Subject: CVS commit: pkgsrc/security
From: Adam Ciarcinski
Date: 2024-01-23 07:33:49
Message id: 20240123063349.4E954FA42@cvs.NetBSD.org

Log Message:
py-cryptography py-cryptography_vectors: updated to 42.0.0

42.0.0 - 2024-01-22
~~~~~~~~~~~~~~~~~~~

* **BACKWARDS INCOMPATIBLE:** Dropped support for LibreSSL < 3.7.
* **BACKWARDS INCOMPATIBLE:** Loading a PKCS7 with no content field using
  \ 
:func:`~cryptography.hazmat.primitives.serialization.pkcs7.load_pem_pkcs7_certif \ 
icates`
  or
  \ 
:func:`~cryptography.hazmat.primitives.serialization.pkcs7.load_der_pkcs7_certif \ 
icates`
  will now raise a ``ValueError`` rather than return an empty list.
* Parsing SSH certificates no longer permits malformed critical options with
  values, as documented in the 41.0.2 release notes.
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.2.0.
* Updated the minimum supported Rust version (MSRV) to 1.63.0, from 1.56.0.
* We now publish both ``py37`` and ``py39`` ``abi3`` wheels. This should
  resolve some errors relating to initializing a module multiple times per
  process.
* Support :class:`~cryptography.hazmat.primitives.asymmetric.padding.PSS` for
  X.509 certificate signing requests and certificate revocation lists with the
  keyword-only argument ``rsa_padding`` on the ``sign`` methods for
  :class:`~cryptography.x509.CertificateSigningRequestBuilder` and
  :class:`~cryptography.x509.CertificateRevocationListBuilder`.
* Added support for obtaining X.509 certificate signing request signature
  algorithm parameters (including PSS) via
  \ 
:meth:`~cryptography.x509.CertificateSigningRequest.signature_algorithm_paramete \ 
rs`.
* Added support for obtaining X.509 certificate revocation list signature
  algorithm parameters (including PSS) via
  \ 
:meth:`~cryptography.x509.CertificateRevocationList.signature_algorithm_paramete \ 
rs`.
* Added ``mgf`` property to
  :class:`~cryptography.hazmat.primitives.asymmetric.padding.PSS`.
* Added ``algorithm`` and ``mgf`` properties to
  :class:`~cryptography.hazmat.primitives.asymmetric.padding.OAEP`.
* Added the following properties that return timezone-aware ``datetime`` objects:
  :meth:`~cryptography.x509.Certificate.not_valid_before_utc`,
  :meth:`~cryptography.x509.Certificate.not_valid_after_utc`,
  :meth:`~cryptography.x509.RevokedCertificate.revocation_date_utc`,
  :meth:`~cryptography.x509.CertificateRevocationList.next_update_utc`,
  :meth:`~cryptography.x509.CertificateRevocationList.last_update_utc`.
  These are timezone-aware variants of existing properties that return naïve
  ``datetime`` objects.
* Deprecated the following properties that return naïve ``datetime`` objects:
  :meth:`~cryptography.x509.Certificate.not_valid_before`,
  :meth:`~cryptography.x509.Certificate.not_valid_after`,
  :meth:`~cryptography.x509.RevokedCertificate.revocation_date`,
  :meth:`~cryptography.x509.CertificateRevocationList.next_update`,
  :meth:`~cryptography.x509.CertificateRevocationList.last_update`
  in favor of the new timezone-aware variants mentioned above.
* Added support for
  :class:`~cryptography.hazmat.primitives.ciphers.algorithms.ChaCha20`
  on LibreSSL.
* Added support for RSA PSS signatures in PKCS7 with
  \ 
:meth:`~cryptography.hazmat.primitives.serialization.pkcs7.PKCS7SignatureBuilder \ 
.add_signer`.
* In the next release (43.0.0) of cryptography, loading an X.509 certificate
  with a negative serial number will raise an exception. This has been
  deprecated since 36.0.0.
* Added support for
  :class:`~cryptography.hazmat.primitives.ciphers.aead.AESGCMSIV` when using
  OpenSSL 3.2.0+.
* Added the :mod:`X.509 path validation <cryptography.x509.verification>` APIs
  for :class:`~cryptography.x509.Certificate` chains. These APIs should be
  considered unstable and not subject to our stability guarantees until
  documented as such in a future release.
* Added support for
  :class:`~cryptography.hazmat.primitives.ciphers.algorithms.SM4`
  :class:`~cryptography.hazmat.primitives.ciphers.modes.GCM`
  when using OpenSSL 3.0 or greater.

Files:
RevisionActionfile
1.108modifypkgsrc/security/py-cryptography/Makefile
1.33modifypkgsrc/security/py-cryptography/PLIST
1.10modifypkgsrc/security/py-cryptography/cargo-depends.mk
1.86modifypkgsrc/security/py-cryptography/distinfo
1.49modifypkgsrc/security/py-cryptography_vectors/Makefile
1.26modifypkgsrc/security/py-cryptography_vectors/PLIST
1.48modifypkgsrc/security/py-cryptography_vectors/distinfo