Hello community, here is the log from the commit of package python-cryptography for openSUSE:Factory checked in at 2018-07-21 10:09:06 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python-cryptography (Old) and /work/SRC/openSUSE:Factory/.python-cryptography.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-cryptography" Sat Jul 21 10:09:06 2018 rev:40 rq:623675 version:2.3 Changes: -------- --- /work/SRC/openSUSE:Factory/python-cryptography/python-cryptography.changes 2018-06-22 13:14:43.560500003 +0200 +++ /work/SRC/openSUSE:Factory/.python-cryptography.new/python-cryptography.changes 2018-07-21 10:09:10.751185036 +0200 @@ -1,0 +2,21 @@ +Wed Jul 18 13:20:58 UTC 2018 - mich...@stroeder.com + +- update to 2.3: + * SECURITY ISSUE: finalize_with_tag() allowed tag truncation by default + which can allow tag forgery in some cases. The method now enforces the + min_tag_length provided to the GCM constructor. + * Added support for Python 3.7. + * Added extract_timestamp() to get the authenticated timestamp of a Fernet token. + * Support for Python 2.7.x without hmac.compare_digest has been deprecated. + We will require Python 2.7.7 or higher (or 2.7.6 on Ubuntu) in the next + cryptography release. + * Fixed multiple issues preventing cryptography from compiling + against LibreSSL 2.7.x. + * Added get_revoked_certificate_by_serial_number for quick + serial number searches in CRLs. + * The RelativeDistinguishedName class now preserves the order of attributes. + Duplicate attributes now raise an error instead of silently discarding duplicates. + * aes_key_unwrap() and aes_key_unwrap_with_padding() now raise InvalidUnwrap + if the wrapped key is an invalid length, instead of ValueError. + +------------------------------------------------------------------- Old: ---- cryptography-2.2.2.tar.gz cryptography-2.2.2.tar.gz.asc cryptography_vectors-2.2.2.tar.gz New: ---- cryptography-2.3.tar.gz cryptography-2.3.tar.gz.asc cryptography_vectors-2.3.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-cryptography.spec ++++++ --- /var/tmp/diff_new_pack.tyu98j/_old 2018-07-21 10:09:11.611184838 +0200 +++ /var/tmp/diff_new_pack.tyu98j/_new 2018-07-21 10:09:11.615184837 +0200 @@ -19,7 +19,7 @@ %{?!python_module:%define python_module() python-%{**} python3-%{**}} %bcond_without python2 Name: python-cryptography -Version: 2.2.2 +Version: 2.3 Release: 0 Summary: Python library which exposes cryptographic recipes and primitives License: Apache-2.0 OR BSD-3-Clause ++++++ cryptography-2.2.2.tar.gz -> cryptography-2.3.tar.gz ++++++ ++++ 5384 lines of diff (skipped) ++++++ cryptography_vectors-2.2.2.tar.gz -> cryptography_vectors-2.3.tar.gz ++++++ /work/SRC/openSUSE:Factory/python-cryptography/cryptography_vectors-2.2.2.tar.gz /work/SRC/openSUSE:Factory/.python-cryptography.new/cryptography_vectors-2.3.tar.gz differ: char 5, line 1