Hello community, here is the log from the commit of package python-cryptography for openSUSE:Factory checked in at 2020-08-01 12:31:06 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python-cryptography (Old) and /work/SRC/openSUSE:Factory/.python-cryptography.new.3592 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "python-cryptography" Sat Aug 1 12:31:06 2020 rev:50 rq:823211 version:3.0 Changes: -------- --- /work/SRC/openSUSE:Factory/python-cryptography/python-cryptography.changes 2020-05-28 09:06:36.143570046 +0200 +++ /work/SRC/openSUSE:Factory/.python-cryptography.new.3592/python-cryptography.changes 2020-08-01 12:31:21.922467335 +0200 @@ -1,0 +2,26 @@ +Tue Jul 28 17:16:47 UTC 2020 - Ondřej Súkup <mimi.vx@gmail.com> + +- update to 3.0 +- refreshed disable-uneven-sizes-tests.patch and skip_openssl_memleak_test.patch + * Removed support for passing an Extension instance + to from_issuer_subject_key_identifier(), as per our deprecation policy. + * Support for LibreSSL 2.7.x, 2.8.x, and 2.9.0 has been removed + * Dropped support for macOS 10.9, macOS users must upgrade to 10.10 or newer. + * RSA generate_private_key() no longer accepts public_exponent values except + 65537 and 3 (the latter for legacy purposes). + * X.509 certificate parsing now enforces that the version field contains + a valid value, rather than deferring this check until version is accessed. + * Deprecated support for Python 2 + * Added support for OpenSSH serialization format for ec, ed25519, rsa and dsa + private keys: load_ssh_private_key() for loading and OpenSSH for writing. + * Added support for OpenSSH certificates to load_ssh_public_key(). + * Added encrypt_at_time() and decrypt_at_time() to Fernet. + * Added support for the SubjectInformationAccess X.509 extension. + * Added support for parsing SignedCertificateTimestamps in OCSP responses. + * Added support for parsing attributes in certificate signing requests via get_attribute_for_oid(). + * Added support for encoding attributes in certificate signing requests via add_attribute(). + * On OpenSSL 1.1.1d and higher cryptography now uses OpenSSL’s built-in CSPRNG + instead of its own OS random engine because these versions of OpenSSL properly reseed on fork. + * Added initial support for creating PKCS12 files with serialize_key_and_certificates(). + +------------------------------------------------------------------- Old: ---- cryptography-2.9.2.tar.gz cryptography-2.9.2.tar.gz.asc New: ---- cryptography-3.0.tar.gz cryptography-3.0.tar.gz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-cryptography.spec ++++++ --- /var/tmp/diff_new_pack.Cj99yy/_old 2020-08-01 12:31:23.366468687 +0200 +++ /var/tmp/diff_new_pack.Cj99yy/_new 2020-08-01 12:31:23.366468687 +0200 @@ -1,7 +1,7 @@ # # spec file for package python-cryptography # -# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2020 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -19,7 +19,7 @@ %{?!python_module:%define python_module() python-%{**} python3-%{**}} %bcond_without python2 Name: python-cryptography -Version: 2.9.2 +Version: 3.0 Release: 0 Summary: Python library which exposes cryptographic recipes and primitives License: Apache-2.0 OR BSD-3-Clause ++++++ cryptography-2.9.2.tar.gz -> cryptography-3.0.tar.gz ++++++ ++++ 46609 lines of diff (skipped) ++++++ disable-uneven-sizes-tests.patch ++++++ --- /var/tmp/diff_new_pack.Cj99yy/_old 2020-08-01 12:31:23.618468923 +0200 +++ /var/tmp/diff_new_pack.Cj99yy/_new 2020-08-01 12:31:23.618468923 +0200 @@ -1,14 +1,14 @@ -Index: cryptography-1.0/tests/hazmat/primitives/test_rsa.py +Index: cryptography-3.0/tests/hazmat/primitives/test_rsa.py =================================================================== ---- cryptography-1.0.orig/tests/hazmat/primitives/test_rsa.py -+++ cryptography-1.0/tests/hazmat/primitives/test_rsa.py -@@ -91,7 +91,8 @@ class TestRSA(object): +--- cryptography-3.0.orig/tests/hazmat/primitives/test_rsa.py ++++ cryptography-3.0/tests/hazmat/primitives/test_rsa.py +@@ -174,7 +174,8 @@ class TestRSA(object): ("public_exponent", "key_size"), itertools.product( - (3, 5, 65537), -- (1024, 1025, 1026, 1027, 1028, 1029, 1030, 1031, 1536, 2048) -+ #(1024, 1025, 1026, 1027, 1028, 1029, 1030, 1031, 1536, 2048) -+ (1024, 1026, 1028, 1030, 1536, 2048) - ) + (3, 65537), +- (1024, 1025, 1026, 1027, 1028, 1029, 1030, 1031, 1536, 2048), ++ #(1024, 1025, 1026, 1027, 1028, 1029, 1030, 1031, 1536, 2048), ++ (1024, 1026, 1028, 1030, 1536, 2048), + ), ) def test_generate_rsa_keys(self, backend, public_exponent, key_size): ++++++ skip_openssl_memleak_test.patch ++++++ --- /var/tmp/diff_new_pack.Cj99yy/_old 2020-08-01 12:31:23.650468953 +0200 +++ /var/tmp/diff_new_pack.Cj99yy/_new 2020-08-01 12:31:23.650468953 +0200 @@ -1,16 +1,18 @@ -diff --git a/tests/hazmat/backends/test_openssl_memleak.py b/tests/hazmat/backends/test_openssl_memleak.py -index 6e92e34..3280c47 100644 ---- a/tests/hazmat/backends/test_openssl_memleak.py -+++ b/tests/hazmat/backends/test_openssl_memleak.py -@@ -118,9 +118,8 @@ def assert_no_memory_leaks(s, argv=[]): +Index: cryptography-3.0/tests/hazmat/backends/test_openssl_memleak.py +=================================================================== +--- cryptography-3.0.orig/tests/hazmat/backends/test_openssl_memleak.py ++++ cryptography-3.0/tests/hazmat/backends/test_openssl_memleak.py +@@ -153,10 +153,9 @@ def assert_no_memory_leaks(s, argv=[]): def skip_if_memtesting_not_supported(): - return pytest.mark.skipif( - not Binding().lib.Cryptography_HAS_MEM_FUNCTIONS, -- reason="Requires OpenSSL memory functions (>=1.1.0)" +- reason="Requires OpenSSL memory functions (>=1.1.0)", +- ) + return pytest.mark.skip( + reason="Our FIPS openssl startup code invokes CRYPTO_malloc() which prevents later debugging via CRYPTO_set_mem_functions()" - ) ++ ) + @pytest.mark.skip_fips(reason="FIPS self-test sets allow_customize = 0")