Ubuntu
python-cryptography package

Change logs for python-cryptography source package in Xenial

  1. Xenial (16.04)
  2. Change log 
  • python-cryptography (1.2.3-1ubuntu0.3) xenial-security; urgency=medium

  * SECURITY UPDATE: Bleichenbacher timing oracle attack
    - debian/patches/CVE-2020-25659.patch: Attempt to mitigate
      Bleichenbacher attacks on RSA decryption docs/spelling_wordlist.txt,
      src/cryptography/hazmat/backends/openssl/rsa.py.
    - CVE-2020-25659

 -- <email address hidden> (Leonidas S. Barbosa)  Wed, 28 Oct 2020 11:55:13 -0300
  • python-cryptography (1.2.3-1ubuntu0.2) xenial-security; urgency=medium

  * debian/patches/add_x509_up_ref.patch: add X509_up_ref function for
    pyopenssl security update.

 -- Marc Deslauriers <email address hidden>  Thu, 18 Oct 2018 07:18:59 -0400
  • python-cryptography (1.2.3-1ubuntu0.1) xenial-security; urgency=medium

  * SECURITY UPDATE: HKDF might return an empty byte-string
    - debian/patches/CVE-2016-9243.patch: fix short length handling in
      src/cryptography/hazmat/primitives/kdf/hkdf.py, added test to
      tests/hazmat/primitives/test_hkdf.py.
    - CVE-2016-9243

 -- Marc Deslauriers <email address hidden>  Thu, 17 Nov 2016 10:20:34 -0500
  • python-cryptography (1.2.3-1) unstable; urgency=medium

  * New upstream release.

 -- Tristan Seligmann <email address hidden>  Sat, 05 Mar 2016 05:40:58 +0200
  • python-cryptography (1.2.2-2) unstable; urgency=medium

  * Import a0bef9dfde0e94bd1a01db1b4fa51632ac842ee7 from upstream: fixes
    memory corruption in test suite (probably only affects 32-bit
    architectures).

 -- Tristan Seligmann <email address hidden>  Mon, 08 Feb 2016 20:44:24 +0200
  • python-cryptography (1.1.1-1ubuntu3) xenial; urgency=medium

  * No-change rebuild to drop python3.4 support.

 -- Matthias Klose <email address hidden>  Tue, 19 Jan 2016 11:47:40 +0000
  • python-cryptography (1.1.1-1ubuntu2) xenial; urgency=medium

  * Revert changes made in version 1.1.1-1ubuntu1.

 -- Corey Bryant <email address hidden>  Tue, 15 Dec 2015 14:35:44 -0500
  • python-cryptography (1.1.1-1ubuntu1) xenial; urgency=medium

  * d/control: Drop python-hypothesis BD until python-hypothesis package
    can run tests.
  * d/p/patch skip-hypothesis-tests.patch: Skip hypothesis test.
  * d/rules: Drop PYBUILD_AFTER_TEST=rm -r {build_dir}/.hypothesis.

 -- Corey Bryant <email address hidden>  Mon, 14 Dec 2015 17:51:17 -0500
  • python-cryptography (1.1.1-1) unstable; urgency=medium

  * New upstream release.

 -- Tristan Seligmann <email address hidden>  Tue, 24 Nov 2015 22:52:31 +0200
  • python-cryptography (1.1-1) unstable; urgency=medium

  * New upstream release.
    - Add new testing dependencies (pyasn1_modules and hypothesis).

 -- Tristan Seligmann <email address hidden>  Thu, 29 Oct 2015 09:13:24 +0200
  • python-cryptography (1.0.2-1) unstable; urgency=medium

  * New upstream release.
    - Fix a potential security issue when running Python in -O mode.

 -- Tristan Seligmann <email address hidden>  Mon, 28 Sep 2015 06:36:07 +0200
  • python-cryptography (1.0.1-1ubuntu1) wily; urgency=medium

  * Merge with Debian; remaining changes:
    - Build-depend on python-ipaddress instead of python-ipaddr (test failures).
    - Don't apply the ipaddr-fallback patch.

 -- Matthias Klose <email address hidden>  Thu, 10 Sep 2015 15:16:20 +0200