File _patchinfo of Package patchinfo.26408
<patchinfo incident="26408">
<issue tracker="bnc" id="1149792">openssl 1.1.1c causes build failures in other packages</issue>
<issue tracker="bnc" id="1177083">python-aliyun-python-sdk-core package ships a vendored python-requests package</issue>
<issue tracker="bnc" id="1176785">[Trackerbug] Update Azure CLI packages to latest version in SLE-15</issue>
<issue tracker="bnc" id="1101820">VUL-0: CVE-2018-10903: python-cryptography: GCM tag forgery via truncated tag in finalize_with_tag API</issue>
<issue tracker="jsc" id="PM-2352"/>
<issue tracker="jsc" id="PM-2730"/>
<issue tracker="jsc" id="ECO-3105"/>
<issue tracker="jsc" id="SLE-18312"/>
<issue tracker="cve" id="2018-10903"/>
<packager>glaubitz</packager>
<rating>important</rating>
<category>security</category>
<summary>Security update for python-cryptography, python-cryptography-vectors</summary>
<description>This update for python-cryptography, python-cryptography-vectors fixes the following issues:
- Update in SLE-15 (bsc#1177083, jsc#PM-2730, jsc#SLE-18312)
- Refresh patches for new version
- Update in SLE-15 (bsc#1176785, jsc#ECO-3105, jsc#PM-2352)
- update to 2.9.2
* 2.9.2 - 2020-04-22
- Updated the macOS wheel to fix an issue where it would not run on macOS versions older than 10.15.
* 2.9.1 - 2020-04-21
- Updated Windows, macOS, and manylinux wheels to be compiled with OpenSSL 1.1.1g.
* 2.9 - 2020-04-02
- BACKWARDS INCOMPATIBLE: Support for Python 3.4 has been removed due to
low usage and maintenance burden.
- BACKWARDS INCOMPATIBLE: Support for OpenSSL 1.0.1 has been removed.
Users on older version of OpenSSL will need to upgrade.
- BACKWARDS INCOMPATIBLE: Support for LibreSSL 2.6.x has been removed.
- Removed support for calling public_bytes() with no arguments, as per
our deprecation policy. You must now pass encoding and format.
- BACKWARDS INCOMPATIBLE: Reversed the order in which rfc4514_string()
returns the RDNs as required by RFC 4514.
- Updated Windows, macOS, and manylinux wheels to be compiled with OpenSSL 1.1.1f.
- Added support for parsing single_extensions in an OCSP response.
- NameAttribute values can now be empty strings.
- Add openSSL_111d.patch to make this version of the package
compatible with OpenSSL 1.1.1d, thus fixing bsc#1149792.
- bsc#1101820 CVE-2018-10903 GCM tag forgery via truncated tag in
finalize_with_tag API
- Update in SLE-15 (bsc#1177083, jsc#PM-2730, jsc#SLE-18312)
- Include in SLE-15 (bsc#1176785, jsc#ECO-3105, jsc#PM-2352)
- update to 2.9.2:
* updated vectors for the cryptography 2.9.2 testing
</description>
</patchinfo>