Update Info

openSUSE-2020-97


Recommended update for python-acme, python-certbot, python-certbot-apache, python-certbot-dns-cloudflare, python-certbot-dns-cloudxns, python-certbot-dns-digitalocean, python-certbot-dns-dnsimple, python-certbot-dns-dnsmadeeasy, python-certbot-dns-google, python-certbot-dns-luadns, python-certbot-dns-nsone, python-certbot-dns-rfc2136, python-certbot-dns-route53, python-certbot-nginx


Type: recommended
Severity: moderate
Issued: 2020-01-24
Description:
This update for python-acme, python-certbot, python-certbot-apache, python-certbot-dns-cloudflare, python-certbot-dns-cloudxns, python-certbot-dns-digitalocean, python-certbot-dns-dnsimple, python-certbot-dns-dnsmadeeasy, python-certbot-dns-google, python-certbot-dns-luadns, python-certbot-dns-nsone, python-certbot-dns-rfc2136, python-certbot-dns-route53, python-certbot-nginx fixes the following issues:

Changes in python-acme:

update to version 1.0.0 (boo#1160066)

* Deprecated attributes related to the TLS-SNI-01 challenge in
  acme.challenges and acme.standalone have been removed.

update to version 0.40.1

* acme.standalone.BaseRequestHandlerWithLogging and acme.standalone.simple_tls_sni_01_server 
  have been deprecated and will be removed in a future release of the library.

update to version 0.37.2

* acme: Authz deactivation added to acme module.


Changes in python-certbot:

update to version 1.0.0 (boo#1160066)

* certbot-auto has deprecated support for systems using OpenSSL 1.0.1 
  that are not running on x86-64.
* Certbot's config_changes subcommand has been removed
* certbot.plugins.common.TLSSNI01 has been removed.
* The functions certbot.client.view_config_changes,
  certbot.main.config_changes,
  certbot.plugins.common.Installer.view_config_changes,
  certbot.reverter.Reverter.view_config_changes, and
  certbot.util.get_systemd_os_info have been removed
* Certbot's register --update-registration subcommand has been removed
* When possible, default to automatically configuring the webserver so all requests
  redirect to secure HTTPS access. This is mostly relevant when running Certbot
  in non-interactive mode. Previously, the default was to not redirect all requests.

update to version 0.40.1

* --server may now be combined with --dry-run.
* --dry-run now requests fresh authorizations every time, fixing 
  the issue where it was prone to falsely reporting success.
* The OS detection logic again uses distro library for Linux OSes
* certbot.plugins.common.TLSSNI01 has been deprecated and will be 
  removed in a future release.
* CLI flags --tls-sni-01-port and --tls-sni-01-address have been removed.
* The values tls-sni and tls-sni-01 for the --preferred-challenges 
  flag are no longer accepted.
* Removed the flags: --agree-dev-preview, --dialog, and --apache-init-script

update to version 0.39.0

* Support for Python 3.8 was added to Certbot and all of its components.
* Don't send OCSP requests for expired certificates

update to version 0.38.0

* If Certbot fails to rollback your server configuration, the 
  error message links to the Let's Encrypt forum.
* Replace platform.linux_distribution with distro.linux_distribution 
  as a step towards Python 3.8 support in Certbot.

update to version 0.37.2

* nginx and apache fixes

Changes in python-certbot-apache:

update to version 1.0.0 (boo#1160066)

* The docs extras for the certbot-apache and certbot-nginx packages
  have been removed.

update to version 0.40.1

* Sync with main certbot package.

update to version 0.39.0

* Support for Python 3.8 was added to Certbot and all of its components.

update to version 0.38.0

* Fixed OS detection in the Apache plugin on Scientific Linux.

update to version 0.37.2

* Turn off session tickets for apache plugin by default
* Stop disabling TLS session tickets in Apache as it caused TLS 
  failures on some systems.

Changes in python-certbot-dns-cloudflare:

update to version 0.39.0

* Support for Python 3.8 was added to Certbot and all of its components.

Changes in python-certbot-dns-rfc2136:

update to version 1.0.0

* certbot-dns-rfc2136 now uses TCP to query SOA records.

Changes in python-certbot-nginx:

update to version 1.0.0 (boo#1160066)

* Disable session tickets for Nginx users when appropriate.

update to version 0.37.2

* Follow updated Mozilla recommendations for Nginx ssl_protocols, 
  ssl_ciphers, and ssl_prefer_server_ciphers
* Stop disabling TLS session tickets in Nginx as it caused TLS 
  failures on some systems.

This update was imported from the openSUSE:Leap:15.1:Update update project.

              

Packages


  • python-acme-1.0.0-bp151.3.6.3
  • python-certbot-apache-1.0.0-bp151.3.6.3
  • python-certbot-dns-cloudflare-1.0.0-bp151.3.6.3
  • python-certbot-dns-cloudxns-1.0.0-bp151.2.6.4
  • python-certbot-dns-digitalocean-1.0.0-bp151.2.6.3
  • python-certbot-dns-dnsimple-1.0.0-bp151.2.6.4
  • python-certbot-dns-dnsmadeeasy-1.0.0-bp151.2.6.4
  • python-certbot-dns-google-1.0.0-bp151.2.6.2
  • python-certbot-dns-luadns-1.0.0-bp151.2.6.4
  • python-certbot-dns-nsone-1.0.0-bp151.2.6.4
  • python-certbot-dns-rfc2136-1.0.0-bp151.2.6.3
  • python-certbot-dns-route53-1.0.0-bp151.2.6.3
  • python-certbot-nginx-1.0.0-bp151.2.6.3
  • python-certbot-1.0.0-bp151.3.6.3