-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-b95798399d 2023-02-13 00:40:32.405088 -------------------------------------------------------------------------------- Name : python-pycryptodomex Product : Fedora 37 Version : 3.17.0 Release : 1.fc37 URL : http://www.pycryptodome.org/ Summary : A self-contained cryptographic library for Python Description : PyCryptodome is a self-contained Python package of low-level cryptographic primitives. It's a fork of PyCrypto. It brings several enhancements with respect to the last official version of PyCrypto (2.6.1), for instance: * Authenticated encryption modes (GCM, CCM, EAX, SIV, OCB) * Accelerated AES on Intel platforms via AES-NI * Elliptic curves cryptography (NIST P-256 curve only) * Better and more compact API (nonce and iv attributes for ciphers, automatic generation of random nonces and IVs, simplified CTR cipher mode, and more) * SHA-3 (including SHAKE XOFs) and BLAKE2 hash algorithms * Salsa20 and ChaCha20 stream ciphers * scrypt and HKDF * Deterministic (EC)DSA * Password-protected PKCS#8 key containers * Shamir's Secret Sharing scheme * Random numbers get sourced directly from the OS (and not from a CSPRNG in userspace) * Cleaner RSA and DSA key generation (largely based on FIPS 186-4) * Major clean ups and simplification of the code base PyCryptodome is not a wrapper to a separate C library like OpenSSL. To the largest possible extent, algorithms are implemented in pure Python. Only the pieces that are extremely critical to performance (e.g. block ciphers) are implemented as C extensions. Note: all modules are installed under the Cryptodome package to avoid conflicts with the PyCrypto library. -------------------------------------------------------------------------------- Update Information: New features --------------- * Added support for the Counter Mode KDF defined in SP 800-108 Rev 1. * Reduce the minimum tag length for the EAX cipher to 2 bytes. * An RSA object has 4 new properties for the CRT coefficients: ``dp``, ``dq``, ``invq`` and ``invq`` (``invp`` is the same value as the existing ``u``). Resolved issues --------------- * GH#526: improved typing for ``RSA.construct``. * GH#534: reduced memory consumption when using a large number of cipher objects. * GH#598: fixed missing error handling for ``Util.number.inverse``. * GH#629: improved typing for ``AES.new`` and the various mode-specific types it returns. Thanks to Greg Werbin. * GH#653: added workaround for an alleged GCC compiler bug that affected Ed25519 code compiled for AVX2. * GH#658: attribute ``curve`` of an ECC key was not always the preferred curve name, as it used to be in v3.15.0 (independently of the curve name specified when generating the key). * GH#637: fixed typing for legacy modules ``PKCS1_v1_5`` and ``PKCS1_PSS``, as their ``verify()`` returned a boolean. * GH#664: with OCB mode, nonces of maximum length (15 bytes) were actually used as 14 bytes nonces. After this fix, data that was encrypted in past using the (default) nonce length of 15 bytes can still be decrypted by reducing the nonce to its first 14 bytes. * GH#705: improved typing for ``nonce``, ``iv``, and ``IV`` parameters of cipher objects. -------------------------------------------------------------------------------- ChangeLog: * Sun Feb 5 2023 Mohamed El Morabity <melmorabity@xxxxxxxxxxxxxxxxx> - 3.17.0-1 - Update to 3.17.0 - Fix Flatpak build (see https://src.fedoraproject.org/rpms/python-pycryptodomex/pull-request/3) * Sun Jan 8 2023 Mohamed El Morabity <melmorabity@xxxxxxxxxxxxxxxxx> - 3.16.0-2 - Fix build with Python 3.12 (fix deprecated unittest methods) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2165193 - python-pycryptodomex-3.17.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2165193 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-b95798399d' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- package-announce@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-announce-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue