SECURITY ISSUE: Fixed a bug where certain sequences of update() calls
when symmetrically encrypting very large payloads (>2GB) could result in
an integer overflow, leading to buffer overflows. CVE-2020-36242
Note: This also updates {,vectors-}3.3.nix (for Python 2 / nixops)
because of the security issue.
Backward incompatible changes:
- Support for Python 3.5 has been removed due to low usage and
maintenance burden.
- The GCM and AESGCM now require 64-bit to 1024-bit (8 byte to 128 byte)
initialization vectors. This change is to conform with an upcoming
OpenSSL release that will no longer support sizes outside this window.
- When deserializing asymmetric keys we now raise ValueError rather than
UnsupportedAlgorithm when an unsupported cipher is used. This change
is to conform with an upcoming OpenSSL release that will no longer
distinguish between error types.
- We no longer allow loading of finite field Diffie-Hellman parameters
of less than 512 bits in length. This change is to conform with an
upcoming OpenSSL release that no longer supports smaller sizes. These
keys were already wildly insecure and should not have been used in any
application outside of testing.
SECURITY ISSUE: Attempted to make RSA PKCS#1v1.5 decryption more
constant time, to protect against Bleichenbacher vulnerabilities. Due to
limitations imposed by our API, we cannot completely mitigate this
vulnerability and a future release will contain a new API which is
designed to be resilient to these for contexts where it is required.
Credit to Hubert Kario for reporting the issue. CVE-2020-25659
Backwards incompatible changes:
- Removed support for idna based U-label parsing in various X.509
classes. This support was originally deprecated in version 2.1 and
moved to an extra in 2.5.
Backwards incompatible changes:
- Removed support for passing an Extension instance to
from_issuer_subject_key_identifier(), as per our deprecation policy.
- Support for LibreSSL 2.7.x, 2.8.x, and 2.9.0 has been removed (2.9.1+
is still supported).
- Dropped support for macOS 10.9, macOS users must upgrade to 10.10 or
newer.
- RSA generate_private_key() no longer accepts public_exponent values
except 65537 and 3 (the latter for legacy purposes).
- X.509 certificate parsing now enforces that the version field contains
a valid value, rather than deferring this check until version is
accessed.
Deprecations:
- Deprecated support for Python 2. At the time there is no time table
for actually dropping support, however we strongly encourage all users
to upgrade their Python, as Python 2 no longer receives support from
the Python core team.
Backwards incompatible changes:
- Support for Python 3.4 has been removed due to low usage and
maintenance burden.
- Support for OpenSSL 1.0.1 has been removed. Users on older version of
OpenSSL will need to upgrade.
- Support for LibreSSL 2.6.x has been removed.
- Reversed the order in which rfc4514_string() returns the RDNs as
required by RFC 4514.
Note: The first three changes should have no impact on Nixpkgs as we
already removed Python 3.4 and OpenSSL 1.0.1. Additionally we don't
support LibreSSL for this package.
Changelog:
https://cryptography.io/en/latest/changelog/#v2-8
Important changes:
- Deprecated support for OpenSSL 1.0.1. Support will be removed in
cryptography 2.9.
- cryptography no longer depends on asn1crypto.
- Added support for Python 3.8.
Changelog:
https://cryptography.io/en/latest/changelog/#v2-7
Important changes:
- BACKWARDS INCOMPATIBLE: We no longer distribute 32-bit manylinux1
wheels. Continuing to produce them was a maintenance burden.
- BACKWARDS INCOMPATIBLE: Removed the
cryptography.hazmat.primitives.mac.MACContext interface.
The CMAC and HMAC APIs have not changed, but they are no longer
registered as MACContext instances.
Changelog:
https://cryptography.io/en/latest/changelog/#v2-6-1
Important changes:
- BACKWARDS INCOMPATIBLE: Removed
cryptography.hazmat.primitives.asymmetric.utils.encode_rfc6979_signature
and
cryptography.hazmat.primitives.asymmetric.utils.decode_rfc6979_signature,
which had been deprecated for nearly 4 years. Use
encode_dss_signature() and decode_dss_signature() instead.
- BACKWARDS INCOMPATIBLE: Removed cryptography.x509.Certificate.serial,
which had been deprecated for nearly 3 years. Use serial_number
instead.
This should make the management easier. The package cryptography_vectors
contains the test vectors for cryptography and should therefore always
have the same version. By linking the version of cryptography_vectors to
cryptography, this simply cannot be forgotten.