Change log for python-cryptography package in Ubuntu
| 1 → 75 of 102 results | First • Previous • Next • Last |
python-cryptography (41.0.7-4build3) noble; urgency=medium * No-change rebuild for CVE-2024-3094 -- Steve Langasek <email address hidden> Sun, 31 Mar 2024 17:04:20 +0000
Available diffs
python-cryptography (41.0.7-4build2) noble; urgency=medium * No-change rebuild for consistent binaries. -- Steve Langasek <email address hidden> Fri, 08 Mar 2024 00:25:22 +0000
Available diffs
| Superseded in noble-proposed |
python-cryptography (41.0.7-4build1) noble; urgency=medium * No-change rebuild against libssl3t64 -- Steve Langasek <email address hidden> Mon, 04 Mar 2024 21:06:46 +0000
Available diffs
- diff from 41.0.7-4 (in Debian) to 41.0.7-4build1 (489 bytes)
python-cryptography (2.8-3ubuntu0.3) focal-security; urgency=medium
* SECURITY UPDATE: exposure of confidential data
- debian/patches/CVE-2023-50782.patch: update bindings in
src/_cffi_src/openssl/rsa.py to be compatible with new openssl version
31.1.1f-1ubuntu2.22, which fixes the issue by changing PKCS#1 v1.5 RSA to
return random output instead of an exception when detecting wrong padding
- CVE-2023-50782
-- Jorge Sancho Larraz <email address hidden> Thu, 29 Feb 2024 11:30:05 +0100
Available diffs
python-cryptography (3.4.8-1ubuntu2.2) jammy-security; urgency=medium
* SECURITY UPDATE: exposure of confidential data
- debian/patches/CVE-2023-50782.patch: update bindings in
src/_cffi_src/openssl/rsa.py to be compatible with new openssl version
3.0.2-0ubuntu1.15, which fixes the issue by changing PKCS#1 v1.5 RSA to
return random output instead of an exception when detecting wrong padding
- CVE-2023-50782
-- Jorge Sancho Larraz <email address hidden> Thu, 29 Feb 2024 12:14:30 +0100
Available diffs
python-cryptography (38.0.4-4ubuntu0.23.10.2) mantic-security; urgency=medium
* SECURITY UPDATE: exposure of confidential data
- debian/patches/CVE-2023-50782.patch: update bindings in
src/_cffi_src/openssl/rsa.py to be compatible with new openssl version
3.0.10-1ubuntu2.3, which fixes the issue by changing PKCS#1 v1.5 RSA to
return random output instead of an exception when detecting wrong padding
- CVE-2023-50782
* SECURITY UPDATE: null pointer dereference
- debian/patches/CVE-2024-26130.patch: null check before dereference
- CVE-2024-26130
-- Jorge Sancho Larraz <email address hidden> Tue, 27 Feb 2024 11:36:15 +0100
Available diffs
python-cryptography (41.0.7-4) unstable; urgency=medium * orphan -- Sandro Tosi <email address hidden> Wed, 28 Feb 2024 12:23:58 -0500
Available diffs
- diff from 41.0.7-3 to 41.0.7-4 (527 bytes)
| Deleted in noble-updates (Reason: superseded by release) |
| Superseded in noble-release |
| Deleted in noble-proposed (Reason: Moved to noble) |
python-cryptography (41.0.7-3) unstable; urgency=medium * Upgrade to pyo3 0.20. Closes: #1063365 -- Jérémy Lal <email address hidden> Thu, 08 Feb 2024 15:34:30 +0100
Available diffs
- diff from 38.0.4-4ubuntu1 (in Ubuntu) to 41.0.7-3 (312.5 KiB)
- diff from 41.0.7-2 to 41.0.7-3 (2.0 KiB)
python-cryptography (41.0.7-2) unstable; urgency=medium * patch: drop pem 1.0 workaround, depends pem 1.1. Closes: 1060294. * autopkgtest: fix version of cryptography-vectors -- Jérémy Lal <email address hidden> Tue, 09 Jan 2024 01:14:48 +0100
Available diffs
- diff from 41.0.7-1 to 41.0.7-2 (1.2 KiB)
python-cryptography (41.0.7-1) unstable; urgency=medium
* Team upload
* New upstream version 41.0.7
* patch: remove n/a, disable a test to keep building with pem 1.0
* Update deps
* Bump Standards-Version
[ Sandro Tosi ]
* New upstream release; Closes: #1031049
- fixes CVE-2023-23931
* debian/watch
- remove pgpsigurlmangle, .asc file no longer on PyPI
[ Nicolas Dandrimont ]
* New upstream version 41.0.3
-- Jérémy Lal <email address hidden> Sun, 07 Jan 2024 13:24:39 +0100
Available diffs
python-cryptography (2.8-3ubuntu0.2) focal-security; urgency=medium
* SECURITY UPDATE: corrupted output via immutable objects
- debian/patches/CVE-2023-23931.patch: don't allow update_into to
mutate immutable objects in tests/hazmat/primitives/test_ciphers.py,
src/cryptography/hazmat/backends/openssl/ciphers.py.
- CVE-2023-23931
-- Marc Deslauriers <email address hidden> Mon, 04 Dec 2023 15:04:00 -0500
Available diffs
python-cryptography (3.4.8-1ubuntu2.1) jammy-security; urgency=medium
* SECURITY UPDATE: corrupted output via immutable objects
- debian/patches/CVE-2023-23931.patch: don't allow update_into to
mutate immutable objects in tests/hazmat/primitives/test_ciphers.py,
src/cryptography/hazmat/backends/openssl/ciphers.py.
- CVE-2023-23931
* SECURITY UPDATE: DoS via PKCS7 certificate
- debian/patches/CVE-2023-49083.patch: fix crash when loading a PKCS#7
bundle with no certificates in
src/cryptography/hazmat/backends/openssl/backend.py,
tests/hazmat/primitives/test_pkcs7.py.
- CVE-2023-49083
-- Marc Deslauriers <email address hidden> Mon, 04 Dec 2023 14:58:43 -0500
Available diffs
python-cryptography (38.0.4-2ubuntu0.1) lunar-security; urgency=medium
* SECURITY UPDATE: corrupted output via immutable objects
- debian/patches/CVE-2023-23931.patch: don't allow update_into to
mutate immutable objects in tests/hazmat/primitives/test_ciphers.py,
src/cryptography/hazmat/backends/openssl/ciphers.py.
- CVE-2023-23931
* SECURITY UPDATE: DoS via PKCS7 certificate
- debian/patches/CVE-2023-49083.patch: fix crash when loading a PKCS#7
bundle with no certificates in
src/cryptography/hazmat/backends/openssl/backend.py,
tests/hazmat/primitives/test_pkcs7.py.
- CVE-2023-49083
-- Marc Deslauriers <email address hidden> Mon, 04 Dec 2023 14:54:05 -0500
Available diffs
python-cryptography (38.0.4-4ubuntu0.23.10.1) mantic-security; urgency=medium
* SECURITY UPDATE: DoS via PKCS7 certificate
- debian/patches/CVE-2023-49083.patch: fix crash when loading a PKCS#7
bundle with no certificates in
src/cryptography/hazmat/backends/openssl/backend.py,
tests/hazmat/primitives/test_pkcs7.py.
- CVE-2023-49083
-- Marc Deslauriers <email address hidden> Mon, 04 Dec 2023 14:48:36 -0500
Available diffs
python-cryptography (38.0.4-4ubuntu1) noble; urgency=medium
* SECURITY UPDATE: DoS via PKCS7 certificate
- debian/patches/CVE-2023-49083.patch: fix crash when loading a PKCS#7
bundle with no certificates in
src/cryptography/hazmat/backends/openssl/backend.py,
tests/hazmat/primitives/test_pkcs7.py.
- CVE-2023-49083
-- Marc Deslauriers <email address hidden> Mon, 04 Dec 2023 14:37:03 -0500
Available diffs
| Superseded in noble-release |
| Published in mantic-release |
| Deleted in mantic-proposed (Reason: Moved to mantic) |
python-cryptography (38.0.4-4) unstable; urgency=medium
* Team Upload.
[ Peter Michael Green ]
* Don't depend on librust-indoc-dev, it's not used directly,
instead depend on the "default" feature of librust-pyo3-dev.
* Apply adjusted upstream patch for py03 0.19 and bump
dependencies accordingly (Closes: #1038746, #1042160)
[ Nicolas Dandrimont ]
* Fix tests when using recent tzdata (dropping the US timezone
symlinks)
-- Nicolas Dandrimont <email address hidden> Tue, 08 Aug 2023 17:16:11 +0200
Available diffs
- diff from 38.0.4-3 to 38.0.4-4 (2.6 KiB)
python-cryptography (38.0.4-3) unstable; urgency=medium
[ Salvatore Bonaccorso ]
* Don't allow update_into to mutate immutable objects (CVE-2023-23931)
(Closes: #1031049)
-- Sandro Tosi <email address hidden> Tue, 28 Feb 2023 00:36:13 -0500
Available diffs
- diff from 38.0.4-2 to 38.0.4-3 (1.3 KiB)
| Superseded in mantic-release |
| Published in lunar-release |
| Deleted in lunar-proposed (Reason: Moved to lunar) |
python-cryptography (38.0.4-2) unstable; urgency=medium
* Team upload.
* Patch: Remove the runtime dependency on cffi from .dist-info.
(Closes: #1026537)
-- Stefano Rivera <email address hidden> Sun, 08 Jan 2023 16:31:04 -0400
Available diffs
- diff from 3.4.8-2 to 38.0.4-2 (346.2 KiB)
- diff from 38.0.4-1 to 38.0.4-2 (1.0 KiB)
python-cryptography (38.0.4-1) unstable; urgency=medium
[ Claudius Heine ]
* New upstream release (Closes: #1011155).
* Dropped openssl3 patches, no longer required.
* Integrated build of embedded rust library.
* debian/control
- bump b-d on cryptography-vectors to 38.0.4
- build using pybuild-plugin-pyproject
- remove dependencies dropped by upstream
- add pytest-benchmark to b-d, needed for tests
- add setuptools-rust to b-d, needed for the Rust part of the build
- add cargo and other rust pkgs to b-d
- bump Standards-Version to 4.6.1 (no changes needed)
* debian/pydist-overrides, debian/py3dist-overrides
- remove dependencies dropped by upstream
* debian/rules
- enable the Rust build
- override dh_dwz to disable multifile
* debian/patches/no-rust.patch
- removed, we are actually building the Rust code now
* debian/python-cryptography-doc.doc-base
- add doc-base
* debian/source/options
- exclude some packaging files updated during build
* debian/patches/Upgrade-to-pyo3-0.*
- add support for pyo3 0.16 and 0.17
* debian/patches/allow-pem-version-1.0.patch
- relax pem rust versioned dependency
* debian/patches/ease-asn1-version-from-0.12.1-to-0.12.patch
- relax asn1 rust versioned dependency
* debian/patches/ease-chrono-dependency-from-0.4.22-to-0.4.patch
- relax chrono rust versioned dependency
[ Sandro Tosi ]
* debian/control
- run wrap-and-sort
-- Sandro Tosi <email address hidden> Thu, 15 Dec 2022 12:00:09 -0500
| Superseded in lunar-release |
| Obsolete in kinetic-release |
| Deleted in kinetic-proposed (Reason: Moved to kinetic) |
python-cryptography (3.4.8-2) unstable; urgency=medium * Team upload. * Add support for OpenSSL 3.0.1 (Closes: #1006008) -- Stefano Rivera <email address hidden> Wed, 18 May 2022 12:22:15 -0400
Available diffs
| Superseded in kinetic-release |
| Published in jammy-release |
| Deleted in jammy-proposed (Reason: Moved to jammy) |
python-cryptography (3.4.8-1ubuntu2) jammy; urgency=medium * d/p/skip-test-openssl-memleak.patch: Skip test until fixed upstream. -- Corey Bryant <email address hidden> Fri, 25 Mar 2022 15:48:46 -0400
Available diffs
- diff from 3.4.8-1ubuntu1 to 3.4.8-1ubuntu2 (743 bytes)
python-cryptography (3.4.8-1ubuntu1) jammy; urgency=medium
* d/p/openssl3/0007-openssl-3.0.1-ftbfs.patch: fix ftbfs with
openssl 3.0.1 (LP: #1956514)
-- Andreas Hasenack <email address hidden> Wed, 05 Jan 2022 18:30:32 +0000
Available diffs
python-cryptography (3.4.8-1) unstable; urgency=medium
[ Simon Chopin ]
* New upstream release.
- Closes: #995431
* d/p/no_rust.patch, d/control: Disable the Rust part of the build
since it's not yet mandatory
* d/control, d/tests/control: new build-dependency on python-pytest-subtests
for the testsuite
* d/p/openssl3/*: Cherry-pick a patchset for OpenSSL3 compatibility.
- LP: #1946189
[ Tristan Seligmann ]
* Update standards version to 4.6.0, no changes needed.
* Fix Python dir glob for 3.10.
-- Tristan Seligmann <email address hidden> Wed, 01 Dec 2021 17:54:50 +0200
Available diffs
- diff from 3.3.2-1build1 (in Ubuntu) to 3.4.8-1 (134.0 KiB)
| Superseded in jammy-release |
| Deleted in jammy-proposed (Reason: Moved to jammy) |
| Deleted in impish-proposed (Reason: Moved to jammy) |
python-cryptography (3.3.2-1build1) impish; urgency=medium * No-change rebuild to build packages with zstd compression. -- Matthias Klose <email address hidden> Thu, 07 Oct 2021 12:22:53 +0200
Available diffs
- diff from 3.3.2-1 (in Debian) to 3.3.2-1build1 (347 bytes)
| Superseded in jammy-release |
| Obsolete in impish-release |
| Obsolete in hirsute-release |
| Deleted in hirsute-proposed (Reason: moved to Release) |
python-cryptography (3.3.2-1) unstable; urgency=high
* New upstream release.
- Fixes CVE-2020-36242.
-- Tristan Seligmann <email address hidden> Wed, 10 Feb 2021 10:15:26 +0200
Available diffs
- diff from 3.3.1-1 to 3.3.2-1 (1.5 KiB)
python-cryptography (3.3.1-1) unstable; urgency=medium [ Sandro Tosi ] * Use the new Debian Python Team contact name and address [ Tristan Seligmann ] * New upstream release. -- Tristan Seligmann <email address hidden> Tue, 26 Jan 2021 10:05:25 +0200
Available diffs
- diff from 3.2.1-1 to 3.3.1-1 (33.4 KiB)
python-cryptography (3.2.1-1) unstable; urgency=medium
[ Ondřej Nový ]
* d/control: Update Vcs-* fields with new Debian Python Team Salsa
layout.
[ Tristan Seligmann ]
* New upstream release.
- Closes: #973247 (CVE-2020-25659)
-- Tristan Seligmann <email address hidden> Sun, 01 Nov 2020 15:22:43 +0200
Available diffs
- diff from 3.0-1build1 (in Ubuntu) to 3.2.1-1 (63.2 KiB)
- diff from 3.1-1 to 3.2.1-1 (21.8 KiB)
python-cryptography (1.2.3-1ubuntu0.3) xenial-security; urgency=medium
* SECURITY UPDATE: Bleichenbacher timing oracle attack
- debian/patches/CVE-2020-25659.patch: Attempt to mitigate
Bleichenbacher attacks on RSA decryption docs/spelling_wordlist.txt,
src/cryptography/hazmat/backends/openssl/rsa.py.
- CVE-2020-25659
-- <email address hidden> (Leonidas S. Barbosa) Wed, 28 Oct 2020 11:55:13 -0300
Available diffs
python-cryptography (2.1.4-1ubuntu1.4) bionic-security; urgency=medium
* SECURITY UPDATE: Bleichenbacher timing oracle attack
- debian/patches/CVE-2020-25659.patch: Attempt to mitigate
Bleichenbacher attacks on RSA decryption docs/spelling_wordlist.txt,
src/cryptography/hazmat/backends/openssl/rsa.py.
- CVE-2020-25659
-- <email address hidden> (Leonidas S. Barbosa) Wed, 28 Oct 2020 13:50:26 -0300
python-cryptography (2.8-3ubuntu0.1) focal-security; urgency=medium
* SECURITY UPDATE: Bleichenbacher timing oracle attack
- debian/patches/CVE-2020-25659.patch: Attempt to mitigate
Bleichenbacher attacks on RSA decryption docs/spelling_wordlist.txt,
src/cryptography/hazmat/backends/openssl/rsa.py.
- CVE-2020-25659
-- <email address hidden> (Leonidas S. Barbosa) Wed, 28 Oct 2020 13:10:56 -0300
Available diffs
python-cryptography (3.0-1ubuntu0.1) groovy-security; urgency=medium
* SECURITY UPDATE: Bleichenbacher timing oracle attack
- debian/patches/CVE-2020-25659.patch: Attempt to mitigate
Bleichenbacher attacks on RSA decryption docs/spelling_wordlist.txt,
src/cryptography/hazmat/backends/openssl/rsa.py.
- CVE-2020-25659
-- <email address hidden> (Leonidas S. Barbosa) Wed, 28 Oct 2020 13:27:06 -0300
Available diffs
python-cryptography (3.0-1build1) hirsute; urgency=medium * No-change rebuild to build with python3.9 as supported. -- Matthias Klose <email address hidden> Sat, 24 Oct 2020 12:44:20 +0200
Available diffs
- diff from 3.0-1 (in Debian) to 3.0-1build1 (332 bytes)
python-cryptography (3.1-1) unstable; urgency=medium * New upstream release. -- Tristan Seligmann <email address hidden> Sat, 29 Aug 2020 15:51:55 +0200
Available diffs
- diff from 3.0-1build1 (in Ubuntu) to 3.1-1 (44.8 KiB)
| Superseded in hirsute-release |
| Obsolete in groovy-release |
| Deleted in groovy-proposed (Reason: moved to Release) |
python-cryptography (3.0-1) unstable; urgency=medium * New upstream release. -- Tristan Seligmann <email address hidden> Tue, 21 Jul 2020 10:22:33 +0200
Available diffs
- diff from 2.8-4 to 3.0-1 (276.5 KiB)
- diff from 2.9.2-1 to 3.0-1 (269.2 KiB)
python-cryptography (2.9.2-1) unstable; urgency=medium
* New upstream release (closes: #963114).
- Drop cherry-picked patches.
* Switch to dh-sequence-*.
* Bump debhelper-compat to 13.
* Apply sphinxdoc:Built-Using.
* Use local python3-doc inventory.
-- Tristan Seligmann <email address hidden> Sat, 18 Jul 2020 18:25:40 +0200
Available diffs
- diff from 2.8-4 to 2.9.2-1 (18.8 KiB)
python-cryptography (2.8-4) unstable; urgency=medium * Drop python2 support; Closes: #937672 * Add myself to Uploaders (with Maintainer's permission) -- Sandro Tosi <email address hidden> Sat, 04 Apr 2020 18:53:59 -0400
Available diffs
- diff from 2.8-3 to 2.8-4 (1.7 KiB)
| Superseded in groovy-release |
| Published in focal-release |
| Deleted in focal-proposed (Reason: moved to Release) |
python-cryptography (2.8-3) unstable; urgency=medium
* Team upload.
* debian/control
- use python3-sphinx-rtd-theme; Closes: #950448
-- Sandro Tosi <email address hidden> Sat, 01 Feb 2020 20:01:51 -0500
Available diffs
python-cryptography (2.8-2) unstable; urgency=medium * Fix autopkgtest deps (Closes: #950262). * Depend on python-all-dev instead of python-dev. * Bump Standards-Version to 4.5.0 (no changes). -- Tristan Seligmann <email address hidden> Fri, 31 Jan 2020 10:50:12 +0200
Available diffs
- diff from 2.8-1ubuntu2 (in Ubuntu) to 2.8-2 (625 bytes)
python-cryptography (2.8-1ubuntu2) focal; urgency=medium * Update autopkg test dependencies. -- Matthias Klose <email address hidden> Thu, 30 Jan 2020 18:55:56 +0100
Available diffs
- diff from 2.6.1-4ubuntu1 to 2.8-1ubuntu2 (68.0 KiB)
- diff from 2.8-1ubuntu1 to 2.8-1ubuntu2 (503 bytes)
| Superseded in focal-proposed |
python-cryptography (2.8-1ubuntu1) focal; urgency=medium * Build-depend on python-all-dev instead of python-dev. -- Matthias Klose <email address hidden> Thu, 30 Jan 2020 10:39:37 +0100
Available diffs
- diff from 2.6.1-4ubuntu1 to 2.8-1ubuntu1 (67.8 KiB)
python-cryptography (2.6.1-4ubuntu1) focal; urgency=medium * Build depend on python-all-dev instead of python-dev. -- Matthias Klose <email address hidden> Sat, 25 Jan 2020 11:34:39 +0100
Available diffs
- diff from 2.6.1-4 (in Debian) to 2.6.1-4ubuntu1 (505 bytes)
- diff from 2.6.1-4build1 to 2.6.1-4ubuntu1 (474 bytes)
| Superseded in focal-proposed |
python-cryptography (2.6.1-4build1) focal; urgency=medium * No-change rebuild to build with python3.8. -- Matthias Klose <email address hidden> Sat, 25 Jan 2020 04:38:45 +0000
Available diffs
- diff from 2.6.1-4 (in Debian) to 2.6.1-4build1 (336 bytes)
python-cryptography (2.6.1-4) unstable; urgency=medium
[ Ondřej Nový ]
* Use debhelper-compat instead of debian/compat.
[ Moritz Muehlenhoff ]
* Cherrypick 92241410b5b0591d849443b3023992334a4be0a2 and
9a22851fab924fd58482fdad3f8dd23dc3987f91 from upstream which
addresses a memory leak triggerable when parsing x509
certificate extensions like AIA, thanks to Valentin
Gutierrez for the report (Closes: #941413)
-- Moritz Muehlenhoff <email address hidden> Fri, 18 Oct 2019 14:54:14 +0200
Available diffs
- diff from 2.6.1-3.1 to 2.6.1-4 (3.6 KiB)
| Superseded in focal-release |
| Obsolete in eoan-release |
| Deleted in eoan-proposed (Reason: moved to Release) |
python-cryptography (2.6.1-3.1) unstable; urgency=medium
* Non-maintainer upload.
* Backport two patches to fix the testsute with newer openssl.
* Ignore test_load_ecdsa_no_named_curve in the testsuite because it known to
break with newer openssl (Closes: #940547).
-- Sebastian Andrzej Siewior <email address hidden> Tue, 24 Sep 2019 21:10:32 +0200
Available diffs
python-cryptography (2.6.1-3ubuntu1) eoan; urgency=low
* Merge from Debian unstable. Remaining changes:
- run tests only against default python3 version.
Available diffs
- diff from 2.6.1-3 (in Debian) to 2.6.1-3ubuntu1 (917 bytes)
python-cryptography (2.6.1-3) unstable; urgency=medium * Fix autopkgtest dependencies. -- Tristan Seligmann <email address hidden> Sat, 09 Mar 2019 13:25:47 +0200
Available diffs
- diff from 2.3-1ubuntu2 (in Ubuntu) to 2.6.1-3 (134.1 KiB)
| Superseded in bionic-security |
| Superseded in bionic-updates |
| Deleted in bionic-proposed (Reason: moved to -updates) |
python-cryptography (2.1.4-1ubuntu1.3) bionic; urgency=medium
* Rebuild against OpenSSL 1.1.1, cherrypick upstream testsuite fix for
1.1.1. LP: #1797386
-- Dimitri John Ledkov <email address hidden> Mon, 17 Dec 2018 11:16:35 +1100
Available diffs
| Superseded in eoan-release |
| Obsolete in disco-release |
| Deleted in disco-proposed (Reason: moved to release) |
python-cryptography (2.3-1ubuntu2) disco; urgency=medium * No-change rebuild to build for python3.7 as the default. -- Matthias Klose <email address hidden> Wed, 31 Oct 2018 12:36:42 +0000
Available diffs
- diff from 2.3-1ubuntu1 to 2.3-1ubuntu2 (360 bytes)
python-cryptography (1.2.3-1ubuntu0.2) xenial-security; urgency=medium
* debian/patches/add_x509_up_ref.patch: add X509_up_ref function for
pyopenssl security update.
-- Marc Deslauriers <email address hidden> Thu, 18 Oct 2018 07:18:59 -0400
Available diffs
| Superseded in disco-release |
| Obsolete in cosmic-release |
| Deleted in cosmic-proposed (Reason: moved to release) |
python-cryptography (2.3-1ubuntu1) cosmic; urgency=medium
* Appears to fail tests on arm64 with python3.7, and such combination is
only executed as an autopkgtest. In autopkgtest, disable running tests
against all supported py3 version, and run against default version
only. Opened https://pad.lv/1795768 to track this issue.
-- Dimitri John Ledkov <email address hidden> Wed, 03 Oct 2018 01:44:31 +0100
Available diffs
- diff from 2.3-1 (in Debian) to 2.3-1ubuntu1 (842 bytes)
- diff from 2.3-1build1 to 2.3-1ubuntu1 (621 bytes)
| Superseded in cosmic-proposed |
python-cryptography (2.3-1build1) cosmic; urgency=high * No change rebuild against openssl 1.1.1 with TLS 1.3 support. -- Dimitri John Ledkov <email address hidden> Sat, 29 Sep 2018 01:36:56 +0100
Available diffs
- diff from 2.3-1 (in Debian) to 2.3-1build1 (544 bytes)
python-cryptography (2.3-1) unstable; urgency=medium
* New upstream release (closes: #904072).
- Fixes CVE-2018-10903.
* Bump Standards-Version to 4.1.5 (no changes).
-- Tristan Seligmann <email address hidden> Sat, 28 Jul 2018 05:50:55 +0200
Available diffs
python-cryptography (2.2.2-1ubuntu1) cosmic; urgency=medium
* SECURITY UPDATE: GCM disallow implicit tag truncation
- debian/patches/CVE-2018-10903.patch: fix in
docs/hazmat/primitives/symmetric-encryption.rst,
src/cryptography/hazmat/backends/openssl/ciphers.py,
src/cryptography/hazmat/primitives/ciphers/modes.py,
tests/hazmat/primitives/test_aes.py.
- CVE-2018-10903
-- <email address hidden> (Leonidas S. Barbosa) Fri, 20 Jul 2018 14:35:34 -0300
Available diffs
python-cryptography (2.1.4-1ubuntu1.2) bionic-security; urgency=medium
* SECURITY UPDATE: GCM disallow implicit tag truncation
- debian/patches/CVE-2018-10903.patch: fix in
docs/hazmat/primitives/symmetric-encryption.rst,
src/cryptography/hazmat/backends/openssl/ciphers.py,
src/cryptography/hazmat/primitives/ciphers/modes.py,
tests/hazmat/primitives/test_aes.py.
- CVE-2018-10903
-- <email address hidden> (Leonidas S. Barbosa) Fri, 20 Jul 2018 11:09:59 -0300
Available diffs
python-cryptography (2.2.2-1) unstable; urgency=medium
[ Ondřej Nový ]
* d/control: Set Vcs-* to salsa.debian.org
* d/copyright: Use https protocol in Format field
* d/control: Remove ancient X-Python-Version field
* d/control: Remove ancient X-Python3-Version field
[ Tristan Seligmann ]
* New upstream release (closes: #901076).
- Fixed compatibility with newer Sphinx (closes: #896631).
* Populate debian/upstream/metadata.
* Bump Standards-Version to 4.1.4 (no changes).
* Bump debhelper compat level to 11.
* Tighten vectors dependency for autopkgtests (closes: #884484).
-- Tristan Seligmann <email address hidden> Sat, 09 Jun 2018 16:28:09 +0200
Available diffs
| Superseded in cosmic-release |
| Published in bionic-release |
| Deleted in bionic-proposed (Reason: moved to release) |
python-cryptography (2.1.4-1ubuntu1.1) bionic; urgency=medium
* d/control: Reverted addition of python-cffi as it is not apparently
necessary.
-- Corey Bryant <email address hidden> Thu, 08 Mar 2018 10:28:34 -0500
Available diffs
- diff from 2.1.4-1ubuntu1 to 2.1.4-1ubuntu1.1 (620 bytes)
python-cryptography (2.1.4-1ubuntu1) bionic; urgency=medium * d/control: Add python-cffi to binary package dependencies (LP: #1752660). -- Corey Bryant <email address hidden> Mon, 05 Mar 2018 14:37:41 -0500
Available diffs
- diff from 2.1.4-1build2 to 2.1.4-1ubuntu1 (613 bytes)
python-cryptography (2.1.4-1build2) bionic; urgency=high * No change rebuild against openssl1.1. -- Dimitri John Ledkov <email address hidden> Mon, 05 Feb 2018 16:52:17 +0000
Available diffs
- diff from 2.1.4-1build1 to 2.1.4-1build2 (330 bytes)
python-cryptography (2.1.4-1build1) bionic; urgency=medium * No change rebuild for openssl 1.0.2n. -- Dimitri John Ledkov <email address hidden> Mon, 29 Jan 2018 14:16:13 +0000
Available diffs
- diff from 2.1.4-1 (in Debian) to 2.1.4-1build1 (529 bytes)
python-cryptography (2.1.4-1) unstable; urgency=medium * New upstream release (closes: #884062). * Add DPMT to Uploaders. * Bump Standards-Version to 4.1.2 (no changes). -- Tristan Seligmann <email address hidden> Mon, 11 Dec 2017 13:47:46 +0200
Available diffs
- diff from 2.1.3-3 to 2.1.4-1 (2.0 KiB)
python-cryptography (2.1.3-3) unstable; urgency=medium
* Filter out manually translated dependencies from requires.txt as
dh_python is not doing this for us (closes: #882011, #882170).
-- Tristan Seligmann <email address hidden> Sun, 19 Nov 2017 23:31:53 +0200
Available diffs
- diff from 1.9-1 to 2.1.3-3 (152.4 KiB)
| Superseded in bionic-release |
| Obsolete in artful-release |
| Deleted in artful-proposed (Reason: moved to release) |
python-cryptography (1.9-1) unstable; urgency=medium
* New upstream release.
- Replaced pyasn1 with asn1crypto.
* Bump Standards-Version to 4.0.0 (no changes).
-- Tristan Seligmann <email address hidden> Tue, 20 Jun 2017 21:19:23 +0200
Available diffs
- diff from 1.7.1-3 to 1.9-1 (92.8 KiB)
python-cryptography (1.7.1-3) unstable; urgency=medium
* Apply patch 6e7ea2e7 from upstream to fix compilation against OpenSSL
1.1.0f (closes: #863474).
-- Tristan Seligmann <email address hidden> Sun, 28 May 2017 04:20:33 +0200
Available diffs
python-cryptography (1.7.1-2build1) artful; urgency=medium * No change rebuild to add Python 3.6 support. -- Michael Hudson-Doyle <email address hidden> Tue, 16 May 2017 15:58:48 +1200
Available diffs
- diff from 1.7.1-2 (in Debian) to 1.7.1-2build1 (376 bytes)
| Superseded in artful-release |
| Obsolete in zesty-release |
| Deleted in zesty-proposed (Reason: moved to release) |
python-cryptography (1.7.1-2) unstable; urgency=medium * Apply upstream patch from #3328 to fix test suite on 32-bit arches. -- Tristan Seligmann <email address hidden> Mon, 19 Dec 2016 19:49:14 +0200
Available diffs
- diff from 1.7.1-1 to 1.7.1-2 (1.7 KiB)
python-cryptography (1.7.1-1) unstable; urgency=medium * New upstream release. -- Tristan Seligmann <email address hidden> Wed, 14 Dec 2016 07:59:21 +0200
Available diffs
- diff from 1.5.3-1 to 1.7.1-1 (57.0 KiB)
python-cryptography (1.5-2ubuntu0.1) yakkety-security; urgency=medium
* SECURITY UPDATE: HKDF might return an empty byte-string
- debian/patches/CVE-2016-9243.patch: fix short length handling in
src/cryptography/hazmat/primitives/kdf/hkdf.py, added test to
tests/hazmat/primitives/test_hkdf.py.
- CVE-2016-9243
-- Marc Deslauriers <email address hidden> Thu, 17 Nov 2016 10:18:38 -0500
Available diffs
python-cryptography (1.2.3-1ubuntu0.1) xenial-security; urgency=medium
* SECURITY UPDATE: HKDF might return an empty byte-string
- debian/patches/CVE-2016-9243.patch: fix short length handling in
src/cryptography/hazmat/primitives/kdf/hkdf.py, added test to
tests/hazmat/primitives/test_hkdf.py.
- CVE-2016-9243
-- Marc Deslauriers <email address hidden> Thu, 17 Nov 2016 10:20:34 -0500
Available diffs
python-cryptography (1.5.3-1) unstable; urgency=medium
* New upstream release.
- Fixes a security issue where HKDF would generate a 0-length key when
asked for a short length key. Urgency medium, because no software in
Debian appears to be affected.
-- Tristan Seligmann <email address hidden> Tue, 08 Nov 2016 05:36:00 +0200
Available diffs
- diff from 1.5.2-1 to 1.5.3-1 (1.8 KiB)
python-cryptography (1.5.2-1) unstable; urgency=medium
* New upstream release.
- Fixes failure on OpenSSL 1.0.2j (closes: #839369)
-- Tristan Seligmann <email address hidden> Sat, 01 Oct 2016 17:26:32 +0200
Available diffs
- diff from 1.5-2 to 1.5.2-1 (3.3 KiB)
| Superseded in zesty-release |
| Obsolete in yakkety-release |
| Deleted in yakkety-proposed (Reason: moved to release) |
python-cryptography (1.5-2) unstable; urgency=medium
* Add missing test dependency on python{,3}-tz.
-- Tristan Seligmann <email address hidden> Sat, 10 Sep 2016 15:40:13 +0200
Available diffs
- diff from 1.5-1ubuntu1 (in Ubuntu) to 1.5-2 (367 bytes)
python-cryptography (1.5-1ubuntu1) yakkety; urgency=medium * Add python-tz and python3-tz as test dependencies. -- Matthias Klose <email address hidden> Sat, 10 Sep 2016 15:20:17 +0200
Available diffs
- diff from 1.4-1 (in Debian) to 1.5-1ubuntu1 (49.9 KiB)
- diff from 1.5-1 (in Debian) to 1.5-1ubuntu1 (438 bytes)
python-cryptography (1.5-1) unstable; urgency=medium
* New upstream release.
- Compatible with OpenSSL 1.1.0 (closes: #828518).
* Version setuptools dependency.
-- Tristan Seligmann <email address hidden> Fri, 26 Aug 2016 18:25:12 +0200
Available diffs
- diff from 1.4-2 to 1.5-1 (49.2 KiB)
python-cryptography (1.4-2) unstable; urgency=medium
* Fix typo in overrides file.
* Add Breaks: on python{,3}-openssl because of incompatibilities between
older PyOpenSSL and Cryptography (see
https://github.com/pyca/pyopenssl/pull/406 for details).
-- Tristan Seligmann <email address hidden> Sat, 16 Jul 2016 07:12:08 +0200
Available diffs
- diff from 1.4-1 to 1.4-2 (903 bytes)
python-cryptography (1.4-1) unstable; urgency=medium
* New upstream release.
* Depend on a new enough dh-python (necessary to handle the python-cffi
mapping correctly) (closes: #827925; technically not present in
testing/unstable anyway).
-- Tristan Seligmann <email address hidden> Thu, 23 Jun 2016 00:26:35 +0200
Available diffs
- diff from 1.3.1-2 to 1.4-1 (38.7 KiB)
- diff from 1.3.4-1 to 1.4-1 (37.1 KiB)
| 1 → 75 of 102 results | First • Previous • Next • Last |
