- update to 40.0.1:

* Support for Python 3.6 is deprecated and will be removed in the next release. * Deprecated the current minimum supported Rust version (MSRV) of 1.48.0. In the next release we will raise MSRV to 1.56.0. Users with the latest ``pip`` will typically get a wheel and not need Rust installed * Deprecated support for OpenSSL less than 1.1.1d. The next release of ``cryptography`` will drop support for older versions. * Deprecated support for DSA keys in :func:`~cryptography.hazmat.primitives.serialization.load_s sh_public_key` and :func:`~cryptography.hazmat.primitives.serialization.load_s sh_private_key`. * Deprecated support for OpenSSH serialization in :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAP ublicKey` and :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAP rivateKey`. * Added support for parsing SSH certificates in addition to public keys with :func:`~cryptography.hazmat.primitives.serialization.load_s sh_public_identity`. :func:`~cryptography.hazmat.primitives.serialization.load_s sh_public_key` continues to support only public keys. * Added support for generating SSH certificates with :class:`~cryptography.hazmat.primitives.serialization.SSHCe rtificateBuilder`. OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=176
2023-03-26 19:59:51 +00:00 · 2023-03-26 19:59:51 +00:00 · d31ee80686
commit d31ee80686
parent 6b5cf01ce1
7 changed files with 66 additions and 13 deletions
--- a/2
+++ b/2
@ -1,7 +1,7 @@
 <services>
  <service name="download_files" mode="disabled"/>
  <service name="cargo_vendor" mode="disabled">
-    <param name="srcdir">cryptography-39.0.0/src/rust</param>
+    <param name="srcdir">cryptography-40.0.1/src/rust</param>
    <param name="compression">zst</param>
  </service>
  <service name="cargo_audit" mode="disabled">
--- a/cryptography-39.0.2.tar.gz
+++ b/cryptography-39.0.2.tar.gz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:bc5b871e977c8ee5a1bbc42fa8d19bcc08baf0c51cbf1586b0e87a2694dde42f
-size 604277
--- a/cryptography-40.0.1.tar.gz
+++ b/cryptography-40.0.1.tar.gz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:2803f2f8b1e95f614419926c7e6f55d828afc614ca5ed61543877ae668cc3472
+size 624978
--- a/python-cryptography.changes
+++ b/python-cryptography.changes
@ -1,3 +1,51 @@
+-------------------------------------------------------------------
+Sun Mar 26 19:56:32 UTC 2023 - Dirk Müller <dmueller@suse.com>
+
+- update to 40.0.1:
+  * Support for Python 3.6 is deprecated and will be removed in
+    the next release.
+  * Deprecated the current minimum supported Rust version (MSRV)
+    of 1.48.0. In the next release we will raise MSRV to 1.56.0.
+    Users with the latest ``pip`` will typically get a wheel
+    and not need Rust installed
+  * Deprecated support for OpenSSL less than 1.1.1d. The next
+    release of ``cryptography`` will drop support for older versions.
+  * Deprecated support for DSA keys in
+    :func:`~cryptography.hazmat.primitives.serialization.load_s
+    sh_public_key`
+    and
+    :func:`~cryptography.hazmat.primitives.serialization.load_s
+    sh_private_key`.
+  * Deprecated support for OpenSSH serialization in
+    :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAP
+    ublicKey`
+    and
+    :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAP
+    rivateKey`.
+  * Added support for parsing SSH certificates in addition to
+    public keys with
+    :func:`~cryptography.hazmat.primitives.serialization.load_s
+    sh_public_identity`.
+    :func:`~cryptography.hazmat.primitives.serialization.load_s
+    sh_public_key` continues to support only public keys.
+  * Added support for generating SSH certificates with
+    :class:`~cryptography.hazmat.primitives.serialization.SSHCe
+    rtificateBuilder`.
+  * Added :meth:`~cryptography.x509.Certificate.verify_directly_i
+    ssued_by` to
+   :class:`~cryptography.x509.Certificate`.
+  * Added a check to :class:`~cryptography.x509.NameConstraints`
+    to ensure that :class:`~cryptography.x509.DNSName` constraints
+    do not contain any ``*`` wildcards.
+  * Removed many unused CFFI OpenSSL bindings. This will not
+    impact you unless you are using ``cryptography`` to directly
+    invoke OpenSSL's C API. Note that
+    these have never been considered a stable, supported,
+    public API by ``cryptography``, this note is included as a courtesy.
+  * The X.509 builder classes now raise ``UnsupportedAlgorithm``
+    instead of ``ValueError`` if an unsupported hash algorithm is passed.
+  * Added public union type aliases for type hinting
+
 -------------------------------------------------------------------
 Tue Mar  7 07:34:20 UTC 2023 - Dirk Müller <dmueller@suse.com>

--- a/python-cryptography.spec
+++ b/python-cryptography.spec
@ -28,7 +28,7 @@
 %bcond_with test
 %endif
 Name:           python-cryptography%{psuffix}
-Version:        39.0.2
+Version:        40.0.1
 Release:        0
 Summary:        Python library which exposes cryptographic recipes and primitives
 License:        Apache-2.0 OR BSD-3-Clause
--- a/skip_openssl_memleak_test.patch
+++ b/skip_openssl_memleak_test.patch
@ -2,19 +2,24 @@
 tests/hazmat/backends/test_openssl_memleak.py |    7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

--- a/tests/hazmat/backends/test_openssl_memleak.py
-+++ b/tests/hazmat/backends/test_openssl_memleak.py
-@@ -174,10 +174,9 @@ def assert_no_memory_leaks(s, argv=[]):
+Index: cryptography-40.0.1/tests/hazmat/backends/test_openssl_memleak.py
+===================================================================
+--- cryptography-40.0.1.orig/tests/hazmat/backends/test_openssl_memleak.py
+++ cryptography-40.0.1/tests/hazmat/backends/test_openssl_memleak.py
+@@ -204,12 +204,10 @@ def assert_no_memory_leaks(s, argv=[]):
 
 
 def skip_if_memtesting_not_supported():
 -    return pytest.mark.skipif(
-        not Binding().lib.Cryptography_HAS_MEM_FUNCTIONS,
-        reason="Requires OpenSSL memory functions (>=1.1.0)",
+-        not Binding().lib.Cryptography_HAS_MEM_FUNCTIONS
+-        or platform.python_implementation() == "PyPy",
+-        reason="Requires OpenSSL memory functions (>=1.1.0) and not PyPy",
 -    )
+-
 +    return pytest.mark.skip(
 +        reason="Our FIPS openssl startup code invokes CRYPTO_malloc() which prevents later debugging via CRYPTO_set_mem_functions()"
 +     )
- 
+ 
 
 @pytest.mark.skip_fips(reason="FIPS self-test sets allow_customize = 0")
+ @skip_if_memtesting_not_supported()
--- a/vendor.tar.zst
+++ b/vendor.tar.zst
@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:496dc7babba9bf44823e5380db97c8777653e3586d0e7b55f9fb1595376d3b4e
-size 8109468
+oid sha256:d71248f9e02ecfa211ee0ddc44ade4d776844d0e6d3fc7d6a122433bdc731b95
+size 22460854