- update to 24.1.0:

* If a certificate doesn't contain any `subjectAltName`s, we now raise `service_identity.CertificateError` instead of `service_identity.VerificationError` to make the problem easier to debug. - Since Chrome 58 and Firefox 48 both don’t accept certificates that contain only a Common Name, its usage is hereby deprecated in service_identity too. We have been raising a warning since 16.0.0 and the support will be removed in - When service_identity.SubjectAltNameWarning is raised, the - Wildcards (*) are now only allowed if they are the leftmost label in a certificate. This is common practice by all major OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-service_identity?expand=0&rev=34
2024-01-20 20:31:31 +00:00 · 2024-01-20 20:31:31 +00:00 · dac99b85a5
commit dac99b85a5
parent 3c4686a635
4 changed files with 21 additions and 12 deletions
--- a/23.1.0.tar.gz
+++ b/23.1.0.tar.gz
--- a/24.1.0.tar.gz
+++ b/24.1.0.tar.gz
--- a/python-service_identity.changes
+++ b/python-service_identity.changes
@ -1,3 +1,12 @@
+-------------------------------------------------------------------
+Sat Jan 20 20:31:18 UTC 2024 - Dirk Müller <dmueller@suse.com>
+
+- update to 24.1.0:
+  * If a certificate doesn't contain any `subjectAltName`s, we
+    now raise `service_identity.CertificateError` instead of
+    `service_identity.VerificationError` to make the problem
+    easier to debug.
+
 -------------------------------------------------------------------
 Mon Sep 18 09:42:13 UTC 2023 - pgajdos@suse.com

@ -115,19 +124,19 @@ Mon Sep 24 13:16:17 UTC 2018 - ecsos@opensuse.org

 - Update to 17.0.0:
  * Deprecations:
-    - Since Chrome 58 and Firefox 48 both don’t accept certificates 
-      that contain only a Common Name, its usage is hereby 
-      deprecated in service_identity too. We have been raising 
-      a warning since 16.0.0 and the support will be removed in 
+    - Since Chrome 58 and Firefox 48 both don’t accept certificates
+      that contain only a Common Name, its usage is hereby
+      deprecated in service_identity too. We have been raising
+      a warning since 16.0.0 and the support will be removed in
      mid-2018 for good.
  * Changes:
-    - When service_identity.SubjectAltNameWarning is raised, the 
+    - When service_identity.SubjectAltNameWarning is raised, the
      Common Name of the certificate is now included in the warning
      message. #17
    - Added cryptography.x509 backend for verifying certificates.
      #18
-    - Wildcards (*) are now only allowed if they are the leftmost 
-      label in a certificate. This is common practice by all major 
+    - Wildcards (*) are now only allowed if they are the leftmost
+      label in a certificate. This is common practice by all major
      browsers. #19

 -------------------------------------------------------------------
--- a/python-service_identity.spec
+++ b/python-service_identity.spec
@ -1,7 +1,7 @@
 #
 # spec file for package python-service_identity
 #
-# Copyright (c) 2023 SUSE LLC
+# Copyright (c) 2024 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@ -19,7 +19,7 @@
 %define oname   service_identity
 %{?sle15_python_module_pythons}
 Name:           python-service_identity
-Version:        23.1.0
+Version:        24.1.0
 Release:        0
 Summary:        Service identity verification for pyOpenSSL
 License:        MIT