Changelog for
python310-rsa-4.7.2-49.61.noarch.rpm :
* Tue Mar 02 2021 Dirk Müller
- update to 4.7.2:
* Fix picking/unpickling issue introduced in 4.7
* Fix threading issue introduced in 4.7
* Thu Jan 28 2021 Dirk Müller - update to 4.7:
* CVE-2020-25658 - Bleichenbacher-style timing oracle in PKCS#1 v1.5 decryption code
* Add padding length check as described by PKCS#1 v1.5
* Reuse of blinding factors to speed up blinding operations.
* Declare & test support for Python 3.9
* Wed Dec 09 2020 Benjamin Greiner - Remove mypy test requirement. The test calls mypy via its API. But mypy as importable module is only available for the default python3 flavor. For packaging, we don\'t need to run the static type checker at all.- Remove mock requirement.
* Sun Aug 16 2020 John Vandenberg - Replace setup.py test with pytest- Remove %bcond_without tests
* Tue Jun 23 2020 Dirk Mueller - update to v 4.6.0 (bsc#1172389)
* Choose blinding factor relatively prime to N. Thanks Christian Heimes for pointing this out.
* Reject cyphertexts (when decrypting) and signatures (when verifying) that have been modified by prepending zero bytes. This resolves CVE-2020-13757. Thanks Carnil for pointing this out.
* Rolled back the switch to Poetry, and reverted back to using Pipenv + setup.py for dependency management. There apparently is an issue no-binary installs of packages build with Poetry. This fixes #148 Limited SHA3 support to those Python versions (3.6+) that support it natively. The third-party library that adds support for this to Python 3.5 is a binary package, and thus breaks the pure-Python nature of Python-RSA. This should fix #147.
* Added support for Python 3.8.
* Dropped support for Python 2 and 3.4.
* Added type annotations to the source code. This will make Python-RSA easier to use in your IDE, and allows better type checking.
* Added static type checking via MyPy.
* Fix #129 Installing from source gives UnicodeDecodeError.
* Switched to using Poetry for package management.
* Choose blinding factor relatively prime to N. Thanks Christian Heimes for pointing this out.
* Reject cyphertexts (when decrypting) and signatures (when verifying) that
* have been modified by prepending zero bytes. This resolves CVE-2020-13757.
* Sat Mar 23 2019 Dirk Mueller - fix build on older distributions
* Sat Feb 16 2019 John Vandenberg - Update to v 4.0.0
* Removed deprecated modules: + rsa.varblock + rsa.bigfile + rsa._version133 + rsa._version200
* Removed CLI commands that use the VARBLOCK/bigfile format.
* Ensured that PublicKey.save_pkcs1() and PrivateKey.save_pkcs1() always return bytes.
* Dropped support for Python 2.6 and 3.3.
* Dropped support for Psyco.
* Miller-Rabin iterations determined by bitsize of key.
* Added function `rsa.find_signature_hash()` to return the name of the hashing algorithm used to sign a message. `rsa.verify()` now also returns that name, instead of always returning `True`.
* Add support for SHA-224 for PKCS1 signatures.
* Transitioned from `requirements.txt` to Pipenv for package management.
* Tue Dec 04 2018 Matej Cepl - Remove superfluous devel dependency for noarch package
* Mon May 01 2017 toddrme2178AATTgmail.com- Update to Version 3.4.2
* Fixed dates in CHANGELOG.txt- Update to Version 3.4.1
* Included tests/private.pem in MANIFEST.in
* Included README.md and CHANGELOG.txt in MANIFEST.in- Update to Version 3.4
* Moved development to Github: https://github.com/sybrenstuvel/python-rsa
* Solved side-channel vulnerability by implementing blinding, fixes #19
* Deprecated the VARBLOCK format and rsa.bigfile module due to security issues, see https://github.com/sybrenstuvel/python-rsa/issues/13
* Integration with Travis-CI, Coveralls and Code Climate
* Deprecated the old rsa._version133 and rsa._version200 submodules, they will be completely removed in version 4.0.
* Add an \'exponent\' argument to key.newkeys()
* Switched from Solovay-Strassen to Miller-Rabin primality testing, to comply with NIST FIPS 186-4 as probabilistic primality test (Appendix C, subsection C.3):
* Fixed bugs #12, #14, #27, #30, #49- Update to Version 3.3
* Thanks to Filippo Valsorda: Fix BB\'06 attack in verify() by switching from parsing to comparison.
* Simplified Tox configuration and dropped Python 3.2 support. The coverage package uses a u\'\' prefix, which was reintroduced in 3.3 for ease of porting.- Update to Version 3.2.3
* Added character encoding markers for Python 2.x- Update to Version 3.2.1
* Added per-file licenses
* Added support for wheel packages
* Made example code more consistent and up to date with Python 3.4- Update to Version 3.2
* Mentioned support for Python 3 in setup.py- Implement single-spec version.- Fix source URL.- Remove cve_2016-1494.diff, fixed in latest version.
* Tue Jan 05 2016 rjschweiAATTsuse.com- Fix CVE 2016-1494 (bsc#960680) - Add patch cve_2016-1494.diff