1. Forum
  2. Usenet
  3. COMP.LANG.PYTHON.ANNOUNCE

  • PyCA cryptography 3.3.2 and 3.4 released

    From Paul Kehrer@21:1/5 to All on Sun Feb 7 13:54:34 2021
    PyCA cryptography 3.3.2 and 3.4 have been released to PyPI.
    cryptography includes both high level recipes and low level interfaces
    to common cryptographic algorithms such as symmetric ciphers,
    asymmetric algorithms, message digests, X509, key derivation
    functions, and much more.

    3.3.2 supports Python 2.7, Python 3.6+, and PyPy, while 3.4 supports
    Python 3.6+ (including PyPy3).

    3.3.2 Changelog (https://cryptography.io/en/latest/changelog.html#v3-3-2):
    * SECURITY ISSUE: Fixed a bug where certain sequences of update()
    calls when symmetrically encrypting very large payloads (>2GB) could
    result in an integer overflow, leading to buffer overflows.
    CVE-2020-36242

    Please note 3.3.2 is the FINAL RELEASE supporting Python 2.7.

    3.4 Changelog (https://cryptography.io/en/latest/changelog.html#v3-4)
    * BACKWARDS INCOMPATIBLE: Support for Python 2 has been removed.
    * We now ship manylinux2014 wheels and no longer ship manylinux1
    wheels. Users should upgrade to the latest pip to ensure this doesn’t
    cause issues downloading wheels on their platform.
    cryptography now incorporates Rust code. Users building cryptography
    themselves will need to have the Rust toolchain installed. Users who
    use an officially produced wheel will not need to make any changes.
    The minimum supported Rust version is 1.45.0.
    * cryptography now has PEP 484 type hints on nearly all of of its
    public APIs. Users can begin using them to type check their code with
    mypy.

    -Paul Kehrer (reaperhulk)

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)