- update to 42.0.1:

* Fixed an issue with incorrect keyword-argument naming with EllipticCurvePrivateKey :meth:`~cryptography.hazmat.primitive s.asymmetric.ec.EllipticCurvePrivateKey.sign`. * Resolved compatibility issue with loading certain RSA public keys in :func:`~cryptography.hazmat.primitives.serialization. load_pem_public_key`. * BACKWARDS INCOMPATIBLE: Dropped support for LibreSSL < 3.7. * BACKWARDS INCOMPATIBLE: Loading a PKCS7 with no content field using :func:`~cryptography.hazmat.primitives.serialization.pk cs7.load_pem_pkcs7_certificates` or :func:`~cryptography.hazm at.primitives.serialization.pkcs7.load_der_pkcs7_certificates ` will now raise a ValueError rather than return an empty list. * Parsing SSH certificates no longer permits malformed critical options with values, as documented in the 41.0.2 release notes. * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.2.0. * Updated the minimum supported Rust version (MSRV) to 1.63.0, from 1.56.0. * We now publish both py37 and py39 abi3 wheels. This should resolve some errors relating to initializing a module multiple times per process. * Support :class:`~cryptography.hazmat.primitives.asymmetric.pa dding.PSS` for X.509 certificate signing requests and certificate revocation lists with the keyword-only argument rsa_padding on the sign methods for :class:`~cryptography.x509.CertificateSigningRequestBuilder` and OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=205
2024-01-29 14:19:13 +00:00
parent 70f0f2e8c2
commit 2f68d9363c
9 changed files with 168 additions and 61 deletions
--- a/python-cryptography.changes
+++ b/python-cryptography.changes
@@ -1,3 +1,90 @@
+-------------------------------------------------------------------
+Mon Jan 29 14:01:49 UTC 2024 - Dirk Müller <dmueller@suse.com>
+
+- update to 42.0.1:
+  * Fixed an issue with incorrect keyword-argument naming with
+    EllipticCurvePrivateKey :meth:`~cryptography.hazmat.primitive
+    s.asymmetric.ec.EllipticCurvePrivateKey.sign`.
+  * Resolved compatibility issue with loading certain RSA public
+    keys in :func:`~cryptography.hazmat.primitives.serialization.
+    load_pem_public_key`.
+  * BACKWARDS INCOMPATIBLE: Dropped support for LibreSSL < 3.7.
+  * BACKWARDS INCOMPATIBLE: Loading a PKCS7 with no content field
+    using :func:`~cryptography.hazmat.primitives.serialization.pk
+    cs7.load_pem_pkcs7_certificates` or :func:`~cryptography.hazm
+    at.primitives.serialization.pkcs7.load_der_pkcs7_certificates
+    ` will now raise a ValueError rather than return an empty
+    list.
+  * Parsing SSH certificates no longer permits malformed critical
+    options with values, as documented in the 41.0.2 release
+    notes.
+  * Updated Windows, macOS, and Linux wheels to be compiled with
+    OpenSSL 3.2.0.
+  * Updated the minimum supported Rust version (MSRV) to 1.63.0,
+    from 1.56.0.
+  * We now publish both py37 and py39 abi3 wheels. This should
+    resolve some errors relating to initializing a module
+    multiple times per process.
+  * Support :class:`~cryptography.hazmat.primitives.asymmetric.pa
+    dding.PSS` for X.509 certificate signing requests and
+    certificate revocation lists with the keyword-only argument
+    rsa_padding on the sign methods for
+    :class:`~cryptography.x509.CertificateSigningRequestBuilder`
+    and
+    :class:`~cryptography.x509.CertificateRevocationListBuilder`.
+  * Added support for obtaining X.509 certificate signing request
+    signature algorithm parameters (including PSS) via :meth:`~cr
+    yptography.x509.CertificateSigningRequest.signature_algorithm
+    _parameters`.
+  * Added support for obtaining X.509 certificate revocation list
+    signature algorithm parameters (including PSS) via :meth:`~cr
+    yptography.x509.CertificateRevocationList.signature_algorithm
+    _parameters`.
+  * Added mgf property to :class:`~cryptography.hazmat.primitives
+    .asymmetric.padding.PSS`.
+  * Added algorithm and mgf properties to :class:`~cryptography.h
+    azmat.primitives.asymmetric.padding.OAEP`.
+  * Added the following properties that return timezone-aware
+    datetime objects:
+    :meth:`~cryptography.x509.Certificate.not_valid_before_utc`,
+    :meth:`~cryptography.x509.Certificate.not_valid_after_utc`, :
+    meth:`~cryptography.x509.RevokedCertificate.revocation_date_u
+    tc`, :meth:`~cryptography.x509.CertificateRevocationList.next
+    _update_utc`, :meth:`~cryptography.x509.CertificateRevocation
+    List.last_update_utc`. These are timezone-aware variants of
+    existing properties that return naïve datetime objects.
+  * Deprecated the following properties that return naïve
+    datetime objects:
+    :meth:`~cryptography.x509.Certificate.not_valid_before`,
+    :meth:`~cryptography.x509.Certificate.not_valid_after`, :meth
+    :`~cryptography.x509.RevokedCertificate.revocation_date`, :me
+    th:`~cryptography.x509.CertificateRevocationList.next_update`
+    , :meth:`~cryptography.x509.CertificateRevocationList.last_up
+    date` in favor of the new timezone-aware variants mentioned
+    above.
+  * Added support for :class:`~cryptography.hazmat.primitives.cip
+    hers.algorithms.ChaCha20` on LibreSSL.
+  * Added support for RSA PSS signatures in PKCS7 with :meth:`~cr
+    yptography.hazmat.primitives.serialization.pkcs7.PKCS7Signatu
+    reBuilder.add_signer`.
+  * In the next release (43.0.0) of cryptography, loading an
+    X.509 certificate with a negative serial number will raise an
+    exception. This has been deprecated since 36.0.0.
+  * Added support for :class:`~cryptography.hazmat.primitives.cip
+    hers.aead.AESGCMSIV` when using OpenSSL 3.2.0+.
+  * Added the :mod:`X.509 path validation
+    <cryptography.x509.verification>` APIs for
+    :class:`~cryptography.x509.Certificate` chains. These APIs
+    should be considered unstable and not subject to our
+    stability guarantees until documented as such in a future
+    release.
+  * Added support for :class:`~cryptography.hazmat.primitives.cip
+    hers.algorithms.SM4`
+    :class:`~cryptography.hazmat.primitives.ciphers.modes.GCM`
+    when using OpenSSL 3.0 or greater.
+- use PEP517 build
+- switch to new cargo-vendor
+
 -------------------------------------------------------------------
 Tue Nov 28 09:27:57 UTC 2023 - Dirk Müller <dmueller@suse.com>