summaryrefslogtreecommitdiffstats
path: root/meta/recipes-devtools/python/python3-cryptography-vectors_39.0.0.bb
Commit message (Collapse)AuthorAgeFilesLines
* python3-cryptography{-vectors}: 39.0.0 -> 39.0.1Tim Orling2023-02-171-29/+0
| | | | | | | | | | | | | | | | | https://cryptography.io/en/latest/changelog/#v39-0-1 39.0.1 - 2023-02-07 * SECURITY ISSUE - Fixed a bug where Cipher.update_into accepted Python buffer protocol objects, but allowed immutable buffers. CVE-2023-23931 * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.0.8. CVE: CVE-2023-23931 (From OE-Core rev: b2883bb86d8d0f7929b3c7a40f603010fbe153a4) Signed-off-by: Tim Orling <tim.orling@konsulko.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-cryptography{-vectors}: 38.0.4 -> 39.0.0Tim Orling2023-01-241-0/+29
* python3-cryptography-crates.inc: update for 39.0.0 * python3-cryptography-vectors: upgrade 38.0.4 -> 39.0.0 Highlights from Changelog: https://cryptography.io/en/latest/changelog/#v39-0-0 39.0.0 - 2023-01-01 * BACKWARDS INCOMPATIBLE: Support for OpenSSL 1.1.0 has been removed. Users on older version of OpenSSL will need to upgrade. * BACKWARDS INCOMPATIBLE: Dropped support for LibreSSL < 3.5. The new minimum LibreSSL version is 3.5.0. Going forward our policy is to support versions of LibreSSL that are available in versions of OpenBSD that are still receiving security support. * BACKWARDS INCOMPATIBLE: Removed the encode_point and from_encoded_point methods on EllipticCurvePublicNumbers, which had been deprecated for several years. public_bytes() and from_encoded_point() should be used instead. * BACKWARDS INCOMPATIBLE: Support for using MD5 or SHA1 in CertificateBuilder, other X.509 builders, and PKCS7 has been removed. * ANNOUNCEMENT: The next version of cryptography (40.0) will change the way we link OpenSSL. This will only impact users who build cryptography from source (i.e., not from a wheel), and specify their own version of OpenSSL. For those users, the CFLAGS, LDFLAGS, INCLUDE, LIB, and CRYPTOGRAPHY_SUPPRESS_LINK_FLAGS environment variables will no longer be respected. (From OE-Core rev: 904574c49c51f1862c6b888a3e5889bd972df42d) Signed-off-by: Tim Orling <tim.orling@konsulko.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>