Changelog for
python3-tlslite-0.4.9-1.1.noarch.rpm :
Tue Aug 23 14:00:00 2016 gwasserAATTgmail.com
- Update to version 0.4.9
+ Fixed denial of service (runtime exception) on malformed packet (Hubert Kario)
+ Fixed session caching bug (Mirko Dziadzka)
+ Fixed SRP spec non-compliance
+ Added FALLBACK_SCSV (David Benjamin)
+ Unit testing (Hubert Kario)
+ \"make test\" and \"make test-dev\" targets (Hubert Kario)
- Update to version 0.4.8 - 11/12/2014
+ Added more acknowledgements and security considerations
- Update to version 0.4.7 - 11/12/2014
+ Added TLS 1.2 support (Yngve Pettersen and Paul Sokolovsky)
+ Don\'t offer SSLv3 by default (e.g. POODLE)
+ Fixed bug with PyCrypto_RSA integration
+ Fixed harmless bug that added non-prime into sieves list
+ Added \"make test\" and \"make test-dev\" targets (Hubert Kario)
Sun Nov 17 13:00:00 2013 p.drouandAATTgmail.com
- Update to version 0.4.6
+
*
*API CHANGE
*
*: TLSClosedConnectionError instead of ValueError when writing
to a closed connection. This inherits from socket.error, so should
interact better with SocketServer (see http://bugs.python.org/issue14574)
and other things expecting a socket.error in this situation.
+ Added support for RC4-MD5 ciphersuite (if enabled in settings)
This is allegedly necessary to connect to some Internet servers.
+ Added TLSConnection.unread() function
+ Switched to New-style classes (inherit from 'object')
+ Minor cleanups
- Changes from 0.4.5
+ release engineering problem, skipped!
- Changes from 0.4.4
+ Added Python 3 support
+ Added NPN client support
+ Switched to RC4 as preferred cipher
faster in Python, avoids "Lucky 13" timing attacks
+ Fixed bug when specifying ciphers for anon ciphersuites
+ Made RSA hashAndVerify() tolerant of sigs w/o encoded NULL AlgorithmParam
(this function is not used for TLS currently, and this tolerance may
not even be necessary)
- Remove useless CFLAGS definition
- Remove redundant %clean section
Tue Nov 13 13:00:00 2012 jfunkAATTfunktronics.ca
- Update to 0.4.3:
* Minor bugfix (0.4.2 doesn't load tackpy)
- 0.4.2 - 9/25/2012
* Updated TACK (compatible with tackpy 0.9.9)
Wed May 23 14:00:00 2012 jfunkAATTfunktronics.ca
- Update to 0.4.1
* Fixed RSA padding bugs (w/help from John Randolph)
* Updated TACK (compatible with tackpy 0.9.7)
* Added SNI
* Added NPN server support (Sam Rushing/Google)
* Added AnonDH (Dimitris Moraitis)
* Added X509CertChain.parsePemList
* Improved XML-RPC (Kees Bos)
Mon Feb 13 13:00:00 2012 jfunkAATTfunktronics.ca
- Update spec to reflect current conventions
- Update to 0.4.0:
- Fixed pycrypto support
- Fixed python 2.6 problems
- 0.3.9.x - 2/7/2012
- Much code cleanup, in particular decomposing the handshake functions so
they are readable. The main new feature is support for Convergence TACK,
an experimental authentication method that provides a new way to pin
server certificates (See https://github.com/moxie0/Convergence/wiki/TACK ).
- Security Fixes
- Sends SCSV ciphersuite as per RFC 5746, to signal non-renegotiated
Client Hello. Does not support renegotiation (never has).
- Change from e=3 to e=65537 for generated RSA keys, not strictly
necessary but mitigates risk of sloppy verifier.
- 1/(n-1) countermeasure for BEAST.
- Behavior changes:
- Split cmdline into tls.py and tlstest.py, improved options.
- Formalized LICENSE.
- Defaults to closing socket after sending close_notify, fixes hanging.
problem that would occur sometime when waiting for other party's
close_notify.
- Update SRP to RFC 5054 compliance.
- Removed client handshake "callbacks", no longer support the SRP
re-handshake idiom within a single handshake function.
- Bugfixes
- Added hashlib support, removes Deprecation Warning due to sha and md5.
- Handled GeneratorExit exceptions that are a new Python feature, and
interfere with the async code if not handled.
- Removed:
- Shared keys (it was based on an ancient I-D, not TLS-PSK).
- cryptlib support, it wasn't used much, we have enough other options.
- cryptoIDs (Convergence TACK is better).
- win32prng extension module, as os.urandom is now available.
- Twisted integration (unused?, slowed down loading).
- Jython code (ancient, didn't work).
- Compat support for python versions < 2.7.
- Additions
- Support for Convergence TACK via TACKpy.
- Support for CertificateRequest.certificate_authorities ("reqCAs")
- Added TLSConnection.shutdown() to better mimic socket.
- Enabled Session resumption for XMLRPCTransport.
Fri Feb 19 13:00:00 2010 jfunkAATTfunktronics.ca
- Use --record-rpm
- Build as noarch
- Split off doc package
Wed Aug 23 14:00:00 2006 James Oakley <jfunkAATTfunktronics.ca> - 0.3.8-3
- Set prefix
Tue Jul 25 14:00:00 2006 James Oakley <jfunkAATTfunktronics.ca> - 0.3.8-2
- Build under build service
Thu Dec 1 13:00:00 2005 James Oakley <jfunkAATTfunktronics.ca> - 0.3.8-1
- Initial release