Changelog for
python312-pysaml2-7.4.2-86.12.x86_64.rpm :
* Mon Jan 29 2024 Petr Gajdos
- update to 7.4.2:
* Add support for xmlsec1 1.3.x
* Use the set crypto_backend when creating the entity metadata
* ## 7.4.1 (2023-02-24)
* Fix subject-id requirements processing
* ## 7.4.0 (2023-02-14)
* Ensure the ID of each Signature element is unique when signing an encrypted assertion
* Bump Python to 3.9
* dev: Add mypy configuration and type stubs
* tests: move tox.ini config into pyproject.toml
* docs: Update release instructions
* ## 7.3.0 (2023-02-14)
* During metadata generation, render extensions both for EntityDescriptor and IdPSSODescriptor
* Fix compatibility with certain SAML implementation that inflate messasges on the POST binding
* Update the SWAMID entity category requirements
* Fix check for NameID when it originates from an encrypted asssertion
* Add support for pymongo `>=3.5` and `<5`
* Update README with supported specifications
* Remove dependency on the six package
* Cleanup unused imports and pythonisms for Python versions older than 3.6
* Convert README to markdown
* Introduce flake8 to check for issues
* Use black and isort to manage formatting and imports
* Use poetry to manage the project dependencies, packaging and versions
* Fix whitespace typos on the eIDAS schemas
* Try different logout bindings on the saml2.client level
* Add the mailLocalAddress attribute as part of the saml and shib uri name format bundles
* Add the isMemberOf attribute as part of the basic attribute format bundle- drop upstreamed pymongo-4-support.patch
* Sun Jun 11 2023 ecsos - Add %{?sle15_python_module_pythons}
* Tue Nov 15 2022 Rolf Krahl - Fix dependencies according to upstream setup.cfg
* Thu Oct 06 2022 Yogalakshmi Arunachalam - version update to 7.2.1 (2022-08-23)
* Accept and forward sign and digest alg information when creating a metadata string
* Fix tests to comply with latest xmlschema- version update to 7.2.0 (2022-08-10)
* Add schemas for eIDAS extensions, elements and attributes
* Add the voPerson v2 attributes mappings; see reference
* Add the registration_info_typ method on saml2.mdstore.MetadataStore to get the registration information from an EntityDescriptor services
* Allow exceptions to convey the SAML StatusCode in an error response
* Fix typo on method name under saml2.mdstore.MetadataStore; from sbibmd_scopes to shibmd_scopes
* Add partial support for xs:date AttributeValue type
* Fallback to xs:string as the type of the AttributeValue text node
* Fallback to the authn context class declaration to set the authn context class reference
* Αdd configuration option http_client_timeout to set a timeout on the HTTP calls by the httpbase module
* Load certificates using cryptography and support certificate chains
* Remove deprecated cryptography backend param
* Fix assertion policy filter: Fallback to match a known attribute or return its name
* examples: Allow multiple attributes to be returned by the idp
* tests: Minor cleanups
* docs: Reference python2 compatible fork
* misc: add pepy badges on the README file
* Thu Jul 28 2022 Steve Kowalik - Add patch pymongo-4-support.patch:
* Support pymongo >= 4
* Thu Apr 07 2022 pgajdosAATTsuse.com- version update to 7.1.2 [#]# 7.1.2 (2022-03-04) - fix assertion policy filter to try to resolve the local_name using the friendly name if it failed with the name_format - reload metadata in-place to avoid memory leak - tests: Restrict pymongo to v3 - docs: highlight installation command [#]# 7.1.1 (2022-02-22) - Process and verify the metadata signature for EntitiesDescriptor and EntityDescriptor - Fix client to be able to retry creating an AuthnRequest with a different binding - Allow requested_authn_context to be an object - AttributeValues are optional; allow Attributes to not have values - Update SWAMID entity category to support https://myacademicid.org/entity-categories/esi - Fix signing for requests with the SOAP binding - tests: new test case for signed SOAP LogoutRequests - docs: document the metadata node_name option for the remote source - examples: align with latest updates - deps: declare setuptools as a requirement for processing the package version - build: add python 3.9 and 3.10 to classifiers - misc: linter fixes [#]# 7.1.0 (2021-11-16) - Fix signature verification for the redirect binding for AuthnRequest and LogoutRequest. - Include encryption KeyName in encrypted assertions. - Add \"reason\" field in invalid signature errors due to invalid document format. - New SP configuration option requested_authn_context to set the preferred RequestedAuthnContext class reference. - Add support for metadata refresh by adding a metadata_reload method into saml2.Entity. This method is to be externally invoked, and to receive the same metadata configuration as what was passed under the metadata key to saml2.Config. The method loads a new metadata configuration and swaps it in (replacing the references across several objects that hold a metadata reference). - Fix SessionIndex resolution during logout. - Fix AuthnResponse::get_subject to be able to decrypt a NameID with the given keys. - Refactor AuthnResponse::authn_info to consider DeclRef equivalent to ClassRef. - Ensure creation of multiple ePTIDs is handled correctly. - Improve signature checks by ensuring the Object element is absent, enforcing allowed transform aglorithms, enforcing allowed canonicalization methods and requiring the enveloped-signature transform to be present. - mdstore: Make unknown metadata extensions available through the internal metadata. - mdstore: Fix the exception handler of the InMemoryMetaData object. - mdstore: Fix the serialization of the MetadataStore object. - examples: Fix code to catter changes in interfaces. - examples: Update certificates to avoid SSL KEY TO SMALL errors. - docs: Significant improvement on the configuration options documentation. - docs: Fix typos.- python-mock is not required for build
* Fri Jul 02 2021 Michael Ströder - removed obsolete 0001-Always-use-base64.encodebytes-base64.encodestring-ha.patch- Update to 7.0.1:
* 7.0.1 (2021-05-20) - Preserve order of response bindings on IdP-initiated logout - Fix use of expected binding on SP logout
* 7.0.0 (2021-05-18) -
*
*BREAKING
*
* Replace encryption method rsa-1_5 with rsa-oaep-mgf1p - Add documentation next to the code
* 6.5.2 (2021-05-18) - Add shibmd_scopes metadata extractor - Allow the Issuer element on a Response to be missing - Respect the preferred_binding configuration for the single_logout_service - Fix logout signature flags for redirect, post and soap requests - Respect the logout_requests_signed configuration option - Fix crash when applying policy on RequestedAttribute without a friendlyName - Correctly validate IssueInstant - Correctly handle AudienceRestriction elements with no value - Raise InvalidAssertion exception when assertion requirements are not met - Raise SAMLError on failure to parse a metadata file - Raise StatusInvalidAuthnResponseStatement when the AuthnStatement is not valid - Handle all forms of ACS endpoint specifications - tests: Always use base64.encodebytes; base64.encodestring has been dropped - build: Set minimum version needed for xmlschema - docs: Update Travis CI badge from travis-ci.org to travis-ci.com - examples: Fix example code
* Mon Apr 26 2021 Dirk Müller - add 0001-Always-use-base64.encodebytes-base64.encodestring-ha.patch
* Mon Jan 25 2021 Dirk Müller - update requires
* Wed Jan 20 2021 Michael Ströder - Update to 6.5.1:
* Fix the parser to take into account both the xs and xsd namespace prefixes
* Wed Jan 20 2021 Michael Ströder - Update to 6.5.0 - Security release
* Fix processing of invalid SAML XML documents - CVE-2021-21238
* Fix unspecified xmlsec1 key-type preference - CVE-2021-21239
* Add more tests regarding XSW attacks
* Add XML Schemas for SAML2 and common extensions
* Fix the XML parser to not break on ePTID AttributeValues
* Fix the initialization value of the return_addrs property of the StatusResponse object
* Fix SWAMID entity-category policy regarding eduPersonTargetedID
* data: use importlib to load package data (backwards compatibility through the importlib_resources package)
* docs: improve the documentation for the signing_algorithm and digest_algorithm options
* examples: fix the logging configuration of the example-IdP
* tests: allow tests to pass on 32bit systems by properly choosing dates in test XML documents
* tests: improvements on the generation of response and assertion objects
* tests: expand tests on python-3.9 and python-3.10-dev- added new build dependencies:
* python3-importlib-resources
* python3-xmlschema
* update-alternatives- removed obsolete avoid-too-large-dates.patch- replaced %python3_alternative by %python_alternative
* Wed Jan 06 2021 Matej Cepl - Add avoid-too-large-dates.patch to avoid test failures on i586 (Y38K bug; gh#IdentityPython/pysaml2#759)
* Mon Jan 04 2021 Matej Cepl - Skip test test_filter_ava_registration_authority_1 (gh#IdentityPython/pysaml2#759).