Mailinglist Archive: opensuse-updates (161 mails)

< Previous Next >
openSUSE-RU-2019:0172-1: moderate: Recommended update for Certbot Python modules
openSUSE Recommended Update: Recommended update for Certbot Python modules

Announcement ID: openSUSE-RU-2019:0172-1
Rating: moderate
Affected Products:
openSUSE Backports SLE-15

An update that has 0 recommended fixes can now be installed.


This update for various CertBot modules fixes the following issues:

python-acme was updated to 0.30.2:

* Remove josepy helpers that are no longer needed
* WIP External Account Binding (#6059)
* Implement POST-as-GET requests (#6522)
* ignore erroneously no-member lint error
* Revert acme/acme/
* Bump version to 0.29.0
* remove unused six imports
* Remove module-level ignore::ResourceWarnings
* bring requests back down to 2.4.1 in setup and oldest constraints
* Requests no longer vendorizes urllib3
* Use a newer version of requests because of the upcoming Callable import
Deprecation in Python 3.8 that warns in Python 3.7
* Cover is run on 2.7, so mark 3-only lines as no cover
* Ignore ResourceWarnings in various modules in a 2-compatible way.
* ignore ResourceWarnings in acme tests
* s/assertEquals/assertEqual

* Use the ACMEv2 newNonce endpoint when a new nonce is needed, and
newNonce is available in the directory.
* Warn when using deprecated acme.challenges.TLSSNI01

* acme client now raises an error when you try to create an ACME account
with a key that has already been used
* you can now call query_registration without having to first call

python-certbot was updated to 0.30.2:

* Update the version of setuptools pinned in certbot-auto to 40.6.3 to
solve installation problems on newer OSes.
* Always download the pinned version of pip in pipstrap to address
* Rename old,default.conf to old-and-default.conf to address commas in
filenames breaking recent versions of pip.
* Add VIRTUALENV_NO_DOWNLOAD=1 to all calls to virtualenv to address
breakages from venv downloading the latest pip
* Added the `update_account` subcommand for account management commands.
* The default work and log directories have been changed back to
/var/lib/letsencrypt and /var/log/letsencrypt respectively.
* Noninteractive renewals with `certbot renew` (those not started from a
terminal) now randomly sleep 1-480 seconds before beginning work in
order to spread out load spikes on the server side.
* Added External Account Binding support in cli and acme library. Command
line arguments --eab-kid and --eab-hmac-key added.
* Private key permissioning changes: Renewal preserves existing group mode
& gid of previous private key material. Private keys for new lineages
(i.e. new certs, not renewed) default to 0o600.
* Update code and dependencies to clean up Resource and Deprecation
* Only depend on imgconverter extension for Sphinx >= 1.6
* revoke accepts --cert-name, and doesn't accept both --cert-name and
* Do not conflict with Certbot as now we provide/obsolete it
* Provide and obsolete certbot main package too to ensure we can migrate
to the new split setup directly
* Conflict with certbot package to allow easy migration
* the documentation can be built using Sphinx 1.6+

python-certbot-apache was updated to 0.30.2:

* Various small fixes
* Stop preferring TLS-SNI.
* The grammar used by Augeas parser in Apache plugin was updated to fix
various parsing errors.
* parameter name in OpenSUSE overrides for default parameters
* several other fixes

python-certbot-dns-cloudflare was updated to 0.30.2.

python-certbot-dns-cloudxns was updated to 0.30.2:

* Lockstep with main certbot package
* The CloudXNS plugin is now compatible with Lexicon 3.0+.
* Add runtime requirements.

python-certbot-dns-digitalocean was updated to 0.30.2:

* lockstep with main certbot pkg

python-certbot-dns-dnsimple was updated to 0.30.2:

* lockstep with main certbot package
* The DNSimple plugin is now compatible with Lexicon 3.0+.

python-certbot-dns-dnsmadeeasy was updated to 0.30.2:

* The DNS Made Easy plugin is now compatible with Lexicon 3.0+.

python-certbot-dns-google was updated to 0.30.2:

* Minor logging fixes

python-certbot-dns-luadns was updated to 0.30.2:

* The LuaDNS plugin is now compatible with Lexicon 3.0+.

python-certbot-dns-nsone was updated to 0.30.2:

* The NS1 plugin is now compatible with Lexicon 3.0+.

python-certbot-dns-rfc2136 was updated to 0.30.2.

python-certbot-dns-route53 was updated to 0.30.2:

* Test fix for Route53 plugin to prevent boto3 making outgoing connections.


* Add the package cloudflare needed by python-certbot subpackage


* Added python-digitalocean version 1.13.2 needed by

python-certbot-nginx was updated to version 0.30.2:

* Stop preferring TLS-SNI.
* Match Nginx parser update in allowing variable names to start with ${.
* Fix ranking of vhosts in Nginx so that all port-matching vhosts come

python-jsonlines was added as version 1.2.0.

python-jsonpickle was added as version 0.9.6.

This update was imported from the openSUSE:Leap:15.0:Update update project.

Patch Instructions:

To install this openSUSE Recommended Update use the SUSE recommended
installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15:

zypper in -t patch openSUSE-2019-172=1

Package List:

- openSUSE Backports SLE-15 (noarch):



< Previous Next >
This Thread
  • No further messages