CVS commit: pkgsrc/security/py-passlib

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/security/py-passlib
From: "Klaus Klein" <kleink%netbsd.org@localhost>
Date: Fri, 14 Aug 2015 18:46:33 +0000

Module Name:    pkgsrc
Committed By:   kleink
Date:           Fri Aug 14 18:46:33 UTC 2015

Modified Files:
        pkgsrc/security/py-passlib: Makefile distinfo

Log Message:
Update py-passlib to 1.6.5.

**1.6.5** (2015-08-04) ======================

   Fixed some minor bugs in the test suite which were causing
   erroneous test failures (:issue:`57` and :issue:`58`). The passlib
   library itself is unchanged.

**1.6.4** (2015-07-25) ======================

    This release rolls up assorted bug & compatibility fixes since
    1.6.2.

Bugfixes --------

    * Correctly detect bcrypt 2.0.  Previous releases were incorrectly
      detecting it as py-bcrypt,
      causing spurious errors (:issue:`56`).

    * CryptContext now accepts scheme names as unicode (:issue:`54`).

    * :mod:`passlib.ext.django` now works correctly with Django
      1.7-1.8. Previous
      releases had various test failures (:issue:`52`).

    * :class:`passlib.apache.HtpasswdFile` now recognizes bcrypt,
      sha256_crypt, sha512_crypt
      hashes (:issue:`55`).

BCrypt Changes --------------

    A few changes have been made to the :class:`~passlib.hash.bcrypt`
    hash:

    * It now supports the ``$2b$`` hash format.

    * It will now issue a :exc:`~passlib.exc.PasslibSecurityWarning`
      if the active backend
      is vulnerable to the :ref:`wraparound bug <bsd-wraparound-bug>`,
      and automatically enable a workaround (py-bcrypt is known to
      be vulnerable as of v0.4).

    * It will throw a :exc:`~passlib.exc.PasslibSecurityError` if
      the active backend
      is vulnerable to the :ref:`8-bit bug <crypt-blowfish-bug>`
      (none of Passlib's backends are known to be vulnerable as of
      2015-07).

    * Updated documentation to indicate the cffi-based `bcrypt
      <https://pypi.python.org/pypi/bcrypt>`_
      library is now the recommended bcrypt backend.

    * Backend capability detection code refactored to rely on runtime
      detection
      rather than hardcoded information.

Other Changes -------------

    * Source repo's ``tox.ini`` updated.  Now assumes python3 by
      default, and refactored test
      environments to more cleanly delineate the different setups
      being tested.

    * Passlib releases are now published as wheels instead of eggs.

.. note::

    Release **1.6.3** was skipped due to upload issues.


To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 pkgsrc/security/py-passlib/Makefile
cvs rdiff -u -r1.2 -r1.3 pkgsrc/security/py-passlib/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: pkgsrc/graphics/babl
Next by Date: CVS commit: pkgsrc/doc
Previous by Thread: CVS commit: pkgsrc/graphics/babl
Next by Thread: CVS commit: pkgsrc/doc
Indexes:

Home | Main Index | Thread Index | Old Index