Recommended update for python-pyOpenSSL

Announcement ID:	SUSE-RU-2020:1279-1
Rating:	moderate
References:	bsc#1138748 jsc#ECO-1256 jsc#PM-1598
Affected Products:	HPE Helion OpenStack 8 SUSE Enterprise Storage 5 SUSE Linux Enterprise High Performance Computing 12 SP2 SUSE Linux Enterprise High Performance Computing 12 SP3 SUSE Linux Enterprise High Performance Computing 12 SP4 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Point of Service Image Server 12 12-SP2 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2 BCL 12-SP2 SUSE Linux Enterprise Server 12 SP2 ESPOS 12-SP2 SUSE Linux Enterprise Server 12 SP2 LTSS 12-SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3 BCL 12-SP3 SUSE Linux Enterprise Server 12 SP3 ESPOS 12-SP3 SUSE Linux Enterprise Server 12 SP3 LTSS 12-SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for SAP Applications 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8

An update that contains two features and has one fix can now be installed.

Description:

This update for python-pyOpenSSL fixes the following issues:

python-pyOpenSSL was updated to version 17.1.0.

Backward-incompatible changes:

Removed the deprecated OpenSSL.rand.egd() function. Applications should prefer os.urandom() for random number generation. #630 <https://github.com/pyca/pyopenssl/pull/630>_
Removed the deprecated default digest argument to OpenSSL.crypto.CRL.export(). Callers must now always pass an explicit digest. #652 <https://github.com/pyca/pyopenssl/pull/652>_
Fixed a bug with ASN1_TIME casting in X509.set_notBefore(), X509.set_notAfter(), Revoked.set_rev_date(), Revoked.set_nextUpdate(), and Revoked.set_lastUpdate(). You must now pass times in the form YYYYMMDDhhmmssZ. YYYYMMDDhhmmss+hhmm and YYYYMMDDhhmmss-hhmm will no longer work. #612 <https://github.com/pyca/pyopenssl/pull/612>_

Deprecations:

Deprecated the legacy "Type" aliases: ContextType, ConnectionType, PKeyType, X509NameType, X509ExtensionType, X509ReqType, X509Type, X509StoreType, CRLType, PKCS7Type, PKCS12Type, NetscapeSPKIType. The names without the "Type"-suffix should be used instead.

Changes:

Added OpenSSL.crypto.X509.from_cryptography() and OpenSSL.crypto.X509.to_cryptography() for converting X.509 certificate to and from pyca/cryptography objects. #640 <https://github.com/pyca/pyopenssl/pull/640>_
Added OpenSSL.crypto.X509Req.from_cryptography(), OpenSSL.crypto.X509Req.to_cryptography(), OpenSSL.crypto.CRL.from_cryptography(), and OpenSSL.crypto.CRL.to_cryptography() for converting X.509 CSRs and CRLs to and from pyca/cryptography objects. #645 <https://github.com/pyca/pyopenssl/pull/645>_
Added OpenSSL.debug that allows to get an overview of used library versions (including linked OpenSSL) and other useful runtime information using python -m OpenSSL.debug. #620 <https://github.com/pyca/pyopenssl/pull/620>_
Added a fallback path to Context.set_default_verify_paths() to accommodate the upcoming release of cryptography manylinux1 wheels. #633 <https://github.com/pyca/pyopenssl/pull/633>_

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

HPE Helion OpenStack 8
zypper in -t patch HPE-Helion-OpenStack-8-2020-1279=1
SUSE OpenStack Cloud 7
zypper in -t patch SUSE-OpenStack-Cloud-7-2020-1279=1
SUSE OpenStack Cloud 8
zypper in -t patch SUSE-OpenStack-Cloud-8-2020-1279=1
SUSE OpenStack Cloud Crowbar 8
zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-8-2020-1279=1
SUSE Linux Enterprise Point of Service Image Server 12 12-SP2
zypper in -t patch SUSE-SLE-POS-12-SP2-CLIENT-2020-1279=1
SUSE Linux Enterprise Server for SAP Applications 12 SP2
zypper in -t patch SUSE-SLE-SAP-12-SP2-2020-1279=1
SUSE Linux Enterprise Server for SAP Applications 12 SP3
zypper in -t patch SUSE-SLE-SAP-12-SP3-2020-1279=1
SUSE Linux Enterprise Server 12 SP2 BCL 12-SP2
zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2020-1279=1
SUSE Linux Enterprise Server 12 SP2 ESPOS 12-SP2
zypper in -t patch SUSE-SLE-SERVER-12-SP2-ESPOS-2020-1279=1
SUSE Linux Enterprise Server 12 SP2 LTSS 12-SP2
zypper in -t patch SUSE-SLE-SERVER-12-SP2-2020-1279=1
SUSE Linux Enterprise Server 12 SP3 BCL 12-SP3
zypper in -t patch SUSE-SLE-SERVER-12-SP3-BCL-2020-1279=1
SUSE Linux Enterprise Server 12 SP3 ESPOS 12-SP3
zypper in -t patch SUSE-SLE-SERVER-12-SP3-ESPOS-2020-1279=1
SUSE Linux Enterprise Server 12 SP3 LTSS 12-SP3
zypper in -t patch SUSE-SLE-SERVER-12-SP3-2020-1279=1
SUSE Linux Enterprise High Performance Computing 12 SP4
zypper in -t patch SUSE-SLE-SERVER-12-SP4-2020-1279=1
SUSE Linux Enterprise Server 12 SP4
zypper in -t patch SUSE-SLE-SERVER-12-SP4-2020-1279=1
SUSE Linux Enterprise Server for SAP Applications 12 SP4
zypper in -t patch SUSE-SLE-SERVER-12-SP4-2020-1279=1
SUSE Linux Enterprise High Performance Computing 12 SP5
zypper in -t patch SUSE-SLE-SERVER-12-SP5-2020-1279=1
SUSE Linux Enterprise Server 12 SP5
zypper in -t patch SUSE-SLE-SERVER-12-SP5-2020-1279=1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
zypper in -t patch SUSE-SLE-SERVER-12-SP5-2020-1279=1
SUSE Enterprise Storage 5
zypper in -t patch SUSE-Storage-5-2020-1279=1

Package List:

HPE Helion OpenStack 8 (noarch)
- python-pyOpenSSL-17.1.0-4.23.1
- python3-pyOpenSSL-17.1.0-4.23.1
SUSE OpenStack Cloud 7 (noarch)
- python-pyOpenSSL-17.1.0-4.23.1
- python3-pyOpenSSL-17.1.0-4.23.1
SUSE OpenStack Cloud 8 (noarch)
- python-pyOpenSSL-17.1.0-4.23.1
- python3-pyOpenSSL-17.1.0-4.23.1
SUSE OpenStack Cloud Crowbar 8 (noarch)
- python-pyOpenSSL-17.1.0-4.23.1
- python3-pyOpenSSL-17.1.0-4.23.1
SUSE Linux Enterprise Point of Service Image Server 12 12-SP2 (noarch)
- python-pyOpenSSL-17.1.0-4.23.1
- python3-pyOpenSSL-17.1.0-4.23.1
SUSE Linux Enterprise Server for SAP Applications 12 SP2 (noarch)
- python-pyOpenSSL-17.1.0-4.23.1
- python3-pyOpenSSL-17.1.0-4.23.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3 (noarch)
- python-pyOpenSSL-17.1.0-4.23.1
- python3-pyOpenSSL-17.1.0-4.23.1
SUSE Linux Enterprise Server 12 SP2 BCL 12-SP2 (noarch)
- python-pyOpenSSL-17.1.0-4.23.1
- python3-pyOpenSSL-17.1.0-4.23.1
SUSE Linux Enterprise Server 12 SP2 ESPOS 12-SP2 (noarch)
- python-pyOpenSSL-17.1.0-4.23.1
- python3-pyOpenSSL-17.1.0-4.23.1
SUSE Linux Enterprise Server 12 SP2 LTSS 12-SP2 (noarch)
- python-pyOpenSSL-17.1.0-4.23.1
- python3-pyOpenSSL-17.1.0-4.23.1
SUSE Linux Enterprise Server 12 SP3 BCL 12-SP3 (noarch)
- python-pyOpenSSL-17.1.0-4.23.1
- python3-pyOpenSSL-17.1.0-4.23.1
SUSE Linux Enterprise Server 12 SP3 ESPOS 12-SP3 (noarch)
- python-pyOpenSSL-17.1.0-4.23.1
- python3-pyOpenSSL-17.1.0-4.23.1
SUSE Linux Enterprise Server 12 SP3 LTSS 12-SP3 (noarch)
- python-pyOpenSSL-17.1.0-4.23.1
- python3-pyOpenSSL-17.1.0-4.23.1
SUSE Linux Enterprise High Performance Computing 12 SP4 (noarch)
- python-pyOpenSSL-17.1.0-4.23.1
- python3-pyOpenSSL-17.1.0-4.23.1
SUSE Linux Enterprise Server 12 SP4 (noarch)
- python-pyOpenSSL-17.1.0-4.23.1
- python3-pyOpenSSL-17.1.0-4.23.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4 (noarch)
- python-pyOpenSSL-17.1.0-4.23.1
- python3-pyOpenSSL-17.1.0-4.23.1
SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch)
- python-pyOpenSSL-17.1.0-4.23.1
- python3-pyOpenSSL-17.1.0-4.23.1
SUSE Linux Enterprise Server 12 SP5 (noarch)
- python-pyOpenSSL-17.1.0-4.23.1
- python3-pyOpenSSL-17.1.0-4.23.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch)
- python-pyOpenSSL-17.1.0-4.23.1
- python3-pyOpenSSL-17.1.0-4.23.1
SUSE Enterprise Storage 5 (noarch)
- python-pyOpenSSL-17.1.0-4.23.1
- python3-pyOpenSSL-17.1.0-4.23.1

Recommended update for python-pyOpenSSL

Description:

Patch Instructions:

Package List:

References: