From 1d2aefdc5c6ac00059764b435e682ba56e020fac5f1645148a1a0a365448415a Mon Sep 17 00:00:00 2001 From: Matej Cepl Date: Fri, 4 Nov 2022 07:58:36 +0000 Subject: [PATCH] Accepting request 1033458 from home:mcepl:branches:devel:languages:python - update to 38.0.3: - Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.0.7, which resolves CVE-2022-3602 and CVE-2022-3786. OBS-URL: https://build.opensuse.org/request/show/1033458 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=163 --- _service | 2 +- cryptography-38.0.1.tar.gz | 3 --- cryptography-38.0.3.tar.gz | 3 +++ python-cryptography.changes | 8 ++++++++ python-cryptography.spec | 2 +- skip_openssl_memleak_test.patch | 12 +++++++----- vendor.tar.zst | 4 ++-- 7 files changed, 22 insertions(+), 12 deletions(-) delete mode 100644 cryptography-38.0.1.tar.gz create mode 100644 cryptography-38.0.3.tar.gz diff --git a/_service b/_service index 53d4f21..952a12d 100644 --- a/_service +++ b/_service @@ -1,7 +1,7 @@ - cryptography-38.0.1/src/rust + cryptography-38.0.3/src/rust zst diff --git a/cryptography-38.0.1.tar.gz b/cryptography-38.0.1.tar.gz deleted file mode 100644 index 1248a70..0000000 --- a/cryptography-38.0.1.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:1db3d807a14931fa317f96435695d9ec386be7b84b618cc61cfa5d08b0ae33d7 -size 599412 diff --git a/cryptography-38.0.3.tar.gz b/cryptography-38.0.3.tar.gz new file mode 100644 index 0000000..cc06a74 --- /dev/null +++ b/cryptography-38.0.3.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:bfbe6ee19615b07a98b1d2287d6a6073f734735b49ee45b11324d85efc4d5cbd +size 599876 diff --git a/python-cryptography.changes b/python-cryptography.changes index 767fd9c..00c23fc 100644 --- a/python-cryptography.changes +++ b/python-cryptography.changes @@ -1,3 +1,11 @@ +------------------------------------------------------------------- +Thu Nov 3 19:17:35 UTC 2022 - Matej Cepl + +- update to 38.0.3: + - Updated Windows, macOS, and Linux wheels to be compiled + with OpenSSL 3.0.7, which resolves CVE-2022-3602 and + CVE-2022-3786. + ------------------------------------------------------------------- Thu Sep 29 19:42:06 UTC 2022 - Dirk Müller diff --git a/python-cryptography.spec b/python-cryptography.spec index 9fa38b4..69b5718 100644 --- a/python-cryptography.spec +++ b/python-cryptography.spec @@ -28,7 +28,7 @@ %bcond_with test %endif Name: python-cryptography%{psuffix} -Version: 38.0.1 +Version: 38.0.3 Release: 0 Summary: Python library which exposes cryptographic recipes and primitives License: Apache-2.0 OR BSD-3-Clause diff --git a/skip_openssl_memleak_test.patch b/skip_openssl_memleak_test.patch index 96c4d5f..7bb6954 100644 --- a/skip_openssl_memleak_test.patch +++ b/skip_openssl_memleak_test.patch @@ -1,8 +1,10 @@ -Index: cryptography-3.0/tests/hazmat/backends/test_openssl_memleak.py -=================================================================== ---- cryptography-3.0.orig/tests/hazmat/backends/test_openssl_memleak.py -+++ cryptography-3.0/tests/hazmat/backends/test_openssl_memleak.py -@@ -153,10 +153,9 @@ def assert_no_memory_leaks(s, argv=[]): +--- + tests/hazmat/backends/test_openssl_memleak.py | 7 +++---- + 1 file changed, 3 insertions(+), 4 deletions(-) + +--- a/tests/hazmat/backends/test_openssl_memleak.py ++++ b/tests/hazmat/backends/test_openssl_memleak.py +@@ -174,10 +174,9 @@ def assert_no_memory_leaks(s, argv=[]): def skip_if_memtesting_not_supported(): diff --git a/vendor.tar.zst b/vendor.tar.zst index f66e43c..28219ed 100644 --- a/vendor.tar.zst +++ b/vendor.tar.zst @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:8b3f00295563ecc89fc943e573c820df2738ecd759d1109b14453e51a891763f -size 7636953 +oid sha256:9ec55d5ba9f28dfb213910d88487ff577dff266c6d7bcc17ca7f24b0d1769845 +size 8055725