python-rfc3161-client/python-rfc3161-client.changes

-------------------------------------------------------------------
Mon Jun 23 07:46:59 UTC 2025 - Nico Krapp <nico.krapp@suse.com>

- Update to 1.0.3
  * Exposed verify_message in the actual Verify interface, not just the
    implementation
  * Fixed a bug where verification performed insufficient signature checks on
    the timestamp response itself, rather than the response's certificate chain
    (CVE-2025-52556 / bsc#1245174)
- Update to 1.0.2
  * Added HashAlgorithm to exports of the base package module
  * Added verify_message method to Verifier class
  * Slight refactoring of the tests to ease how to test with multiple TSA
  * Changed return value of VerifierBuilder.build() from _Verifier to Verifier:
    This is technically an API change but should have minimal user impact.
  * Fixed spelling of hash_algorithm parameter in TimestampRequestBuilder class

-------------------------------------------------------------------
Wed Apr 16 11:31:22 UTC 2025 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>

- Update to 1.0.1
  * The Verifier now enforces that the EKU (Extended Key Usage)
    explicitly includes the `id-kp-timeStamping` OID (#120)
  * The Verifier now searches for the leaf certificate in the
    Timestamp Response instead of using the first one provided (#121)

-------------------------------------------------------------------
Tue Jan 21 08:27:32 UTC 2025 - Daniel Garcia <daniel.garcia@suse.com>

- Initial version (1.0.0)
- Update to 1.0.3 * Exposed verify_message in the actual Verify interface, not just the implementation * Fixed a bug where verification performed insufficient signature checks on the timestamp response itself, rather than the response's certificate chain (CVE-2025-52556 / bsc#1245174) - Update to 1.0.2 * Added HashAlgorithm to exports of the base package module * Added verify_message method to Verifier class * Slight refactoring of the tests to ease how to test with multiple TSA * Changed return value of VerifierBuilder.build() from _Verifier to Verifier: This is technically an API change but should have minimal user impact. * Fixed spelling of hash_algorithm parameter in TimestampRequestBuilder class OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-rfc3161-client?expand=0&rev=5 2025-06-23 08:12:04 +00:00			`-------------------------------------------------------------------`
			`Mon Jun 23 07:46:59 UTC 2025 - Nico Krapp <nico.krapp@suse.com>`

			`- Update to 1.0.3`
			`* Exposed verify_message in the actual Verify interface, not just the`
			`implementation`
			`* Fixed a bug where verification performed insufficient signature checks on`
			`the timestamp response itself, rather than the response's certificate chain`
			`(CVE-2025-52556 / bsc#1245174)`
			`- Update to 1.0.2`
			`* Added HashAlgorithm to exports of the base package module`
			`* Added verify_message method to Verifier class`
			`* Slight refactoring of the tests to ease how to test with multiple TSA`
			`* Changed return value of VerifierBuilder.build() from _Verifier to Verifier:`
			`This is technically an API change but should have minimal user impact.`
			`* Fixed spelling of hash_algorithm parameter in TimestampRequestBuilder class`

- Update to 1.0.1 * The Verifier now enforces that the EKU (Extended Key Usage) explicitly includes the `id-kp-timeStamping` OID (#120) * The Verifier now searches for the leaf certificate in the Timestamp Response instead of using the first one provided (#121) OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-rfc3161-client?expand=0&rev=3 2025-04-16 11:42:27 +00:00			`-------------------------------------------------------------------`
			`Wed Apr 16 11:31:22 UTC 2025 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>`

			`- Update to 1.0.1`
			`* The Verifier now enforces that the EKU (Extended Key Usage)`
			explicitly includes the `id-kp-timeStamping` OID (#120)
			`* The Verifier now searches for the leaf certificate in the`
			`Timestamp Response instead of using the first one provided (#121)`

Accepting request 1239268 from home:dgarcia:branches:security New package, required by python-sigstore OBS-URL: https://build.opensuse.org/request/show/1239268 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-rfc3161-client?expand=0&rev=1 2025-01-21 14:13:51 +00:00			`-------------------------------------------------------------------`
			`Tue Jan 21 08:27:32 UTC 2025 - Daniel Garcia <daniel.garcia@suse.com>`

			`- Initial version (1.0.0)`