Also upgrade python3-cryptography-vectors
Refresh python3-cryptography-crates.inc
42.0.7 - 2024-05-06
Restored Windows 7 compatibility for our pre-built wheels. Note that we
do not test on Windows 7 and wheels for our next release will not support
it. Microsoft no longer provides support for Windows 7 and users are
encouraged to upgrade.
42.0.6 - 2024-05-04
Fixed compilation when using LibreSSL 3.9.1.
https://cryptography.io/en/latest/changelog/#v42-0-7https://cryptography.io/en/latest/changelog/#v42-0-6https://github.com/pyca/cryptography/compare/42.0.5...42.0.7
(From OE-Core rev: e4b16965cea57f72554c2e71ec07091afeeec9d8)
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Includes an upgrade to pyo3 from 0.20.0 to 0.20.3 which fixes ppc64
* Refresh -crates.inc
https://cryptography.io/en/latest/changelog/#v42-0-5https://cryptography.io/en/latest/changelog/#v42-0-4https://cryptography.io/en/latest/changelog/#v42-0-3
42.0.5 - 2024-02-23
* Limit the number of name constraint checks that will be performed in
X.509 path validation to protect against denial of service attacks.
* Upgrade pyo3 version, which fixes building on PowerPC.
42.0.4 - 2024-02-20
* Fixed a null-pointer-dereference and segfault that could occur when
creating a PKCS#12 bundle. Credit to Alexander-Programming for
reporting the issue. CVE-2024-26130
* Fixed ASN.1 encoding for PKCS7/SMIME signed messages. The fields
SMIMECapabilities and SignatureAlgorithmIdentifier should now be
correctly encoded according to the definitions in RFC 2633 RFC 3370.
42.0.3 - 2024-02-15
* Fixed an initialization issue that caused key loading failures for
some users.
CVE: CVE-2024-26130
https://nvd.nist.gov/vuln/detail/CVE-2024-26130
(From OE-Core rev: 83dad4a93ff81c6c1e048443e0827d825670158b)
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
https://github.com/pyca/cryptography/compare/41.0.5...41.0.7https://cryptography.io/en/latest/changelog/#v41-0-7https://cryptography.io/en/latest/changelog/#v41-0-6
41.0.7 - 2023-11-27
Fixed compilation when using LibreSSL 3.8.2.
41.0.6 - 2023-11-27
Fixed a null-pointer-dereference and segfault that could occur when loading
certificates from a PKCS#7 bundle. Credit to pkuzco for reporting the issue.
CVE: CVE-2023-49083
(From OE-Core rev: 25fba6dd44f64e1e476c2e537d4a20cdbdc7ed25)
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
https://cryptography.io/en/latest/changelog/#v41-0-2
41.0.2 - 2023-07-10
* Fixed bugs in creating and parsing SSH certificates where critical
options with values were handled incorrectly. Certificates are now
created correctly and parsing accepts correct values as well as the
previously generated invalid forms with a warning. In the next release,
support for parsing these invalid forms will be removed.
Refresh python3-cryptography-crates.inc:
- crate://crates.io/proc-macro2/1.0.59 \
+ crate://crates.io/proc-macro2/1.0.64 \
(From OE-Core rev: ea836919fc26af1508ccf0c40843109d52e738eb)
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* it's needed for compatibility with updated fetcher from:
https://patchwork.yoctoproject.org/project/bitbake/patch/20230405122125.3358972-1-enrico.scholz@sigma-chemnitz.de/
* easiest way to regenerate these is:
echo > meta/recipes-devtools/python/python3-cryptography-crates.inc
bitbake -c update_crates python3-cryptography
git commit
(From OE-Core rev: bf6a3cd70d13f05f0e2af2b54635214690a68a78)
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-cryptography-crates.inc: update for 39.0.0
* python3-cryptography-vectors: upgrade 38.0.4 -> 39.0.0
Highlights from Changelog:
https://cryptography.io/en/latest/changelog/#v39-0-0
39.0.0 - 2023-01-01
* BACKWARDS INCOMPATIBLE: Support for OpenSSL 1.1.0 has been removed.
Users on older version of OpenSSL will need to upgrade.
* BACKWARDS INCOMPATIBLE: Dropped support for LibreSSL < 3.5. The new
minimum LibreSSL version is 3.5.0. Going forward our policy is to
support versions of LibreSSL that are available in versions of OpenBSD
that are still receiving security support.
* BACKWARDS INCOMPATIBLE: Removed the encode_point and from_encoded_point
methods on EllipticCurvePublicNumbers, which had been deprecated for
several years. public_bytes() and from_encoded_point() should be used
instead.
* BACKWARDS INCOMPATIBLE: Support for using MD5 or SHA1 in
CertificateBuilder, other X.509 builders, and PKCS7 has been removed.
* ANNOUNCEMENT: The next version of cryptography (40.0) will change the
way we link OpenSSL. This will only impact users who build cryptography
from source (i.e., not from a wheel), and specify their own version of
OpenSSL. For those users, the CFLAGS, LDFLAGS, INCLUDE, LIB, and
CRYPTOGRAPHY_SUPPRESS_LINK_FLAGS environment variables will no longer
be respected.
(From OE-Core rev: 904574c49c51f1862c6b888a3e5889bd972df42d)
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This allows semi-automated updates to the list of crates, which
is far too awkward to maintain by hand, particularly on version updates.
(From OE-Core rev: 1071e2fdd23271bf5df60712263838fe70276c67)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
