Hello community,
here is the log from the commit of package python-cryptography for
openSUSE:Factory checked in at 2020-08-01 12:31:06
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-cryptography (Old)
and /work/SRC/openSUSE:Factory/.python-cryptography.new.3592 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-cryptography"
Sat Aug 1 12:31:06 2020 rev:50 rq:823211 version:3.0
Changes:
--------
--- /work/SRC/openSUSE:Factory/python-cryptography/python-cryptography.changes
2020-05-28 09:06:36.143570046 +0200
+++
/work/SRC/openSUSE:Factory/.python-cryptography.new.3592/python-cryptography.changes
2020-08-01 12:31:21.922467335 +0200
@@ -1,0 +2,26 @@
+Tue Jul 28 17:16:47 UTC 2020 - Ondřej Súkup <[email protected]>
+
+- update to 3.0
+- refreshed disable-uneven-sizes-tests.patch and
skip_openssl_memleak_test.patch
+ * Removed support for passing an Extension instance
+ to from_issuer_subject_key_identifier(), as per our deprecation policy.
+ * Support for LibreSSL 2.7.x, 2.8.x, and 2.9.0 has been removed
+ * Dropped support for macOS 10.9, macOS users must upgrade to 10.10 or newer.
+ * RSA generate_private_key() no longer accepts public_exponent values except
+ 65537 and 3 (the latter for legacy purposes).
+ * X.509 certificate parsing now enforces that the version field contains
+ a valid value, rather than deferring this check until version is accessed.
+ * Deprecated support for Python 2
+ * Added support for OpenSSH serialization format for ec, ed25519, rsa and dsa
+ private keys: load_ssh_private_key() for loading and OpenSSH for writing.
+ * Added support for OpenSSH certificates to load_ssh_public_key().
+ * Added encrypt_at_time() and decrypt_at_time() to Fernet.
+ * Added support for the SubjectInformationAccess X.509 extension.
+ * Added support for parsing SignedCertificateTimestamps in OCSP responses.
+ * Added support for parsing attributes in certificate signing requests via
get_attribute_for_oid().
+ * Added support for encoding attributes in certificate signing requests via
add_attribute().
+ * On OpenSSL 1.1.1d and higher cryptography now uses OpenSSL’s built-in CSPRNG
+ instead of its own OS random engine because these versions of OpenSSL
properly reseed on fork.
+ * Added initial support for creating PKCS12 files with
serialize_key_and_certificates().
+
+-------------------------------------------------------------------
Old:
----
cryptography-2.9.2.tar.gz
cryptography-2.9.2.tar.gz.asc
New:
----
cryptography-3.0.tar.gz
cryptography-3.0.tar.gz.asc
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ python-cryptography.spec ++++++
--- /var/tmp/diff_new_pack.Cj99yy/_old 2020-08-01 12:31:23.366468687 +0200
+++ /var/tmp/diff_new_pack.Cj99yy/_new 2020-08-01 12:31:23.366468687 +0200
@@ -1,7 +1,7 @@
#
# spec file for package python-cryptography
#
-# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2020 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -19,7 +19,7 @@
%{?!python_module:%define python_module() python-%{**} python3-%{**}}
%bcond_without python2
Name: python-cryptography
-Version: 2.9.2
+Version: 3.0
Release: 0
Summary: Python library which exposes cryptographic recipes and
primitives
License: Apache-2.0 OR BSD-3-Clause
++++++ cryptography-2.9.2.tar.gz -> cryptography-3.0.tar.gz ++++++
++++ 46609 lines of diff (skipped)
++++++ disable-uneven-sizes-tests.patch ++++++
--- /var/tmp/diff_new_pack.Cj99yy/_old 2020-08-01 12:31:23.618468923 +0200
+++ /var/tmp/diff_new_pack.Cj99yy/_new 2020-08-01 12:31:23.618468923 +0200
@@ -1,14 +1,14 @@
-Index: cryptography-1.0/tests/hazmat/primitives/test_rsa.py
+Index: cryptography-3.0/tests/hazmat/primitives/test_rsa.py
===================================================================
---- cryptography-1.0.orig/tests/hazmat/primitives/test_rsa.py
-+++ cryptography-1.0/tests/hazmat/primitives/test_rsa.py
-@@ -91,7 +91,8 @@ class TestRSA(object):
+--- cryptography-3.0.orig/tests/hazmat/primitives/test_rsa.py
++++ cryptography-3.0/tests/hazmat/primitives/test_rsa.py
+@@ -174,7 +174,8 @@ class TestRSA(object):
("public_exponent", "key_size"),
itertools.product(
- (3, 5, 65537),
-- (1024, 1025, 1026, 1027, 1028, 1029, 1030, 1031, 1536, 2048)
-+ #(1024, 1025, 1026, 1027, 1028, 1029, 1030, 1031, 1536, 2048)
-+ (1024, 1026, 1028, 1030, 1536, 2048)
- )
+ (3, 65537),
+- (1024, 1025, 1026, 1027, 1028, 1029, 1030, 1031, 1536, 2048),
++ #(1024, 1025, 1026, 1027, 1028, 1029, 1030, 1031, 1536, 2048),
++ (1024, 1026, 1028, 1030, 1536, 2048),
+ ),
)
def test_generate_rsa_keys(self, backend, public_exponent, key_size):
++++++ skip_openssl_memleak_test.patch ++++++
--- /var/tmp/diff_new_pack.Cj99yy/_old 2020-08-01 12:31:23.650468953 +0200
+++ /var/tmp/diff_new_pack.Cj99yy/_new 2020-08-01 12:31:23.650468953 +0200
@@ -1,16 +1,18 @@
-diff --git a/tests/hazmat/backends/test_openssl_memleak.py
b/tests/hazmat/backends/test_openssl_memleak.py
-index 6e92e34..3280c47 100644
---- a/tests/hazmat/backends/test_openssl_memleak.py
-+++ b/tests/hazmat/backends/test_openssl_memleak.py
-@@ -118,9 +118,8 @@ def assert_no_memory_leaks(s, argv=[]):
+Index: cryptography-3.0/tests/hazmat/backends/test_openssl_memleak.py
+===================================================================
+--- cryptography-3.0.orig/tests/hazmat/backends/test_openssl_memleak.py
++++ cryptography-3.0/tests/hazmat/backends/test_openssl_memleak.py
+@@ -153,10 +153,9 @@ def assert_no_memory_leaks(s, argv=[]):
def skip_if_memtesting_not_supported():
- return pytest.mark.skipif(
- not Binding().lib.Cryptography_HAS_MEM_FUNCTIONS,
-- reason="Requires OpenSSL memory functions (>=1.1.0)"
+- reason="Requires OpenSSL memory functions (>=1.1.0)",
+- )
+ return pytest.mark.skip(
+ reason="Our FIPS openssl startup code invokes CRYPTO_malloc() which
prevents later debugging via CRYPTO_set_mem_functions()"
- )
++ )
+ @pytest.mark.skip_fips(reason="FIPS self-test sets allow_customize = 0")
