Subject: CVS commit: pkgsrc/security
From: Adam Ciarcinski
Date: 2018-07-19 11:24:37
Message id: 20180719092437.878E2FBEC@cvs.NetBSD.org

Log Message:
py-cryptography[_vectors]: updated to 2.3

2.3:

SECURITY ISSUE: \ 
:meth:~cryptography.hazmat.primitives.ciphers.AEADDecryptionContext.finalize_with_tag \ 
allowed tag truncation by default which can allow tag forgery in some cases. The \ 
method now enforces the min_tag_length provided to the \ 
:class:~cryptography.hazmat.primitives.ciphers.modes.GCM constructor. \ 
CVE-2018-10903
Added support for Python 3.7.
Added :meth:~cryptography.fernet.Fernet.extract_timestamp to get the \ 
authenticated timestamp of a :doc:Fernet </fernet> token.
Support for Python 2.7.x without hmac.compare_digest has been deprecated. We \ 
will require Python 2.7.7 or higher (or 2.7.6 on Ubuntu) in the next \ 
cryptography release.
Fixed multiple issues preventing cryptography from compiling against LibreSSL 2.7.x.
Added \ 
:class:~cryptography.x509.CertificateRevocationList.get_revoked_certificate_by_serial_number \ 
for quick serial number searches in CRLs.
The :class:~cryptography.x509.RelativeDistinguishedName class now preserves the \ 
order of attributes. Duplicate attributes now raise an error instead of silently \ 
discarding duplicates.
:func:~cryptography.hazmat.primitives.keywrap.aes_key_unwrap and \ 
:func:~cryptography.hazmat.primitives.keywrap.aes_key_unwrap_with_padding now \ 
raise :class:~cryptography.hazmat.primitives.keywrap.InvalidUnwrap if the \ 
wrapped key is an invalid length, instead of ValueError.

Files:
RevisionActionfile
1.67modifypkgsrc/security/py-cryptography/Makefile
1.53modifypkgsrc/security/py-cryptography/distinfo
1.15modifypkgsrc/security/py-cryptography_vectors/Makefile
1.8modifypkgsrc/security/py-cryptography_vectors/PLIST
1.15modifypkgsrc/security/py-cryptography_vectors/distinfo