SUSE-RU-2022:4567-1

Описание

This update for python-crcmod, python-cryptography, python-cryptography-vectors contains the following fixes:

python-cryptography:

• Update in SLE-15 (bsc#1177083, jsc#PM-2730, jsc#SLE-18312)
• Refresh patches for new version

• Using the Fernet class to symmetrically encrypt multi gigabyte values. (bsc#1182066, CVE-2020-36242) could result in an integer overflow and buffer overflow.

• update to 2.9.2
  • 2.9.2 - 2020-04-22
    • Updated the macOS wheel to fix an issue where it would not run on macOS versions older than 10.15.
  • 2.9.1 - 2020-04-21
    • Updated Windows, macOS, and manylinux wheels to be compiled with OpenSSL 1.1.1g.
  • 2.9 - 2020-04-02
    • BACKWARDS INCOMPATIBLE: Support for Python 3.4 has been removed due to low usage and maintenance burden.
    • BACKWARDS INCOMPATIBLE: Support for OpenSSL 1.0.1 has been removed. Users on older version of OpenSSL will need to upgrade.
    • BACKWARDS INCOMPATIBLE: Support for LibreSSL 2.6.x has been removed.
    • Removed support for calling public_bytes() with no arguments, as per our deprecation policy. You must now pass encoding and format.
    • BACKWARDS INCOMPATIBLE: Reversed the order in which rfc4514_string() returns the RDNs as required by RFC 4514.
    • Updated Windows, macOS, and manylinux wheels to be compiled with OpenSSL 1.1.1f.
    • Added support for parsing single_extensions in an OCSP response.
    • NameAttribute values can now be empty strings.

Changes in python-cryptography-vectors:

• Update in SLE-15 (bsc#1177083, jsc#PM-2730, jsc#SLE-18312)

• update to 2.9.2:

  • updated vectors for the cryptography 2.9.2 testing