From 80374011981602a2bd26044b87dc8ea26b629f7f88ebae817eff37f0ab8b7140 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mark=C3=A9ta=20Machov=C3=A1?= Date: Mon, 23 Jun 2025 08:12:04 +0000 Subject: [PATCH] - Update to 1.0.3 * Exposed verify_message in the actual Verify interface, not just the implementation * Fixed a bug where verification performed insufficient signature checks on the timestamp response itself, rather than the response's certificate chain (CVE-2025-52556 / bsc#1245174) - Update to 1.0.2 * Added HashAlgorithm to exports of the base package module * Added verify_message method to Verifier class * Slight refactoring of the tests to ease how to test with multiple TSA * Changed return value of VerifierBuilder.build() from _Verifier to Verifier: This is technically an API change but should have minimal user impact. * Fixed spelling of hash_algorithm parameter in TimestampRequestBuilder class OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-rfc3161-client?expand=0&rev=5 --- python-rfc3161-client.changes | 17 +++++++++++++++++ python-rfc3161-client.spec | 2 +- rfc3161_client-1.0.1.tar.gz | 3 --- rfc3161_client-1.0.3.tar.gz | 3 +++ vendor.tar.zst | 4 ++-- 5 files changed, 23 insertions(+), 6 deletions(-) delete mode 100644 rfc3161_client-1.0.1.tar.gz create mode 100644 rfc3161_client-1.0.3.tar.gz diff --git a/python-rfc3161-client.changes b/python-rfc3161-client.changes index 4fa26ef..d068f83 100644 --- a/python-rfc3161-client.changes +++ b/python-rfc3161-client.changes @@ -1,3 +1,20 @@ +------------------------------------------------------------------- +Mon Jun 23 07:46:59 UTC 2025 - Nico Krapp + +- Update to 1.0.3 + * Exposed verify_message in the actual Verify interface, not just the + implementation + * Fixed a bug where verification performed insufficient signature checks on + the timestamp response itself, rather than the response's certificate chain + (CVE-2025-52556 / bsc#1245174) +- Update to 1.0.2 + * Added HashAlgorithm to exports of the base package module + * Added verify_message method to Verifier class + * Slight refactoring of the tests to ease how to test with multiple TSA + * Changed return value of VerifierBuilder.build() from _Verifier to Verifier: + This is technically an API change but should have minimal user impact. + * Fixed spelling of hash_algorithm parameter in TimestampRequestBuilder class + ------------------------------------------------------------------- Wed Apr 16 11:31:22 UTC 2025 - John Paul Adrian Glaubitz diff --git a/python-rfc3161-client.spec b/python-rfc3161-client.spec index 59ea220..2383357 100644 --- a/python-rfc3161-client.spec +++ b/python-rfc3161-client.spec @@ -27,7 +27,7 @@ %{?sle15_python_module_pythons} Name: python-rfc3161-client -Version: 1.0.1 +Version: 1.0.3 Release: 0 Summary: Python library implementing the Time-Stamp Protocol (TSP) described in RFC 3161 License: Apache-2.0 diff --git a/rfc3161_client-1.0.1.tar.gz b/rfc3161_client-1.0.1.tar.gz deleted file mode 100644 index cb508dc..0000000 --- a/rfc3161_client-1.0.1.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:1c951f3912b90c6d3f3505e644b74ee08543387253647b86459addbffb16f63f -size 53526 diff --git a/rfc3161_client-1.0.3.tar.gz b/rfc3161_client-1.0.3.tar.gz new file mode 100644 index 0000000..1a64305 --- /dev/null +++ b/rfc3161_client-1.0.3.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:e9b614a5a4596ab9aea44d3fe8a4995bd84ac7f20dcbfaa82b115224202d88d8 +size 58858 diff --git a/vendor.tar.zst b/vendor.tar.zst index 88f5104..e8f6988 100644 --- a/vendor.tar.zst +++ b/vendor.tar.zst @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:39924123de4a847fb3f7031d81da13293257d7814be1382ef39990cfba512957 -size 11054209 +oid sha256:feec53a7a1e4ee7309a09d03f1738f0c578187697135f29bf1f2adebbf613d74 +size 11080743