Hello community,
here is the log from the commit of package python-cryptography for
openSUSE:Factory checked in at 2018-07-21 10:09:06
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-cryptography (Old)
and /work/SRC/openSUSE:Factory/.python-cryptography.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-cryptography"
Sat Jul 21 10:09:06 2018 rev:40 rq:623675 version:2.3
Changes:
--------
--- /work/SRC/openSUSE:Factory/python-cryptography/python-cryptography.changes
2018-06-22 13:14:43.560500003 +0200
+++
/work/SRC/openSUSE:Factory/.python-cryptography.new/python-cryptography.changes
2018-07-21 10:09:10.751185036 +0200
@@ -1,0 +2,21 @@
+Wed Jul 18 13:20:58 UTC 2018 - [email protected]
+
+- update to 2.3:
+ * SECURITY ISSUE: finalize_with_tag() allowed tag truncation by default
+ which can allow tag forgery in some cases. The method now enforces the
+ min_tag_length provided to the GCM constructor.
+ * Added support for Python 3.7.
+ * Added extract_timestamp() to get the authenticated timestamp of a Fernet
token.
+ * Support for Python 2.7.x without hmac.compare_digest has been deprecated.
+ We will require Python 2.7.7 or higher (or 2.7.6 on Ubuntu) in the next
+ cryptography release.
+ * Fixed multiple issues preventing cryptography from compiling
+ against LibreSSL 2.7.x.
+ * Added get_revoked_certificate_by_serial_number for quick
+ serial number searches in CRLs.
+ * The RelativeDistinguishedName class now preserves the order of attributes.
+ Duplicate attributes now raise an error instead of silently discarding
duplicates.
+ * aes_key_unwrap() and aes_key_unwrap_with_padding() now raise InvalidUnwrap
+ if the wrapped key is an invalid length, instead of ValueError.
+
+-------------------------------------------------------------------
Old:
----
cryptography-2.2.2.tar.gz
cryptography-2.2.2.tar.gz.asc
cryptography_vectors-2.2.2.tar.gz
New:
----
cryptography-2.3.tar.gz
cryptography-2.3.tar.gz.asc
cryptography_vectors-2.3.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ python-cryptography.spec ++++++
--- /var/tmp/diff_new_pack.tyu98j/_old 2018-07-21 10:09:11.611184838 +0200
+++ /var/tmp/diff_new_pack.tyu98j/_new 2018-07-21 10:09:11.615184837 +0200
@@ -19,7 +19,7 @@
%{?!python_module:%define python_module() python-%{**} python3-%{**}}
%bcond_without python2
Name: python-cryptography
-Version: 2.2.2
+Version: 2.3
Release: 0
Summary: Python library which exposes cryptographic recipes and
primitives
License: Apache-2.0 OR BSD-3-Clause
++++++ cryptography-2.2.2.tar.gz -> cryptography-2.3.tar.gz ++++++
++++ 5384 lines of diff (skipped)
++++++ cryptography_vectors-2.2.2.tar.gz -> cryptography_vectors-2.3.tar.gz
++++++
/work/SRC/openSUSE:Factory/python-cryptography/cryptography_vectors-2.2.2.tar.gz
/work/SRC/openSUSE:Factory/.python-cryptography.new/cryptography_vectors-2.3.tar.gz
differ: char 5, line 1
