compare #163
|
|
* Fix `to_dict` output, which should always be JSON encodeable. #139 and #165
|
|
(fixes #127 and #137)
|
|
* Require setuptools >= 39.2.0 #167 (fixes #161)
|
|
* Emit a warning when verifying with a private key #168 (fixes #53 and #142)
|
|
* Avoid loading python-ecdsa when using the cryptography backend, and pinned
|
|
python-ecdsa dependency to <0.15 #178
|
|
- Rebase patch unpin-deps.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Mar 10 09:47:42 UTC 2020 - Tomáš Chvátal <tchvatal@suse.com>
|
|
|
|
- Update to 3.1.0:
|
|
* Improve JWT.decode() #76 (fixes #75)
|
|
* ort headers when serializing to allow for headless JWT #136 (fixes #80)
|
|
* djust dependency handling
|
|
* se PyCryptodome instead of PyCrypto #83
|
|
* pdate package dependencies #124 (fixes #158)
|
|
* void using deprecated methods #85
|
|
* upport X509 certificates #107
|
|
* solate and flesh out cryptographic backends to enable independent operation #129 (fixes #114)
|
|
* emove pyca/cryptography backend's dependency on python-ecdsa #117
|
|
* Remove pycrypto/dome backends' dependency on python-rsa #121
|
|
* Make pyca/cryptography backend the preferred backend if multiple backends are present #122
|
|
- Rebase patch unpin-deps.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Apr 11 05:11:28 UTC 2019 - John Vandenberg <jayvdb@gmail.com>
|
|
|
|
- Activate test suite, using GitHub archive
|
|
- Add unpin-deps.patch to fix broken installed egg-info,
|
|
and remove unused dependency on python-future
|
|
- Remove undesirable < comparator in build and runtime dependencies,
|
|
and remove duplicated dependencies
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Nov 15 00:12:07 UTC 2018 - Todd R <toddrme2178@gmail.com>
|
|
|
|
- Initial version
|