python-pysaml2/python-pysaml2.changes

-------------------------------------------------------------------
Wed Jan 20 23:41:54 UTC 2021 - Michael Ströder <michael@stroeder.com>

- Update to 6.5.1:
  * Fix the parser to take into account both the xs and xsd namespace prefixes

-------------------------------------------------------------------
Wed Jan 20 20:12:26 UTC 2021 - Michael Ströder <michael@stroeder.com>

- Update to 6.5.0 - Security release
  * Fix processing of invalid SAML XML documents - CVE-2021-21238
  * Fix unspecified xmlsec1 key-type preference - CVE-2021-21239
  * Add more tests regarding XSW attacks
  * Add XML Schemas for SAML2 and common extensions
  * Fix the XML parser to not break on ePTID AttributeValues
  * Fix the initialization value of the return_addrs property of the StatusResponse object
  * Fix SWAMID entity-category policy regarding eduPersonTargetedID
  * data: use importlib to load package data (backwards compatibility through the importlib_resources package)
  * docs: improve the documentation for the signing_algorithm and digest_algorithm options
  * examples: fix the logging configuration of the example-IdP
  * tests: allow tests to pass on 32bit systems by properly choosing dates in test XML documents
  * tests: improvements on the generation of response and assertion objects
  * tests: expand tests on python-3.9 and python-3.10-dev
- added new build dependencies:
  * python3-importlib-resources
  * python3-xmlschema
  * update-alternatives
- removed obsolete avoid-too-large-dates.patch
- replaced %python3_alternative by %python_alternative

-------------------------------------------------------------------
Wed Jan  6 10:49:48 UTC 2021 - Matej Cepl <mcepl@suse.com>

- Add avoid-too-large-dates.patch to avoid test failures on i586
  (Y38K bug; gh#IdentityPython/pysaml2#759)

-------------------------------------------------------------------
Mon Jan  4 21:25:04 UTC 2021 - Matej Cepl <mcepl@suse.com>

- Skip test test_filter_ava_registration_authority_1
  (gh#IdentityPython/pysaml2#759).

-------------------------------------------------------------------
Sun Dec 20 10:04:41 UTC 2020 - Dirk Müller <dmueller@suse.com>

- update to 6.3.1:
  - Fix extraction of RegistrationInfo when no information is available
  - Fix http_info struct to include status-code
  - Allow to specify policy configurations based on the registration authority.
  - Add new configuration option `logout_responses_signed` to sign logout responses.
  - When available and appropriate return the ResponseLocation along with the Location
    attribute.
  - Always use base64.encodebytes; base64.encodestring has been dropped.
  - Examples: fix IdP example that was outputing debug statements on stdout that became
    part of its metadata.
  - CI/CD: Use Ubuntu bionic as the host to run the CI/CD process.
  - CI/CD: Pre-releases are now available on [test.pypi.org][pypi.test.pysaml2]. Each
    commit/merge on the master branch autotically creates a new pre-release. To install a
    prelease, run:
  - Fix the generated xsd:ID format for EncryptedData and EncryptedKey elements
  - Set the default value for the NameFormat attribute to unspecified when parsing
  - Support arbitrary entity attributes
  - Replace all asserts with proper checks
  - Allow request signing in artifact2message
  - Support logging configuration through the python logger
  - Fix wrong identifiers for ecdsa algos
  - Fix automatic inversion of attribute map files
  - Factor out common codepaths in attribute_converter
  - Remove uneeded exception logging
  - Docs: Update configuration options documentation
  - Examples: Support both str and bytes in SAML requests on the example idp
  - Examples: Update to key generation to 2048 bits

-------------------------------------------------------------------
Sat Jul 11 18:07:25 UTC 2020 - Michael Ströder <michael@stroeder.com>

- update to 6.1.0:
  * Fix signed logout requests flag
  * Differentiate between metadata NameIDFormat and AuthnRequest NameIDPolicy Format
    - Users using `name_id_format` to set the `<NameIDPolicy Format="...">` attribute now
      need to use the new configuration option `name_id_policy_format`.
  * Fix documentation formatting
  * Fix generation of signed metadata
  * Add attribute mappings used by SwedenConnect (DIGG, INERA and PKIX specifications)
  * Update SWAMID entity category
  * Document the `additional_cert_files` configuration option

-------------------------------------------------------------------
Fri Jul 10 12:29:12 UTC 2020 - Dirk Mueller <dmueller@suse.com>

- update to 5.3.0:
  - Fix check for nameid_format set to the string "None" in the configuration
  - Fix presence of empty eIDAS RequestedAttributes element on AuthnRequest
  - Refactor create_authn_request method to be easier to reason about
  - Fix NameIDPolicy checks for allowed Format and allowCreate values

-------------------------------------------------------------------
Sun Jun 14 08:57:41 UTC 2020 - Dirk Mueller <dmueller@suse.com>

- update to 5.1.0:
  - support eIDAS RequestedAttributes per AuthnRequest
  - fix xmlsec1 --id-attr configuration option value
  - do not remove existing disco URL query params
  - load attribute maps in predictable order
  - better error message when AudienceRestriction does not validate
  - always use base64.encodebytes instead of base64.encodestring
  - update the eIDAS attribute mapping for legal person
  - fix py_compile warnings
  - fix pylint errors and warnings
  - various small fixes
  - add Python3.8 as supported
  - tests: fix validity dates
  - docs: document default value for 'want_response_signed'

-------------------------------------------------------------------
Tue May  5 12:50:42 UTC 2020 - Matej Cepl <mcepl@suse.com>

- Don't use %python3_only command, but properly use alternatives.
- Skip failing tests on i586 (gh#IdentityPython/pysaml2#682)

-------------------------------------------------------------------
Sat Mar 14 15:57:25 UTC 2020 - Dirk Mueller <dmueller@suse.com>

- update to 5.0.0:
  - Fix XML Signature Wrapping (XSW) vulnerabilities - CVE-2020-5390
  - Add freshness period feature for MetaDataMDX
  - Fix bug in duration calculation in time_util library
  - Fix ipv6 validation to accommodate for addresses with brackets
  - Fix xmlsec temporary files deletions
  - Add method to get supported algorithms from metadata
  - Add mdstore method to extract assurance certifications
  - Add mdstore method to extract contact_person data
  - Add attribute mappings from the Swiss eduPerson Schema
  - Make AESCipher and Fernet interfaces compatible
  - Remove deprecated saml2.aes module
  - Remove deprecated saml2.extensions.ui module
  - Replace deprecated mongodb operations
  - Rename ToOld error to TooOld
  - Fix pytest warnings
  - Mock tests that need a network connection
  - Start dropping python2 support
  - Add mdstore methods to extract mdui uiinfo elements
  - Add attribute mapping for umbrellaID attributes
  - Fix logic error in pick_binding method for Entity class
  - Validate the audience of assertions regardless of a response being unsolicited
  - Fix PKCS_9 saml_url prefix
  - docs: Fix warnings from docs generation
  - docs: Update release instructions regarding branch releases
  - docs: Fix list formatting on IdP example page
  - docs: Update pysaml2 options doc with `name_id_format_allow_create`
  - misc: fix various typos
  
-------------------------------------------------------------------
Tue Jan  7 11:37:57 UTC 2020 - Tomáš Chvátal <tchvatal@suse.com>

- Use python dbm dependency instead of legacy gdbm

-------------------------------------------------------------------
Mon Jul 22 14:57:53 UTC 2019 - Tomáš Chvátal <tchvatal@suse.com>

- Update to 4.8.0:
  * Refactor the way ForceAuthn is set: check for "true" and "1"
  * Allow to set NameQualifier and SPNameQualifier attributes for ePTID
  * Parse assertions with Holder-of-Key profile
  * Add created_at timestamps to all mongodb documents
  * Look for existing persistent id's before creating new ones
  * Do not add AllowCreate property for default transient NameID
  * Enable entity category import from module search path
  * Add SAML subject identifier attributes to saml2_uri attributemap
  * Fix deprecation warning regarding the cgi module - use the html module when available
  * Misc minor improvements
  * tests: Be compatible with latest pytest
  * tests: Make tests pass after 2024
  * tests: Add py37 as a test target
  * docs: Correct instructions to run tests
  * docs: Fix misc typos

-------------------------------------------------------------------
Wed Jun  5 09:39:57 UTC 2019 - Marketa Calabkova <mcalabkova@suse.com>

- Update to 4.7.0
  * Add support for MDQ signature verification
  * Raise XmlsecError if xmlsec1 operations do not succeed
  * Handle non standard response error status codes correctly
  * Remove the python-future dependency and only use six

-------------------------------------------------------------------
Fri Dec  7 10:43:13 UTC 2018 - Tomáš Chvátal <tchvatal@suse.com>

- Update to 4.6.5:
  * Many many changes everywhere, see CHANGELOG.md for details
- Use github tarball to include license/tests

-------------------------------------------------------------------
Tue Dec  4 12:52:47 UTC 2018 - Matej Cepl <mcepl@suse.com>

- Remove superfluous devel dependency for noarch package

-------------------------------------------------------------------
Wed Oct 10 06:08:56 UTC 2018 - Dirk Mueller <dmueller@suse.com>

- cleanup filelist

-------------------------------------------------------------------
Tue Oct  9 15:50:52 UTC 2018 - Colleen Murphy <comurphy@suse.com>

- Replace python-pycryptodomex dep with python-cryptography
  - Dependency was swapped in afdf5b4

-------------------------------------------------------------------
Wed Nov 29 08:25:34 UTC 2017 - okurz@suse.com

- Add missing runtime dependency on 'defusedxml'
- Add obsolete suse_version special handling

-------------------------------------------------------------------
Mon Oct 30 22:27:36 UTC 2017 - michael@stroeder.com

- update to 4.5.0

-------------------------------------------------------------------
Mon Jun 19 08:57:42 UTC 2017 - okurz@suse.com

- Convert to singlespec

-------------------------------------------------------------------
Tue Nov 22 15:18:26 UTC 2016 - dmueller@suse.com

- fix requires

-------------------------------------------------------------------
Thu Nov 17 14:42:09 UTC 2016 - michael@stroeder.com

- update to 4.4.0
- added LICENSE.txt to docs

-------------------------------------------------------------------
Fri Feb 26 13:14:29 UTC 2016 - tbechtold@suse.com

- Require python-python-dateutil. package was renamed

-------------------------------------------------------------------
Tue Oct 13 21:31:03 UTC 2015 - dmueller@suse.com

- add pycrypto/pyOpenSSL dependency 

-------------------------------------------------------------------
Tue Sep  1 07:17:52 UTC 2015 - tbechtold@suse.com

- Move python-repoze.who from Recommends to Requires. It's needed.

-------------------------------------------------------------------
Thu Jul 30 19:30:53 UTC 2015 - tbechtold@suse.com

- Add missing Requires

-------------------------------------------------------------------
Thu Jul 16 15:40:39 UTC 2015 - seife+obs@b1-systems.com

- fix build on non-SUSE distributions whose rpm does not know
  "Recommends"

-------------------------------------------------------------------
Wed Jun 10 08:48:46 UTC 2015 - dmueller@suse.com

- update to 2.4.0:
  * A couple of security fixes plus maintenance updates.

-------------------------------------------------------------------
Tue Oct 15 07:41:04 UTC 2013 - speilicke@suse.com

- Initial version