FEDORA-2015-11629 created by cicku 9 years ago for Fedora 22

= Release 0.8.0 (15-Apr-2015) =

** UnauthenticatedTub is gone

As announced in the previous release, UnauthenticatedTub has been removed. All Tubs are fully authenticated now.

** Security Improvements

Foolscap now generates better TLS certificates, with 2048-bit RSA keys and SHA256 digests. Previous versions used OpenSSL's defaults, which typically meant 1024-bit MD5.

To benefit from the new certificates, you must regenerate your Tubs, which means creating new FURLs (with new TubIDs). Previously-created Tubs will continue to work normally: only new Tubs will be different.

** Packaging/Dependency Changes now requires setuptools

Foolscap now requires pyOpenSSL unconditionally, because all Tubs are authenticated.

We now recommend "pip install ." to install Foolscap and all its dependencies, instead of "python install". See #231 for details.

= Release 0.7.0 (23-Sep-2014) =

** Security Fixes

The "flappserver" feature was found to have a vulnerability in the service-lookup code which, when combined with an attacker who has the ability to write files to a location where the flappserver process could read them, would allow that attacker to obtain control of the flappserver process.

Users who run flappservers should upgrade to 0.7.0, where this was fixed as part of #226.

Each flappserver runs from a "base directory", and uses multiple files within the basedir to track the services that have been configured. The format of these files has changed. The flappserver tool in 0.7.0 remains capable of reading the old format (safely), but will upgrade the basedir to the new format when you use "flappserver add" to add a new service. Brand new servers, created with "flappserver create", will use the new format.

The flappserver tool in 0.6.5 (or earlier) cannot handle this new format, and will believe that no services have been configured. Therefore downgrading to an older version of Foolscap will require manual reconstruction of the configured services.

** Major Changes

UnauthenticatedTub has been deprecated, and will be removed in the next release (0.8.0). This seldom-used feature provides Foolscap's RPC semantics without any of the security, and was included to enable the use of Foolscap without depending upon the (challenging-to-install) PyOpenSSL library. However, in practice, the lack of a solid dependency on PyOpenSSL has made installation more difficult for applications that do want the security, and UnauthenticatedTub is a footgun waiting to go off. Foolscap's code and packaging will be simpler without it. (#67)

** Minor Changes

The "git-foolscap" tools, which make it possible to publish and clone Git repositories over a Foolscap (flappserver) connection, have been moved from their hiding place in doc/examples/ into their own project, hosted at . They will also be published on PyPI, to enable "pip install git-foolscap".

The documentation was converted from Lore to ReStructuredText (.rst). Thanks to Koblaid for the patient work. (#148)

The connection-hint parser in 0.7.0 has been changed to handle all TCP forms of Twisted's "Client Endpoint Descriptor" syntax, including the short "tcp:" variant. A future version should handle arbitrary endpoint descriptors (including Tor and i2p, see #203), but this small step should improve forward compatibility. (#216, #217)

= Release 0.6.5 (12-Aug-2014) =

** Compatibility Fixes

This release is compatible with Twisted-14.0.0.

Foolscap no longer claims compatability with python-2.4.x or 2.5.x . These old versions might still work, but there are no longer automated tests to ensure this. Future versions will almost certainly not work with anything older than python-2.6.x . Foolscap remains incompatible with py3, sorry.

** Forward Compatibility

When parsing FURLs, the connection hints can now use TCP sockets described with the Twisted Endpoints syntax (e.g. "tcp:host="), in addition to the earlier host:port "" form. Foolscap-0.6.5 ignores any hint that is not in one of these two forms. This should make it easier to introduce new hint types in the future.

** Minor Changes

The "ChangeLog" file is no longer updated.

Violation reports now include the method name. (#201)

The "flappserver" tool explicitly rejects unicode input, rather than producing hard-to-diagnose errors later. (#209)

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2015-11629

This update has been submitted for testing by cicku.

9 years ago

Taskotron: depcheck test PASSED on x86_64. Result log: (results are informative only)

Taskotron: depcheck test PASSED on i386. Result log: (results are informative only)

This update is currently being pushed to the Fedora 22 testing updates repository.

9 years ago

This update has been pushed to testing

9 years ago

This update has been submitted for stable by cicku.

8 years ago

Taskotron: upgradepath test PASSED on noarch. Result log: (results are informative only)

This update is currently being pushed to the Fedora 22 stable updates repository.

8 years ago

This update is currently being pushed to the Fedora 22 stable updates repository.

8 years ago

This update has been pushed to stable

8 years ago

Please login to add feedback.

Content Type
Test Gating
Unstable by Karma
Stable by Karma
Stable by Time
9 years ago
in testing
9 years ago
in stable
8 years ago
BZ#1106775 python-foolscap: FTBFS in rawhide
BZ#1214129 Upgrade Version Request
BZ#1239839 python-foolscap: FTBFS in rawhide

Automated Test Results