Revisions of python-cryptography
buildservice-autocommit
accepted
request 1164122
from
Dirk Mueller (dirkmueller)
(revision 213)
baserev update by copy to link target
Dirk Mueller (dirkmueller)
committed
(revision 212)
- update to 42.0.5: * Limit the number of name constraint checks that will be performed in :mod:`X.509 path validation <cryptography.x509.verification>` to protect against denial of service attacks. * Upgrade pyo3 version, which fixes building on PowerPC.
buildservice-autocommit
accepted
request 1149625
from
Daniel Garcia (dgarcia)
(revision 211)
baserev update by copy to link target
Daniel Garcia (dgarcia)
committed
(revision 210)
- remove not working tests for ix86
Daniel Garcia (dgarcia)
committed
(revision 209)
- update to 42.0.4 (bsc#1220210, CVE-2024-26130): * Fixed a null-pointer-dereference and segfault that could occur when creating a PKCS#12 bundle. Credit to Alexander-Programming for reporting the issue. CVE-2024-26130 * Fixed ASN.1 encoding for PKCS7/SMIME signed messages. The fields SMIMECapabilities and SignatureAlgorithmIdentifier should now be correctly encoded according to the definitions in :rfc:2633 :rfc:3370. - update to 42.0.3: * Fixed an initialization issue that caused key loading failures for some users. - Drop patch skip_openssl_memleak_test.patch not needed anymore.
Dirk Mueller (dirkmueller)
committed
(revision 208)
Dirk Mueller (dirkmueller)
committed
(revision 207)
Dirk Mueller (dirkmueller)
committed
(revision 206)
- update to 42.0.2: * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.2.1. * Fixed an issue that prevented the use of Python buffer protocol objects in sign and verify methods on asymmetric keys. * Fixed an issue with incorrect keyword-argument naming with EllipticCurvePrivateKey :meth:`~cryptography.hazmat.primitive s.asymmetric.ec.EllipticCurvePrivateKey.exchange`, X25519PrivateKey :meth:`~cryptography.hazmat.primitives.asymm etric.x25519.X25519PrivateKey.exchange`, X448PrivateKey :meth :`~cryptography.hazmat.primitives.asymmetric.x448.X448Private Key.exchange`, and DHPrivateKey :meth:`~cryptography.hazmat.p rimitives.asymmetric.dh.DHPrivateKey.exchange`.
Dirk Mueller (dirkmueller)
committed
(revision 205)
- update to 42.0.1: * Fixed an issue with incorrect keyword-argument naming with EllipticCurvePrivateKey :meth:`~cryptography.hazmat.primitive s.asymmetric.ec.EllipticCurvePrivateKey.sign`. * Resolved compatibility issue with loading certain RSA public keys in :func:`~cryptography.hazmat.primitives.serialization. load_pem_public_key`. * BACKWARDS INCOMPATIBLE: Dropped support for LibreSSL < 3.7. * BACKWARDS INCOMPATIBLE: Loading a PKCS7 with no content field using :func:`~cryptography.hazmat.primitives.serialization.pk cs7.load_pem_pkcs7_certificates` or :func:`~cryptography.hazm at.primitives.serialization.pkcs7.load_der_pkcs7_certificates ` will now raise a ValueError rather than return an empty list. * Parsing SSH certificates no longer permits malformed critical options with values, as documented in the 41.0.2 release notes. * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.2.0. * Updated the minimum supported Rust version (MSRV) to 1.63.0, from 1.56.0. * We now publish both py37 and py39 abi3 wheels. This should resolve some errors relating to initializing a module multiple times per process. * Support :class:`~cryptography.hazmat.primitives.asymmetric.pa dding.PSS` for X.509 certificate signing requests and certificate revocation lists with the keyword-only argument rsa_padding on the sign methods for :class:`~cryptography.x509.CertificateSigningRequestBuilder` and
buildservice-autocommit
accepted
request 1129560
from
Dirk Mueller (dirkmueller)
(revision 204)
baserev update by copy to link target
Dirk Mueller (dirkmueller)
committed
(revision 203)
- update to 41.0.7 (CVE-2023-49083, bsc#1217592):
Dirk Mueller (dirkmueller)
committed
(revision 202)
- update to 41.0.7 (CVE-2023-49083, bsc#FIXME): * Fixed compilation when using LibreSSL 3.8.2. * Fixed a null-pointer-dereference and segfault that could occur when loading certificates from a PKCS#7 bundle. Credit to **pkuzco** for reporting the issue. **CVE-2023-49083**
buildservice-autocommit
accepted
request 1124982
from
Dirk Mueller (dirkmueller)
(revision 201)
baserev update by copy to link target
Dirk Mueller (dirkmueller)
committed
(revision 200)
- update to 41.0.5: * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.1.4. * Added a function to support an upcoming ``pyOpenSSL`` release. parameters in X.509 certificates, which are * Fixed error when using py2app to build an application with a cryptography dependency. * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 1.1.1n. - split tests in a multibuild variant to optimize rebuild time a bit * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 1.1.1m. - drop disable-RustExtension.patch: building rust extension now * Re-added a legacy symbol causing problems for older ``pyOpenSSL`` use signature. * wheels compiled with OpenSSL 1.1.1h. - Removed support for calling public_bytes() with no arguments, as per * BACKWARDS INCOMPATIBLE: Removedcryptography.hazmat.primitives.asymmetric.utils.encode_rfc6979_signature andcryptography.hazmat.primitives.asymmetric.utils.decode_rfc6979_signature, which had been deprecated for nearly 4 years. Use encode_dss_signature() * BACKWARDS INCOMPATIBLE: Removed cryptography.x509.Certificate.serial, which * Add support for easily mapping an object identifier to its elliptic curve * Add support for OpenSSL when compiled with the no-engine * BACKWARDS INCOMPATIBLE: U-label strings were deprecated in version 2.1, but this version removes the default idna dependency as well. If you still need this deprecated path please install cryptography with the idna extra: * Numerous classes and functions have been updated to allow bytes-like types for keying material and passwords, including symmetric algorithms, * Added rfc4514_string() method to x509.Name, x509.RelativeDistinguishedName, and x509.NameAttribute to format the name * Added from_encoded_point(), which immediately checks if the point is on
buildservice-autocommit
accepted
request 1115782
from
Dirk Mueller (dirkmueller)
(revision 199)
baserev update by copy to link target
Dirk Mueller (dirkmueller)
committed
(revision 198)
- update to 41.0.4: * ~~~~~~~~~~~~~~~~~~~ * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.1.3. * .. _v41-0-3:
buildservice-autocommit
accepted
request 1109339
from
Dirk Mueller (dirkmueller)
(revision 197)
baserev update by copy to link target
Dirk Mueller (dirkmueller)
committed
(revision 196)
- Update to 39.0.1 (bsc#1208036, CVE-2023-23931): * drops CVE-2023-23931-dont-allow-update-into.patch in older dists
buildservice-autocommit
accepted
request 1102868
from
Dirk Mueller (dirkmueller)
(revision 195)
baserev update by copy to link target
Dirk Mueller (dirkmueller)
committed
(revision 194)
- update to 41.0.3: * Fixed performance regression loading DH public keys. * Fixed a memory leak when using * :class:`~cryptography.hazmat.primitives.ciphers.aead.ChaCha20 Poly1305`.
Displaying revisions 1 - 20 of 213