-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Announcing the release of a more secure Python wrapper for GnuPG on PyPI. About this release - ------------------ This is the first stable release of a module (named 'gnupg' on PyPI)[0], which originated as a fork of python-gnupg.[1] Several problems were found with the upstream version, including a security vulnerability triggered by unvalidated user input, and when used within networked code, can lead to remote arbitrary code execution. Full notes of the audit can be found in the docs/ directory of the git repo [2] and as orgmode→html [3] in the online documentation. The new version [4] is incompatible with the old version, though the changes required to upgrade for software depending on the old version should be slight. Not to mention, the module is now extensively documented,[5] and developed openly. It was downloaded nearly 1000 times on the first day it was uploaded to PyPI. To install: $ [sudo] pip install gnupg References: [0]: https://pypi.python.org/gnupg/ [1]: https://code.google.com/p/python-gnupg/ [2]: https://github.com/isislovecruft/python-gnupg/raw/master/docs/NOTES-python-gnupg-3.1-audit.org [3]: http://pythonhosted.org/gnupg/NOTES-python-gnupg-3.1-audit.html [4]: https://github.com/isislovecruft/python-gnupg/ [5]: https://pythonhosted.org/gnupg/ - -- ♥Ⓐ isis agora lovecruft _________________________________________________________ GPG: 4096R/A3ADB67A2CDB8B35 Current Keys: https://blog.patternsinthevoid.net/isis.txt -----BEGIN PGP SIGNATURE----- iQJuBAEBCgBYBQJR1DpIBYMB4TOASxSAAAAAABoAKGlzaXNAcGF0dGVybnNpbnRo ZXZvaWQubmV0MEE2QTU4QTE0QjU5NDZBQkRFMThFMjA3QTNBREI2N0EyQ0RCOEIz NQAKCRCjrbZ6LNuLNafeEACH23ZjAHyx0a42db8AKo9cpHMur5YH0CtICp3h8z80 CAWMyFSOOK87Dpzx7kWhyXcWIu55LBFGnW8iQyeLMnAmgtpEXuGV47lCpcuwMGmU lsyRY0UBcp1j38uiyc0RHbvdZxY18mG4UgX1dmCnO1ehYdGc7kbMgvcmPdNZWErJ pDLtxO1+8BZwoYEr0ngSJ+p26IaOmaAaKG4/iuGQ7ac9P8w5CPr4k4rNme4u/yvO pn29syvCfo6FDcb5j4SOpJWwLbH1mo5xry6KUJflVLHx779q3sDcz3M9wX4pSeOn RISeo5TcXAca6YZLlMbArAsy/dYjW5bINCkTo4S7zY1VsaeN1uAH6NC9T1BqI+e+ 7APD6DD6/qN0Tjv6rT3TZKugFyFtwn98HZxA78kFWZJQbG6SzzgEvfph7pTgm8Tm EavrXex6LQvY6C93yoSoicoBoIZuCXJ7SmkMvf9GJRfDcj9dLM8DVxb0VkclUaKr AaHAFcdjIZ+CZHOukSHmRhrNKNa+FUnAyIrxcfcDU5gsqpOoLgWwWuFrkHICQMyQ PYkMQ0Dh/xhEA5P1tChX1taxOAVJCIWLhQGFaXLWqPM85a+TC2p0GpRga4oKzdUJ ZFB8hBM5T83614iQ8E5FjA6BvryksfVWoe0TW/212C+zeDOXiQl3LdXjnrtfP1cU bQ== =SfHT -----END PGP SIGNATURE----- _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography