Compare commits

..

10 Commits

Author SHA1 Message Date
Benjamin A. Beasley
fdff266e83 Update to 41.0.7, fixes rhbz#2255351, CVE-2023-49083 2024-02-01 10:48:14 -05:00
Fedora Release Engineering
cee9a5770d Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild 2024-01-26 02:54:42 +00:00
Fedora Release Engineering
1c91adf0cd Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild 2024-01-22 00:29:41 +00:00
Fabio Valentini
3f8bd894be
Rebuild for openssl crate >= v0.10.60 (RUSTSEC-2023-0044, RUSTSEC-2023-0072) 2023-12-01 16:14:04 +01:00
Christian Heimes
bee6bfddb5 Update to 41.0.5, resolves RHBZ#2239707 2023-10-26 17:20:09 +02:00
Christian Heimes
c8cc5d4cdc Build with ouroboros 0.17, fixes rhbz#2214228 / RUSTSEC-2023-0042 2023-08-14 07:24:10 +02:00
Christian Heimes
7b18e1445d Update to 41.0.3
- Update to upstream version 41.0.3
- Use pyo3 0.19

Resolves: rhbz#2211237
2023-08-10 08:41:01 +02:00
Fedora Release Engineering
9421b4a468 Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2023-07-21 08:43:20 +00:00
Python Maint
f32ed18be7 Rebuilt for Python 3.12 2023-07-10 14:05:42 +02:00
Python Maint
bd226dd0d0 Bootstrap for Python 3.12 2023-06-14 16:13:50 +02:00
5 changed files with 113 additions and 5 deletions

6
.gitignore vendored
View File

@ -55,3 +55,9 @@
/cryptography-40.0.1-vendor.tar.bz2
/cryptography-40.0.2.tar.gz
/cryptography-40.0.2-vendor.tar.bz2
/cryptography-41.0.3.tar.gz
/cryptography-41.0.3-vendor.tar.bz2
/cryptography-41.0.5-vendor.tar.bz2
/cryptography-41.0.5.tar.gz
/cryptography-41.0.7.tar.gz
/cryptography-41.0.7-vendor.tar.bz2

13
ouroboros-0.17.patch Normal file
View File

@ -0,0 +1,13 @@
diff --git a/src/rust/Cargo.toml b/src/rust/Cargo.toml
index 9dd060f8b..8004c7e76 100644
--- a/src/rust/Cargo.toml
+++ b/src/rust/Cargo.toml
@@ -15,7 +15,7 @@ cryptography-cffi = { path = "cryptography-cffi" }
cryptography-x509 = { path = "cryptography-x509" }
cryptography-openssl = { path = "cryptography-openssl" }
pem = "1.1"
-ouroboros = "0.15"
+ouroboros = "0.17"
openssl = "0.10.54"
openssl-sys = "0.9.88"
foreign-types-shared = "0.1"

52
pyo3-0.19.patch Normal file
View File

@ -0,0 +1,52 @@
diff --git a/src/rust/Cargo.toml b/src/rust/Cargo.toml
index 01fba147e..9dd060f8b 100644
--- a/src/rust/Cargo.toml
+++ b/src/rust/Cargo.toml
@@ -9,7 +9,7 @@ rust-version = "1.56.0"
[dependencies]
once_cell = "1"
-pyo3 = { version = "0.18", features = ["abi3-py37"] }
+pyo3 = { version = "0.19", features = ["abi3-py37"] }
asn1 = { version = "0.15.2", default-features = false }
cryptography-cffi = { path = "cryptography-cffi" }
cryptography-x509 = { path = "cryptography-x509" }
diff --git a/src/rust/cryptography-cffi/Cargo.toml b/src/rust/cryptography-cffi/Cargo.toml
index 65051c2a4..24e53991b 100644
--- a/src/rust/cryptography-cffi/Cargo.toml
+++ b/src/rust/cryptography-cffi/Cargo.toml
@@ -8,7 +8,7 @@ publish = false
rust-version = "1.56.0"
[dependencies]
-pyo3 = { version = "0.18", features = ["abi3-py37"] }
+pyo3 = { version = "0.19", features = ["abi3-py37"] }
openssl-sys = "0.9.88"
[build-dependencies]
diff --git a/src/rust/src/x509/crl.rs b/src/rust/src/x509/crl.rs
index 923015035..1380d6eb8 100644
--- a/src/rust/src/x509/crl.rs
+++ b/src/rust/src/x509/crl.rs
@@ -145,7 +145,7 @@ impl CertificateRevocationList {
revoked_certs
});
- if idx.is_instance_of::<pyo3::types::PySlice>()? {
+ if idx.is_instance_of::<pyo3::types::PySlice>() {
let indices = idx
.downcast::<pyo3::types::PySlice>()?
.indices(self.len().try_into().unwrap())?;
diff --git a/src/rust/src/x509/extensions.rs b/src/rust/src/x509/extensions.rs
index 98d1bd63b..dcf28833f 100644
--- a/src/rust/src/x509/extensions.rs
+++ b/src/rust/src/x509/extensions.rs
@@ -211,7 +211,7 @@ fn encode_certificate_policies(
let mut qualifiers = vec![];
for py_qualifier in py_policy_qualifiers.iter()? {
let py_qualifier = py_qualifier?;
- let qualifier = if py_qualifier.is_instance_of::<pyo3::types::PyString>()? {
+ let qualifier = if py_qualifier.is_instance_of::<pyo3::types::PyString>() {
let cps_uri = match asn1::IA5String::new(py_qualifier.extract()?) {
Some(s) => s,
None => {

View File

@ -5,8 +5,8 @@
%global srcname cryptography
Name: python-%{srcname}
Version: 40.0.2
Release: 2%{?dist}
Version: 41.0.7
Release: 1%{?dist}
Summary: PyCA's cryptography library
# cryptography is dual licensed under the Apache-2.0 and BSD-3-Clause,
@ -19,6 +19,9 @@ Source0: https://github.com/pyca/cryptography/archive/%{version}/%{srcnam
Source1: cryptography-%{version}-vendor.tar.bz2
Source2: conftest-skipper.py
Patch1: pyo3-0.19.patch
Patch2: ouroboros-0.17.patch
ExclusiveArch: %{rust_arches}
BuildRequires: openssl-devel
@ -69,8 +72,11 @@ cryptography is a package designed to expose cryptographic primitives and
recipes to Python developers.
%prep
%autosetup -p1 -n %{srcname}-%{version}
%autosetup -p1 -N -n %{srcname}-%{version}
%if 0%{?fedora}
# patch pyo3 and ouroboros depedency
%autopatch -p1 1
%autopatch -p1 2
%cargo_prep
rm src/rust/Cargo.lock
%else
@ -131,6 +137,37 @@ PYTHONPATH=${PWD}/vectors:%{buildroot}%{python3_sitearch} \
%{python3_sitearch}/%{srcname}-%{version}-py*.egg-info
%changelog
* Thu Feb 01 2024 Benjamin A. Beasley <code@musicinmybrain.net> - 41.0.7-1
- Update to 41.0.7, fixes rhbz#2255351, CVE-2023-49083
* Fri Jan 26 2024 Fedora Release Engineering <releng@fedoraproject.org> - 41.0.5-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Mon Jan 22 2024 Fedora Release Engineering <releng@fedoraproject.org> - 41.0.5-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Fri Dec 01 2023 Fabio Valentini <decathorpe@gmail.com> - 41.0.5-2
- Rebuild for openssl crate >= v0.10.60 (RUSTSEC-2023-0044, RUSTSEC-2023-0072)
* Thu Oct 26 2023 Christian Heimes <cheimes@redhat.com> - 41.0.5-1
- Update to 41.0.5, resolves RHBZ#2239707
* Mon Aug 14 2023 Christian Heimes <cheimes@redhat.com> - 41.0.3-2
- Build with ouroboros 0.17, fixes rhbz#2214228 / RUSTSEC-2023-0042
* Wed Aug 09 2023 Christian Heimes <cheimes@redhat.com> - 41.0.3-1
- Update to 41.0.3, resolves rhbz#2211237
- Use pyo3 0.19
* Fri Jul 21 2023 Fedora Release Engineering <releng@fedoraproject.org> - 40.0.2-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Mon Jul 10 2023 Python Maint <python-maint@redhat.com> - 40.0.2-4
- Rebuilt for Python 3.12
* Wed Jun 14 2023 Python Maint <python-maint@redhat.com> - 40.0.2-3
- Bootstrap for Python 3.12
* Tue Jun 13 2023 Yaakov Selkowitz <yselkowi@redhat.com> - 40.0.2-2
- Use vendored rust-pem in RHEL builds

View File

@ -1,2 +1,2 @@
SHA512 (cryptography-40.0.2.tar.gz) = 4f49a71cc7348cf90ff4e67d73486a07e065efdc3e321c7f2a642dd459057a90b1c26055bdbed076ebe5b8ea4ec544aaa62b9811fd62f0d818af7e0687b4aa9e
SHA512 (cryptography-40.0.2-vendor.tar.bz2) = d45692545b50a1995837ec61b193f395bf4de021e3c4f059e3c3cc705b1b09628b1e8f00efd1d0f3f0936dc66e39cb2ac9defe484f952552e7b0e402e947fd6d
SHA512 (cryptography-41.0.7.tar.gz) = 9a870d45296de6af1331e73b102226b8269892216cd7bc0adfb2f63ce1ca7021d338effd09182128253d8d8df154bbd19d46c47f10ddac86e739fcbf6df78307
SHA512 (cryptography-41.0.7-vendor.tar.bz2) = dbf750a1ada4a9330939e3dae8311007a9e25808eb64c124c99981187d1bc04baba3a7d3b838c0cd9491e8350c382fb0f789a11abb21c633f2d78e8aba819b9e