Accepting request 1007100 from devel:languages:python

- update to 38.0.1: * Fixed parsing TLVs in ASN.1 with length greater than 65535 bytes (typically seen in large CRLs). * Final deprecation of OpenSSL 1.1.0. The next release of ``cryptography`` will drop support. * We no longer ship ``manylinux2010`` wheels. Users should upgrade to the latest ``pip`` to ensure this doesn't cause issues downloading wheels on their platform. We now ship ``manylinux_2_28`` wheels for users on new enough platforms. * Updated the minimum supported Rust version (MSRV) to 1.48.0, from 1.41.0. Users with the latest ``pip`` will typically get a wheel and not need Rust installed, but check :doc:`/installation` for documentation on installing a newer ``rustc`` if required. * :meth:`~cryptography.fernet.Fernet.decrypt` and related methods now accept both ``str`` and ``bytes`` tokens. * Parsing ``CertificateSigningRequest`` restores the behavior of enforcing that the ``Extension`` ``critical`` field must be correctly encoded DER. See `the issue <https://github.com/pyca/cryptography/issues/6368>`_ for complete details. * Added two new OpenSSL functions to the bindings to support an upcoming ``pyOpenSSL`` release. * When parsing :class:`~cryptography.x509.CertificateRevocationList` and :class:`~cryptography.x509.CertificateSigningRequest` values, it is now enforced that the ``version`` value in the input must be valid according to the rules of :rfc:`2986` and :rfc:`5280`. * Using MD5 or SHA1 in :class:`~cryptography.x509.CertificateBuilder` and other X.509 builders is deprecated and support will be removed in the next version. * Added additional APIs to :class:`~cryptography.x509.certificate_transparency.SignedCertificateTimestamp`, including OBS-URL: https://build.opensuse.org/request/show/1007100 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-cryptography?expand=0&rev=67
2022-10-03 11:44:15 +00:00 · 2022-10-03 11:44:15 +00:00 · e235e33b0f
commit e235e33b0f
parent 4e28de4a81 7c43eed0a5
6 changed files with 68 additions and 7 deletions
--- a/3
+++ b/3
@ -1,7 +1,8 @@
 <services>
  <service name="download_files" mode="disabled"/>
  <service name="cargo_vendor" mode="disabled">
-    <param name="srcdir">cryptography-37.0.4/src/rust</param>
+    <param name="srcdir">cryptography-38.0.1/src/rust</param>
+    <param name="compression">zst</param>
  </service>
  <service name="cargo_audit" mode="disabled">
  </service>
--- a/cryptography-37.0.4.tar.gz
+++ b/cryptography-37.0.4.tar.gz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:63f9c17c0e2474ccbebc9302ce2f07b55b3b3fcb211ded18a42d5764f5c10a82
-size 585913
--- a/cryptography-38.0.1.tar.gz
+++ b/cryptography-38.0.1.tar.gz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:1db3d807a14931fa317f96435695d9ec386be7b84b618cc61cfa5d08b0ae33d7
+size 599412
--- a/python-cryptography.changes
+++ b/python-cryptography.changes
@ -1,3 +1,63 @@
+-------------------------------------------------------------------
+Thu Sep 29 19:42:06 UTC 2022 - Dirk Müller <dmueller@suse.com>
+
+- update to 38.0.1:
+  * Fixed parsing TLVs in ASN.1 with length greater than 65535 bytes (typically
+    seen in large CRLs).
+  * Final deprecation of OpenSSL 1.1.0. The next release of ``cryptography``
+    will drop support.
+  * We no longer ship ``manylinux2010`` wheels. Users should upgrade to the
+    latest ``pip`` to ensure this doesn't cause issues downloading wheels on
+    their platform. We now ship ``manylinux_2_28`` wheels for users on new
+    enough platforms.
+  * Updated the minimum supported Rust version (MSRV) to 1.48.0, from 1.41.0.
+    Users with the latest ``pip`` will typically get a wheel and not need Rust
+    installed, but check :doc:`/installation` for documentation on installing a
+    newer ``rustc`` if required.
+  * :meth:`~cryptography.fernet.Fernet.decrypt` and related methods now accept
+    both ``str`` and ``bytes`` tokens.
+  * Parsing ``CertificateSigningRequest`` restores the behavior of enforcing
+    that the ``Extension`` ``critical`` field must be correctly encoded DER. See
+    `the issue <https://github.com/pyca/cryptography/issues/6368>`_ for complete
+    details.
+  * Added two new OpenSSL functions to the bindings to support an upcoming
+    ``pyOpenSSL`` release.
+  * When parsing :class:`~cryptography.x509.CertificateRevocationList` and
+    :class:`~cryptography.x509.CertificateSigningRequest` values, it is now
+    enforced that the ``version`` value in the input must be valid according to
+    the rules of :rfc:`2986` and :rfc:`5280`.
+  * Using MD5 or SHA1 in :class:`~cryptography.x509.CertificateBuilder` and
+    other X.509 builders is deprecated and support will be removed in the next
+    version.
+  * Added additional APIs to
+    :class:`~cryptography.x509.certificate_transparency.SignedCertificateTimestamp`, including
+    :attr:`~cryptography.x509.certificate_transparency.SignedCertificateTimestamp.signature_hash_algorithm`,
+    :attr:`~cryptography.x509.certificate_transparency.SignedCertificateTimestamp.signature_algorithm`,
+    :attr:`~cryptography.x509.certificate_transparency.SignedCertificateTimestamp.signature`, and
+    :attr:`~cryptography.x509.certificate_transparency.SignedCertificateTimestamp.extension_bytes`.
+  * Added :attr:`~cryptography.x509.Certificate.tbs_precertificate_bytes`, allowing
+    users to access the to-be-signed pre-certificate data needed for signed
+    certificate timestamp verification.
+  * :class:`~cryptography.hazmat.primitives.kdf.kbkdf.KBKDFHMAC` and
+    :class:`~cryptography.hazmat.primitives.kdf.kbkdf.KBKDFCMAC` now support
+    :attr:`~cryptography.hazmat.primitives.kdf.kbkdf.CounterLocation.MiddleFixed`
+    counter location.
+  * Fixed :rfc:`4514` name parsing to reverse the order of the RDNs according
+    to the section 2.1 of the RFC, affecting method
+    :meth:`~cryptography.x509.Name.from_rfc4514_string`.
+  * It is now possible to customize some aspects of encryption when serializing
+    private keys, using
+    :meth:`~cryptography.hazmat.primitives.serialization.PrivateFormat.encryption_builder`.
+  * Removed several legacy symbols from our OpenSSL bindings. Users of pyOpenSSL
+    versions older than 22.0 will need to upgrade.
+  * Added
+    :class:`~cryptography.hazmat.primitives.ciphers.algorithms.AES128` and
+    :class:`~cryptography.hazmat.primitives.ciphers.algorithms.AES256` classes.
+    These classes do not replace
+    :class:`~cryptography.hazmat.primitives.ciphers.algorithms.AES` (which
+    allows all AES key lengths), but are intended for applications where
+    developers want to be explicit about key length.
+  
 -------------------------------------------------------------------
 Tue Jul 19 12:07:03 UTC 2022 - Dirk Müller <dmueller@suse.com>

--- a/python-cryptography.spec
+++ b/python-cryptography.spec
@ -28,7 +28,7 @@
 %bcond_with test
 %endif
 Name:           python-cryptography%{psuffix}
-Version:        37.0.4
+Version:        38.0.1
 Release:        0
 Summary:        Python library which exposes cryptographic recipes and primitives
 License:        Apache-2.0 OR BSD-3-Clause
--- a/vendor.tar.zst
+++ b/vendor.tar.zst
@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:3493a00e4cfd2ec828c6b659259daf981b7dd0e751ed33b2032a86bec43ee344
-size 8743693
+oid sha256:8b3f00295563ecc89fc943e573c820df2738ecd759d1109b14453e51a891763f
+size 7636953