From mboxrd@z Thu Jan  1 00:00:00 1970
From: Peter =?utf-8?q?M=C3=BCller?= <peter.mueller@ipfire.org>
To: development@lists.ipfire.org
Subject: Re: [PATCH 01/23] python3-cryptography: Update to version 36.0.2
Date: Sat, 18 Jun 2022 14:51:23 +0000
Message-ID: <c291c184-bb33-951c-070b-faa8bef1ddfe@ipfire.org>
In-Reply-To: <07306f51-8b53-70fa-cca5-167160d00f59@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============5589956910578278656=="
List-Id: <development.lists.ipfire.org>

--===============5589956910578278656==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

Hello Adolf,

I can only concur with Michael, and thank you for all your work.

For size reasons, I would abstain from cramping these patches into Core Updat=
e 169 (which
is currently at 98 MByte on x86_64), and defer them to Core Update 170. Would=
 that be
fine to you?

Thanks, and best regards,
Peter M=C3=BCller


>=20
>=20
> On 17/06/2022 12:14, Michael Tremer wrote:
>> Oh wow. 23 patches.
> and would have been 26 patches without your help on removing the windows re=
quirements.
>>
>> That looks like a lot of work!
>>
>> Thank you for this. I will not tag them all individually if that is okay :)
> That is fine by me :-)
>>
>> -Michael
>>
>>> On 17 Jun 2022, at 11:00, Adolf Belka <adolf.belka(a)ipfire.org> wrote:
>>>
>>> Dear All,
>>>
>>> For information this patch series can wait till CU170. It is not an urgen=
t need to update in CU169.
>>>
>>> Regards,
>>> Adolf.
>>>
>>> On 17/06/2022 11:42, Adolf Belka wrote:
>>>> - Update from version 3.4.7 to 36.0.2
>>>> =C2=A0=C2=A0=C2=A0 After version 3.4.8 the numbering scheme changed to 3=
5.0.0 in Sept 2021
>>>> =C2=A0=C2=A0=C2=A0 See Chanelog section 35.0.0 below
>>>> - New release requires a lot of rust packages - see Changelog sections 3=
5.0.0 & 36.0.0
>>>> =C2=A0=C2=A0=C2=A0 below. The required rust packages are installed in se=
parate patches in this series
>>>> - Update of rootfile
>>>> - Changelog
>>>> =C2=A0=C2=A0=C2=A0=C2=A036.0.2 - 2022-03-15=C2=B6
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 Updated Windows, macOS, and L=
inux wheels to be compiled with OpenSSL 1.1.1n.
>>>> =C2=A0=C2=A0=C2=A0=C2=A036.0.1 - 2021-12-14=C2=B6
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 Updated Windows, macOS, and L=
inux wheels to be compiled with OpenSSL 1.1.1m.
>>>> =C2=A0=C2=A0=C2=A0=C2=A036.0.0 - 2021-11-21=C2=B6
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 FINAL DEPRECATION Support for=
 verifier and signer on our asymmetric key
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0 classes was deprecated in version 2.0. These functions had an extended
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0 deprecation due to usage, however the next version of cryptography wil=
l drop
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0 support. Users should migrate to sign and verify.
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 The entire X.509 layer is now=
 written in Rust. This allows alternate
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0 asymmetric key implementations that can support cloud key management
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0 services or hardware security modules provided they implement the nece=
ssary
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0 interface (for example: EllipticCurvePrivateKey).
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 Deprecated the backend argume=
nt for all functions.
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 Added support for AESOCB3.
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 Added support for iterating o=
ver arbitrary request attributes.
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 Deprecated the get_attribute_=
for_oid method on CertificateSigningRequest in
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0 favor of get_attribute_for_oid() on the new Attributes object.
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 Fixed handling of PEM files t=
o allow loading when certificate and key are in
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0 the same file.
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 Fixed parsing of CertificateP=
olicies extensions containing legacy BMPString
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0 values in their explicitText.
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 Allow parsing of negative ser=
ial numbers in certificates. Negative serial
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0 numbers are prohibited by RFC 5280 so a deprecation warning will be ra=
ised
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0 whenever they are encountered. A future version of cryptography will d=
rop
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0 support for parsing them.
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 Added support for parsing PKC=
S12 files with friendly names for all
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0 certificates with load_pkcs12(), which will return an object of type
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0 PKCS12KeyAndCertificates.
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 rfc4514_string() and related =
methods now have an optional attr_name_overrides
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0 parameter to supply custom OID to name mappings, which can be used to =
match
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0 vendor-specific extensions.
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 BACKWARDS INCOMPATIBLE: Rever=
ted the nonstandard formatting of email address
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0 fields as E in rfc4514_string() methods from version 35.0.
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 The previous behavior can be =
restored with:
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0 name.rfc4514_string({NameOID.EMAIL_ADDRESS: "E"})
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 Allow X25519PublicKey and X44=
8PublicKey to be used as public keys when
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0 parsing certificates or creating them with CertificateBuilder. These k=
ey
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0 types must be signed with a different signing algorithm as X25519 and =
X448
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0 do not support signing.
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 Extension values can now be s=
erialized to a DER byte string by calling
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0 public_bytes().
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 Added experimental support fo=
r compiling against BoringSSL. As BoringSSL
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0 does not commit to a stable API, cryptography tests against the latest
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0 commit only. Please note that several features are not available when
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0 building against BoringSSL.
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 Parsing CertificateSigningReq=
uest from DER and PEM now, for a limited time
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0 period, allows the Extension critical field to be incorrectly encoded.=
 See
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0 the issue for complete details. This will be reverted in a future
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0 cryptography release.
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 When OCSPNonce are parsed and=
 generated their value is now correctly wrapped
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0 in an ASN.1 OCTET STRING. This conforms to RFC 6960 but conflicts with=
 the
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0 original behavior specified in RFC 2560. For a temporary period for
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0 backwards compatibility, we will also parse values that are encoded as
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0 specified in RFC 2560 but this behavior will be removed in a future re=
lease.
>>>> =C2=A0=C2=A0=C2=A0=C2=A035.0.0 - 2021-09-29=C2=B6
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 Changed the version scheme. T=
his will result in us incrementing the major
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0 version more frequently, but does not change our existing backwards
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0 compatibility policy.
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 BACKWARDS INCOMPATIBLE: The X=
.509 PEM parsers now require that the PEM
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0 string passed have PEM delimiters of the correct type. For example, pa=
rsing
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0 a private key PEM concatenated with a certificate PEM will no longer be
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0 accepted by the PEM certificate parser.
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 BACKWARDS INCOMPATIBLE: The X=
.509 certificate parser no longer allows
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0 negative serial numbers. RFC 5280 has always prohibited these.
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 BACKWARDS INCOMPATIBLE: Addit=
ional forms of invalid ASN.1 found during X.509
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0 parsing will raise an error on initial parse rather than when the malf=
ormed
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0 field is accessed.
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 Rust is now required for buil=
ding cryptography, the
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0 CRYPTOGRAPHY_DONT_BUILD_RUST environment variable is no longer respect=
ed.
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 Parsers for X.509 no longer u=
se OpenSSL and have been rewritten in Rust.
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0 This should be backwards compatible (modulo the items listed above) and
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0 improve both security and performance.
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 Added support for OpenSSL 3.0=
.0 as a compilation target.
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 Added support for SM3 and SM4=
, when using OpenSSL 1.1.1. These algorithms
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0 are provided for compatibility in regions where they may be required, =
and
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0 are not generally recommended.
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 We now ship manylinux_2_24 an=
d musllinux_1_1 wheels, in addition to our
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0 manylinux2010 and manylinux2014 wheels. Users on distributions like Al=
pine
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0 Linux should ensure they upgrade to the latest pip to correctly receive
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0 wheels.
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 Added rfc4514_attribute_name =
attribute to x509.NameAttribute.
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 Added KBKDFCMAC.
>>>> =C2=A0=C2=A0=C2=A0=C2=A03.4.8 - 2021-08-24=C2=B6
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 Updated Windows, macOS, and m=
anylinux wheels to be compiled with
>>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0 OpenSSL 1.1.1l.
>>>> Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
>>>> ---
>>>> =C2=A0 .../rootfiles/packages/python3-cryptography=C2=A0=C2=A0 | 25 ++++=
++++++---------
>>>> =C2=A0 lfs/python3-cryptography=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=
=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0=C2=A0 |=C2=A0 6 ++---
>>>> =C2=A0 2 files changed, 16 insertions(+), 15 deletions(-)
>>>> diff --git a/config/rootfiles/packages/python3-cryptography b/config/roo=
tfiles/packages/python3-cryptography
>>>> index 9f63606fb..a9ee32faf 100644
>>>> --- a/config/rootfiles/packages/python3-cryptography
>>>> +++ b/config/rootfiles/packages/python3-cryptography
>>>> @@ -1,20 +1,18 @@
>>>> =C2=A0 usr/lib/python3.10/site-packages/cryptography
>>>> -#usr/lib/python3.10/site-packages/cryptography-3.4.7-py3.10.egg-info
>>>> -#usr/lib/python3.10/site-packages/cryptography-3.4.7-py3.10.egg-info/PK=
G-INFO
>>>> -#usr/lib/python3.10/site-packages/cryptography-3.4.7-py3.10.egg-info/SO=
URCES.txt
>>>> -#usr/lib/python3.10/site-packages/cryptography-3.4.7-py3.10.egg-info/de=
pendency_links.txt
>>>> -#usr/lib/python3.10/site-packages/cryptography-3.4.7-py3.10.egg-info/no=
t-zip-safe
>>>> -#usr/lib/python3.10/site-packages/cryptography-3.4.7-py3.10.egg-info/re=
quires.txt
>>>> -#usr/lib/python3.10/site-packages/cryptography-3.4.7-py3.10.egg-info/to=
p_level.txt
>>>> +#usr/lib/python3.10/site-packages/cryptography-36.0.2-py3.10.egg-info
>>>> +#usr/lib/python3.10/site-packages/cryptography-36.0.2-py3.10.egg-info/P=
KG-INFO
>>>> +#usr/lib/python3.10/site-packages/cryptography-36.0.2-py3.10.egg-info/S=
OURCES.txt
>>>> +#usr/lib/python3.10/site-packages/cryptography-36.0.2-py3.10.egg-info/d=
ependency_links.txt
>>>> +#usr/lib/python3.10/site-packages/cryptography-36.0.2-py3.10.egg-info/n=
ot-zip-safe
>>>> +#usr/lib/python3.10/site-packages/cryptography-36.0.2-py3.10.egg-info/r=
equires.txt
>>>> +#usr/lib/python3.10/site-packages/cryptography-36.0.2-py3.10.egg-info/t=
op_level.txt
>>>> =C2=A0 usr/lib/python3.10/site-packages/cryptography/__about__.py
>>>> =C2=A0 usr/lib/python3.10/site-packages/cryptography/__init__.py
>>>> =C2=A0 usr/lib/python3.10/site-packages/cryptography/exceptions.py
>>>> =C2=A0 usr/lib/python3.10/site-packages/cryptography/fernet.py
>>>> =C2=A0 usr/lib/python3.10/site-packages/cryptography/hazmat
>>>> =C2=A0 usr/lib/python3.10/site-packages/cryptography/hazmat/__init__.py
>>>> -usr/lib/python3.10/site-packages/cryptography/hazmat/_der.py
>>>> =C2=A0 usr/lib/python3.10/site-packages/cryptography/hazmat/_oid.py
>>>> -usr/lib/python3.10/site-packages/cryptography/hazmat/_types.py
>>>> =C2=A0 usr/lib/python3.10/site-packages/cryptography/hazmat/backends
>>>> =C2=A0 usr/lib/python3.10/site-packages/cryptography/hazmat/backends/__i=
nit__.py
>>>> =C2=A0 usr/lib/python3.10/site-packages/cryptography/hazmat/backends/int=
erfaces.py
>>>> @@ -33,7 +31,6 @@ usr/lib/python3.10/site-packages/cryptography/hazmat/b=
ackends/openssl/ed448.py
>>>> =C2=A0 usr/lib/python3.10/site-packages/cryptography/hazmat/backends/ope=
nssl/encode_asn1.py
>>>> =C2=A0 usr/lib/python3.10/site-packages/cryptography/hazmat/backends/ope=
nssl/hashes.py
>>>> =C2=A0 usr/lib/python3.10/site-packages/cryptography/hazmat/backends/ope=
nssl/hmac.py
>>>> -usr/lib/python3.10/site-packages/cryptography/hazmat/backends/openssl/o=
csp.py
>>>> =C2=A0 usr/lib/python3.10/site-packages/cryptography/hazmat/backends/ope=
nssl/poly1305.py
>>>> =C2=A0 usr/lib/python3.10/site-packages/cryptography/hazmat/backends/ope=
nssl/rsa.py
>>>> =C2=A0 usr/lib/python3.10/site-packages/cryptography/hazmat/backends/ope=
nssl/utils.py
>>>> @@ -43,8 +40,12 @@ usr/lib/python3.10/site-packages/cryptography/hazmat/=
backends/openssl/x509.py
>>>> =C2=A0 usr/lib/python3.10/site-packages/cryptography/hazmat/bindings
>>>> =C2=A0 usr/lib/python3.10/site-packages/cryptography/hazmat/bindings/__i=
nit__.py
>>>> =C2=A0 usr/lib/python3.10/site-packages/cryptography/hazmat/bindings/_op=
enssl.abi3.so
>>>> -usr/lib/python3.10/site-packages/cryptography/hazmat/bindings/_padding.=
abi3.so
>>>> +usr/lib/python3.10/site-packages/cryptography/hazmat/bindings/_rust
>>>> =C2=A0 usr/lib/python3.10/site-packages/cryptography/hazmat/bindings/_ru=
st.abi3.so
>>>> +usr/lib/python3.10/site-packages/cryptography/hazmat/bindings/_rust/__i=
nit__.pyi
>>>> +usr/lib/python3.10/site-packages/cryptography/hazmat/bindings/_rust/asn=
1.pyi
>>>> +usr/lib/python3.10/site-packages/cryptography/hazmat/bindings/_rust/ocs=
p.pyi
>>>> +usr/lib/python3.10/site-packages/cryptography/hazmat/bindings/_rust/x50=
9.pyi
>>>> =C2=A0 usr/lib/python3.10/site-packages/cryptography/hazmat/bindings/ope=
nssl
>>>> =C2=A0 usr/lib/python3.10/site-packages/cryptography/hazmat/bindings/ope=
nssl/__init__.py
>>>> =C2=A0 usr/lib/python3.10/site-packages/cryptography/hazmat/bindings/ope=
nssl/_conditional.py
>>>> @@ -63,6 +64,7 @@ usr/lib/python3.10/site-packages/cryptography/hazmat/p=
rimitives/asymmetric/ed255
>>>> =C2=A0 usr/lib/python3.10/site-packages/cryptography/hazmat/primitives/a=
symmetric/ed448.py
>>>> =C2=A0 usr/lib/python3.10/site-packages/cryptography/hazmat/primitives/a=
symmetric/padding.py
>>>> =C2=A0 usr/lib/python3.10/site-packages/cryptography/hazmat/primitives/a=
symmetric/rsa.py
>>>> +usr/lib/python3.10/site-packages/cryptography/hazmat/primitives/asymmet=
ric/types.py
>>>> =C2=A0 usr/lib/python3.10/site-packages/cryptography/hazmat/primitives/a=
symmetric/utils.py
>>>> =C2=A0 usr/lib/python3.10/site-packages/cryptography/hazmat/primitives/a=
symmetric/x25519.py
>>>> =C2=A0 usr/lib/python3.10/site-packages/cryptography/hazmat/primitives/a=
symmetric/x448.py
>>>> @@ -97,7 +99,6 @@ usr/lib/python3.10/site-packages/cryptography/hazmat/p=
rimitives/twofactor
>>>> =C2=A0 usr/lib/python3.10/site-packages/cryptography/hazmat/primitives/t=
wofactor/__init__.py
>>>> =C2=A0 usr/lib/python3.10/site-packages/cryptography/hazmat/primitives/t=
wofactor/hotp.py
>>>> =C2=A0 usr/lib/python3.10/site-packages/cryptography/hazmat/primitives/t=
wofactor/totp.py
>>>> -usr/lib/python3.10/site-packages/cryptography/hazmat/primitives/twofact=
or/utils.py
>>>> =C2=A0 usr/lib/python3.10/site-packages/cryptography/py.typed
>>>> =C2=A0 usr/lib/python3.10/site-packages/cryptography/utils.py
>>>> =C2=A0 usr/lib/python3.10/site-packages/cryptography/x509
>>>> diff --git a/lfs/python3-cryptography b/lfs/python3-cryptography
>>>> index f3090bc6a..77e5f06b0 100644
>>>> --- a/lfs/python3-cryptography
>>>> +++ b/lfs/python3-cryptography
>>>> @@ -24,7 +24,7 @@
>>>> =C2=A0=C2=A0=C2=A0 include Config
>>>> =C2=A0 -VER=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 =3D 3.4.7
>>>> +VER=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 =3D 36.0.2
>>>> =C2=A0=C2=A0=C2=A0 THISAPP=C2=A0=C2=A0=C2=A0 =3D cryptography-$(VER)
>>>> =C2=A0 DL_FILE=C2=A0=C2=A0=C2=A0 =3D $(THISAPP).tar.gz
>>>> @@ -32,7 +32,7 @@ DL_FROM=C2=A0=C2=A0=C2=A0 =3D $(URL_IPFIRE)
>>>> =C2=A0 DIR_APP=C2=A0=C2=A0=C2=A0 =3D $(DIR_SRC)/$(THISAPP)
>>>> =C2=A0 TARGET=C2=A0=C2=A0=C2=A0=C2=A0 =3D $(DIR_INFO)/$(THISAPP)
>>>> =C2=A0 PROG=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 =3D python3-cryptography
>>>> -PAK_VER=C2=A0=C2=A0=C2=A0 =3D 1
>>>> +PAK_VER=C2=A0=C2=A0=C2=A0 =3D 2
>>>> =C2=A0=C2=A0=C2=A0 DEPS=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 =3D python3-=
cffi
>>>> =C2=A0 @@ -46,7 +46,7 @@ objects =3D $(DL_FILE)
>>>> =C2=A0=C2=A0=C2=A0 $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE)
>>>> =C2=A0 -$(DL_FILE)_BLAKE2 =3D 49bc1e098ed1ba0181059b645f6668cda6332d196e=
aca55270ebce6e07e5bb6ab6724c5050fde20e89b7025773960d74ec782bb875badbbd5dc9a04=
db0a536f1
>>>> +$(DL_FILE)_BLAKE2 =3D b34b994e44b1ccd099a56fba4a167d563a29652f86ab0f000=
0ef78b4093a15cbfb82a9cebecdcaf6bca782a5fdd20f6c7d2206d68a219626a9fe8ae13e9aec=
5e
>>>> =C2=A0=C2=A0=C2=A0 install : $(TARGET)
>>>> =C2=A0=20
>>

--===============5589956910578278656==--