Recommended update for libsodium, python-Django, python-PyNaCl, python-cffi, python-hypothesis, python-packaging, python-readthedocs-sphinx-ext, python-semver, python-sphinx_rtd_theme

Announcement ID: SUSE-RU-2022:4491-1
Rating: important
References:
Affected Products:
  • Basesystem Module 15-SP3
  • Basesystem Module 15-SP4
  • openSUSE Leap 15.4
  • Public Cloud Module 15-SP2
  • Python 2 Module 15-SP3
  • SUSE Linux Enterprise Desktop 15 SP3
  • SUSE Linux Enterprise Desktop 15 SP4
  • SUSE Linux Enterprise High Performance Computing 15 SP2
  • SUSE Linux Enterprise High Performance Computing 15 SP3
  • SUSE Linux Enterprise High Performance Computing 15 SP4
  • SUSE Linux Enterprise Micro 5.1
  • SUSE Linux Enterprise Micro 5.2
  • SUSE Linux Enterprise Micro 5.3
  • SUSE Linux Enterprise Micro 5.4
  • SUSE Linux Enterprise Micro for Rancher 5.2
  • SUSE Linux Enterprise Micro for Rancher 5.3
  • SUSE Linux Enterprise Real Time 15 SP3
  • SUSE Linux Enterprise Real Time 15 SP4
  • SUSE Linux Enterprise Server 15 SP2
  • SUSE Linux Enterprise Server 15 SP3
  • SUSE Linux Enterprise Server 15 SP3 Business Critical Linux 15-SP3
  • SUSE Linux Enterprise Server 15 SP4
  • SUSE Linux Enterprise Server for SAP Applications 15 SP2
  • SUSE Linux Enterprise Server for SAP Applications 15 SP3
  • SUSE Linux Enterprise Server for SAP Applications 15 SP4
  • SUSE Manager Proxy 4.1
  • SUSE Manager Proxy 4.2
  • SUSE Manager Proxy 4.3
  • SUSE Manager Retail Branch Server 4.1
  • SUSE Manager Retail Branch Server 4.2
  • SUSE Manager Retail Branch Server 4.3
  • SUSE Manager Server 4.1
  • SUSE Manager Server 4.2
  • SUSE Manager Server 4.3
  • SUSE Package Hub 15 15-SP3
  • SUSE Package Hub 15 15-SP4

An update that contains two features and has five fixes can now be installed.

Description:

This update for libsodium, python-Django, python-PyNaCl, python-cffi, python-hypothesis, python-packaging, python-readthedocs-sphinx-ext, python-semver, python-sphinx_rtd_theme fixes the following issues:

libsodium:

  • Version update from 1.0.16 to 1.0.18 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
  • Enterprise versions of Visual Studio are now supported
  • Visual Studio 2019 is now supported
  • 32-bit binaries for Visual Studio 2010 are now provided
  • Emscripten: print and printErr functions are overridden to send errors to the console, if there is one
  • Emscripten: UTF8ToString() is now exported since Pointer_stringify() has been deprecated
  • Libsodium version detection has been fixed in the CMake recipe
  • Generic hashing got a 10% speedup on AVX2.
  • New target: WebAssembly/WASI (compile with dist-builds/wasm32-wasi.sh)
  • New functions to map a hash to an edwards25519 point or get a random point: core_ed25519_from_hash() and core_ed25519_random()
  • crypto_core_ed25519_scalar_mul() has been implemented for scalar*scalar (mod L) multiplication
  • Support for the Ristretto group has been implemented for interoperability with wasm-crypto
  • Improvements have been made to the test suite
  • Portability improvements have been made
  • 'randombytes_salsa20' has been 'renamed to randombytes_internal'
  • Support for NativeClient has been removed
  • Most ((nonnull)) attributes have been relaxed to allow 0-length inputs to be NULL.
  • The -ftree-vectorize and -ftree-slp-vectorize compiler switches are now used, if available, for optimized builds
  • For the full list of changes please consult the packaged ChangeLog
  • Disable LTO to bypass build failures on Power PC architecture (bsc#1148184)

python-cffi:

  • Version update from 1.11.2 to 1.15.0 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
  • Fixed MANIFEST.in to include missing file for Windows arm64 support
  • Fixed Linux wheel build to use gcc default ISA for libffi
  • Updated setup.py Python trove specifiers to currently-tested Python versions
  • CPython 3.10 support (including wheels)
  • MacOS arm64 support (including wheels)
  • Initial Windows arm64 support
  • Misc. doc and test updates
  • Fix for using to proper void returning function not to corrupt memory in tests. (bsc#1111657)

python-Django:

  • New package at version 2.0.7 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

python-hypothesis:

  • Version update from 3.40.1 to 3.76.0 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
  • This release deprecates using floats for min_size and max_size
  • The type hint for average_size arguments has been changed from Optional[int] to None, because non-None values are always ignored and deprecated.
  • Fix a broken link in a docstring
  • Deprecate the use of 'min_size=None', setting the mdefault min_size to 0
  • Strategies are now fully constructed and validated before the timer is started
  • Fix some broken formatting and links in the documentation
  • Check that the value of the print_blob setting is a PrintSettings instance
  • Being able to specify a boolean value was not intended, and is now deprecated. In addition, specifying True will now cause the blob to always be printed, instead of causing it to be suppressed.
  • Specifying any value that is not a PrintSettings or a boolean is now an error
  • Changes the documentation for hypothesis.strategies.datetimes, hypothesis.strategies.dates, hypothesis.strategies.times to use the new parameter names min_value and max_value instead of the deprecated names
  • Ensure that Hypothesis deprecation warnings display the code that emitted them when you’re not running in -Werror mode
  • For the full list of changes please consult the changelog at https://hypothesis.readthedocs.io/en/latest/changes.html#v3-76-0

python-packaging:

  • Version update from 16.8 to 21.3 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
  • Fix testsuite on big-endian targets
  • Ignore python3.6.2 since the test doesn't support it
  • Replace the blank pyparsing 3 exclusion with a 3.0.5 exclusion
  • Fix a spelling mistake
  • Work around dependency generator issues (bsc#1186870)
  • Remove dependency on attrs (bsc#1144506)
  • Update documentation entry for 21.1.
  • Update pin to pyparsing to exclude 3.0.0.
  • PEP 656: musllinux support
  • Drop support for Python 2.7, Python 3.4 and Python 3.5.
  • Replace distutils usage with sysconfig
  • Add support for zip files in parse_sdist_filename
  • Use cached _hash attribute to short-circuit tag equality comparisons
  • Specify the default value for the specifier argument to SpecifierSet
  • Proper keyword-only "warn" argument in packaging.tags
  • Correctly remove prerelease suffixes from ~= check
  • Fix type hints for Version.post`` andVersion.dev`
  • Use typing alias `UnparsedVersion``
  • Improve type inference for packaging.specifiers.filter()
  • Tighten the return type of canonicalize_version()
  • For the full list of changes please consult the packaged CHANGELOG file

python-PyNaCl:

  • Version update from 1.2.1 to 1.4.0 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
  • Add dependency requirement to python-six, needed by the testsuite
  • Update libsodium to 1.0.18.
  • BACKWARDS INCOMPATIBLE: We no longer distribute 32-bit manylinux1 wheels. Continuing to produce them was a maintenance burden.
  • Added support for Python 3.8, and removed support for Python 3.4.
  • Add low level bindings for extracting the seed and the public key from crypto_sign_ed25519 secret key
  • Add low level bindings for deterministic random generation.
  • Add wheel and setuptools setup_requirements in setup.py
  • Fix checks on very slow builders (#481, #495)
  • Add low-level bindings to ed25519 arithmetic functions
  • Update low-level blake2b state implementation
  • Fix wrong short-input behavior of SealedBox.decrypt()
  • Raise CryptPrefixError exception instead of InvalidkeyError when trying to check a password against a verifier stored in a unknown format
  • Add support for minimal builds of libsodium. Trying to call functions not available in a minimal build will raise an UnavailableError exception. To compile a minimal build of the bundled libsodium, set the SODIUM_INSTALL_MINIMAL environment variable to any non-empty string (e.g. SODIUM_INSTALL_MINIMAL=1) for setup.

python-semver:

  • New package at version 2.13.0 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

python-sphinx_rtd_theme:

  • Version update from 0.2.4 to 0.5.1 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
  • Add github, gitlab, bitbucket page arguments option
  • Add html language attribute
  • Add language to the JS output variable
  • Add open list spacing
  • Add option to style external links
  • Add pygments support
  • Add setuptools entry point allowing to use sphinx_rtd_theme as Sphinx html_theme directly.
  • Add Sphinx as a dependency
  • Allow setting 'rel' and 'title' attributes for stylesheets
  • Changed code and literals to use a native font stack
  • Color accessibility improvements on the left navigation
  • Compress our Javascript files
  • Do not rely on readthedocs.org for CSS/JS
  • Fix line height adjustments for Liberation Mono
  • Fix line number spacing to align with the code lines
  • Fix many sidebar glitches
  • Fix many styling issues
  • Fix mkdocs version selector
  • Fix small styling issues
  • Fix some HTML warnings and errors
  • Fix table centering
  • Hide Edit links on auto created pages
  • Include missing font files with the theme
  • Updated dependencies
  • Write theme version and build date at top of JavaScript and CSS

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  • openSUSE Leap 15.4
    zypper in -t patch openSUSE-SLE-15.4-2022-4491=1
  • SUSE Linux Enterprise Micro for Rancher 5.3
    zypper in -t patch SUSE-SLE-Micro-5.3-2022-4491=1
  • SUSE Linux Enterprise Micro 5.3
    zypper in -t patch SUSE-SLE-Micro-5.3-2022-4491=1
  • Basesystem Module 15-SP3
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-4491=1
  • Basesystem Module 15-SP4
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-4491=1
  • SUSE Package Hub 15 15-SP3
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-4491=1
  • SUSE Package Hub 15 15-SP4
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-4491=1
  • Public Cloud Module 15-SP2
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP2-2022-4491=1
  • Python 2 Module 15-SP3
    zypper in -t patch SUSE-SLE-Module-Python2-15-SP3-2022-4491=1
  • SUSE Linux Enterprise Micro 5.1
    zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-4491=1
  • SUSE Linux Enterprise Micro 5.2
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-4491=1
  • SUSE Linux Enterprise Micro for Rancher 5.2
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-4491=1

Package List:

  • openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64)
    • libsodium23-1.0.18-150000.4.6.1
    • python-PyNaCl-debugsource-1.4.0-150000.3.6.6
    • libsodium23-debuginfo-1.0.18-150000.4.6.1
    • libsodium-debugsource-1.0.18-150000.4.6.1
    • python-PyNaCl-debuginfo-1.4.0-150000.3.6.6
    • libsodium-devel-1.0.18-150000.4.6.1
    • python3-PyNaCl-debuginfo-1.4.0-150000.3.6.6
    • python3-PyNaCl-1.4.0-150000.3.6.6
  • openSUSE Leap 15.4 (x86_64)
    • libsodium23-32bit-1.0.18-150000.4.6.1
    • libsodium23-32bit-debuginfo-1.0.18-150000.4.6.1
  • openSUSE Leap 15.4 (noarch)
    • python3-sphinx_rtd_theme-0.5.1-150000.3.5.1
  • SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    • libsodium23-1.0.18-150000.4.6.1
    • libsodium23-debuginfo-1.0.18-150000.4.6.1
    • libsodium-debugsource-1.0.18-150000.4.6.1
  • SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    • libsodium23-1.0.18-150000.4.6.1
    • libsodium23-debuginfo-1.0.18-150000.4.6.1
    • libsodium-debugsource-1.0.18-150000.4.6.1
  • Basesystem Module 15-SP3 (aarch64 ppc64le s390x x86_64)
    • libsodium23-1.0.18-150000.4.6.1
    • python-PyNaCl-debugsource-1.4.0-150000.3.6.6
    • libsodium23-debuginfo-1.0.18-150000.4.6.1
    • libsodium-debugsource-1.0.18-150000.4.6.1
    • python-PyNaCl-debuginfo-1.4.0-150000.3.6.6
    • libsodium-devel-1.0.18-150000.4.6.1
    • python3-PyNaCl-debuginfo-1.4.0-150000.3.6.6
    • python3-PyNaCl-1.4.0-150000.3.6.6
  • Basesystem Module 15-SP3 (noarch)
    • python3-sphinx_rtd_theme-0.5.1-150000.3.5.1
  • Basesystem Module 15-SP3 (x86_64)
    • libsodium23-32bit-1.0.18-150000.4.6.1
    • libsodium23-32bit-debuginfo-1.0.18-150000.4.6.1
  • Basesystem Module 15-SP4 (aarch64 ppc64le s390x x86_64)
    • libsodium23-1.0.18-150000.4.6.1
    • python-PyNaCl-debugsource-1.4.0-150000.3.6.6
    • libsodium23-debuginfo-1.0.18-150000.4.6.1
    • libsodium-debugsource-1.0.18-150000.4.6.1
    • python-PyNaCl-debuginfo-1.4.0-150000.3.6.6
    • libsodium-devel-1.0.18-150000.4.6.1
    • python3-PyNaCl-debuginfo-1.4.0-150000.3.6.6
    • python3-PyNaCl-1.4.0-150000.3.6.6
  • Basesystem Module 15-SP4 (noarch)
    • python3-sphinx_rtd_theme-0.5.1-150000.3.5.1
  • Basesystem Module 15-SP4 (x86_64)
    • libsodium23-32bit-1.0.18-150000.4.6.1
    • libsodium23-32bit-debuginfo-1.0.18-150000.4.6.1
  • SUSE Package Hub 15 15-SP3 (noarch)
    • python2-sphinx_rtd_theme-0.5.1-150000.3.5.1
  • SUSE Package Hub 15 15-SP4 (noarch)
    • python2-sphinx_rtd_theme-0.5.1-150000.3.5.1
  • Public Cloud Module 15-SP2 (noarch)
    • python3-sphinx_rtd_theme-0.5.1-150000.3.5.1
  • Python 2 Module 15-SP3 (aarch64 ppc64le s390x x86_64)
    • python2-PyNaCl-debuginfo-1.4.0-150000.3.6.6
    • python-PyNaCl-debugsource-1.4.0-150000.3.6.6
    • python2-PyNaCl-1.4.0-150000.3.6.6
    • python-PyNaCl-debuginfo-1.4.0-150000.3.6.6
  • SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
    • libsodium23-1.0.18-150000.4.6.1
    • libsodium23-debuginfo-1.0.18-150000.4.6.1
    • libsodium-debugsource-1.0.18-150000.4.6.1
  • SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
    • libsodium23-1.0.18-150000.4.6.1
    • libsodium23-debuginfo-1.0.18-150000.4.6.1
    • libsodium-debugsource-1.0.18-150000.4.6.1
  • SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
    • libsodium23-1.0.18-150000.4.6.1
    • libsodium23-debuginfo-1.0.18-150000.4.6.1
    • libsodium-debugsource-1.0.18-150000.4.6.1

References: