From 06f16341995dd8f8737c4973f2501e013f284db2106bf6ce3100edfcb3c1faa5 Mon Sep 17 00:00:00 2001
From: Dirk Mueller <dmueller@suse.com>
Date: Tue, 23 Jun 2020 15:43:48 +0000
Subject: [PATCH] - update to v 4.6.0 (bsc#1172389)   * Choose blinding factor
 relatively prime to N. Thanks Christian Heimes for pointing this out.   *
 Reject cyphertexts (when decrypting) and signatures (when verifying) that
 have been modified by prepending zero bytes. This resolves CVE-2020-13757.
 Thanks Carnil for pointing this out.   * Rolled back the switch to Poetry,
 and reverted back to using Pipenv + setup.py for dependency management. There
 apparently is an issue no-binary installs of packages build with Poetry. This
 fixes #148 Limited SHA3 support to those Python versions (3.6+) that support
 it natively. The third-party library that adds support for this to Python 3.5
 is a binary package, and thus breaks the pure-Python nature of Python-RSA.
 This should fix #147.   * Added support for Python 3.8.   * Dropped support
 for Python 2 and 3.4.   * Added type annotations to the source code. This
 will make Python-RSA easier to use in your IDE, and allows better type
 checking.   * Added static type checking via MyPy.   * Fix #129 Installing
 from source gives UnicodeDecodeError.   * Switched to using Poetry for
 package management.   * Choose blinding factor relatively prime to N. Thanks
 Christian Heimes for pointing this out.   * Reject cyphertexts (when
 decrypting) and signatures (when verifying) that   * have been modified by
 prepending zero bytes. This resolves CVE-2020-13757.

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-rsa?expand=0&rev=30
---
 python-rsa.changes | 18 ++++++++++++++++++
 python-rsa.spec    |  7 ++++---
 rsa-4.0.tar.gz     |  3 ---
 rsa-4.6.tar.gz     |  3 +++
 4 files changed, 25 insertions(+), 6 deletions(-)
 delete mode 100644 rsa-4.0.tar.gz
 create mode 100644 rsa-4.6.tar.gz

diff --git a/python-rsa.changes b/python-rsa.changes
index 332c3bd..7932b76 100644
--- a/python-rsa.changes
+++ b/python-rsa.changes
@@ -1,3 +1,21 @@
+-------------------------------------------------------------------
+Tue Jun 23 15:36:45 UTC 2020 - Dirk Mueller <dmueller@suse.com>
+
+- update to v 4.6.0 (bsc#1172389)
+  * Choose blinding factor relatively prime to N. Thanks Christian Heimes for pointing this out.
+  * Reject cyphertexts (when decrypting) and signatures (when verifying) that have been modified by prepending zero bytes. This resolves CVE-2020-13757. Thanks Carnil for pointing this out.
+  * Rolled back the switch to Poetry, and reverted back to using Pipenv + setup.py for dependency management. There apparently is an issue no-binary installs of packages build with Poetry. This fixes #148
+Limited SHA3 support to those Python versions (3.6+) that support it natively. The third-party library that adds support for this to Python 3.5 is a binary package, and thus breaks the pure-Python nature of Python-RSA. This should fix #147.
+  * Added support for Python 3.8.
+  * Dropped support for Python 2 and 3.4.
+  * Added type annotations to the source code. This will make Python-RSA easier to use in your IDE, and allows better type checking.
+  * Added static type checking via MyPy.
+  * Fix #129 Installing from source gives UnicodeDecodeError.
+  * Switched to using Poetry for package management.
+  * Choose blinding factor relatively prime to N. Thanks Christian Heimes for pointing this out.
+  * Reject cyphertexts (when decrypting) and signatures (when verifying) that
+  * have been modified by prepending zero bytes. This resolves CVE-2020-13757.
+
 -------------------------------------------------------------------
 Sat Mar 23 18:54:24 UTC 2019 - Dirk Mueller <dmueller@suse.com>
 
diff --git a/python-rsa.spec b/python-rsa.spec
index c2b2d9c..1a0df2a 100644
--- a/python-rsa.spec
+++ b/python-rsa.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package python-rsa
 #
-# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2020 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -19,7 +19,7 @@
 %{?!python_module:%define python_module() python-%{**} python3-%{**}}
 %bcond_without tests
 Name:           python-rsa
-Version:        4.0
+Version:        4.6
 Release:        0
 Summary:        Pure-Python RSA Implementation
 License:        Apache-2.0
@@ -27,6 +27,7 @@ Group:          Development/Languages/Python
 URL:            http://stuvel.eu/rsa
 Source:         https://files.pythonhosted.org/packages/source/r/rsa/rsa-%{version}.tar.gz
 BuildRequires:  %{python_module mock}
+BuildRequires:  %{python_module mypy}
 BuildRequires:  %{python_module pyasn1 >= 0.1.3}
 BuildRequires:  %{python_module setuptools}
 BuildRequires:  fdupes
@@ -79,7 +80,7 @@ export LC_ALL=en_US.utf8
 
 %files %{python_files}
 %license LICENSE
-%doc CHANGELOG.txt README.md
+%doc README.md
 %python_alternative %{_bindir}/pyrsa-decrypt
 %python_alternative %{_bindir}/pyrsa-encrypt
 %python_alternative %{_bindir}/pyrsa-keygen
diff --git a/rsa-4.0.tar.gz b/rsa-4.0.tar.gz
deleted file mode 100644
index db95ec5..0000000
--- a/rsa-4.0.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:1a836406405730121ae9823e19c6e806c62bbad73f890574fff50efa4122c487
-size 37385
diff --git a/rsa-4.6.tar.gz b/rsa-4.6.tar.gz
new file mode 100644
index 0000000..fa4605f
--- /dev/null
+++ b/rsa-4.6.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:109ea5a66744dd859bf16fe904b8d8b627adafb9408753161e766a92e7d681fa
+size 46954