SUSE Package Hub - openSUSE-2025-215

Update Info

openSUSE-2025-215

Recommended update for python-certbot-dns-google, python-google-api-python-client, python-google-auth-httplib2, python-uritemplate

Type: recommended

Severity: moderate

Issued: 2025-06-21

Description:

This update for python-certbot-dns-google, python-google-api-python-client, python-google-auth-httplib2, python-uritemplate fixes the following issues:

Changes in python-uritemplate, python-google-auth-httplib2, python-google-api-python-client:

- shipped for use by python-certbot-dns-google.

Changes in python-certbot-dns-google:

Update to version 2.11.0:

* sync with the main certbot package

Update to 2.9.0:

* Support for Python 3.12 was added.
* Updates `joinpath` syntax to only use one addition per call,
because the multiple inputs version was causing mypy errors
on Python 3.10.
* Makes the `reconfigure` verb actually use the staging server
for the dry run to check the new configuration.

Update to version 2.7.3:

* Filter zones in certbot-dns-google to avoid usage of private DNS zones to create records

Update to version 2.6.0:

* Support for Python 3.11 was added to Certbot and all of its components.
* All Certbot components now require pytest to run tests.
* Packaged tests for all Certbot components besides josepy were moved inside the _internal/tests module.
* There is now a new Other annotated challenge object to allow plugins to support entirely novel challenges.
* --dns-google-project optionally allows for specifying the project that the DNS zone(s) reside in, which
allows for Certbot usage in scenarios where the auth credentials reside in a different project to the zone(s)
that are being managed.
* certbot-dns-google now loads credentials using the standard Application Default Credentials strategy, rather
than explicitly requiring the Google Compute metadata server to be present if a service account is not provided
using --dns-google-credentials.
* --dns-google-credentials now supports additional types of file-based credential, such as
External Account Credentials created by Workload Identity Federation. All file-based credentials implemented
by the Google Auth library are supported.
* certbot-dns-google no longer requires deprecated oauth2client library.
* Certbot no longer depends on zope.

Update to 1.29.0:

* --allow-subset-of-names will now additionally retry in cases where domains
are rejected while creating or finalizing orders. This requires subproblem
support from the ACME server
* The show_account subcommand now uses the "newAccount" ACME endpoint to
fetch the account data, so it doesn't rely on the locally stored account URL.
This fixes situations where Certbot
would use old ACMEv1 registration info with non-functional account URLs.
* The generated Certificate Signing Requests are now generated as version 1
instead of version 3. This resolves situations in where strict enforcement
of PKCS#10 meant that CSRs that were generated as version 3 were rejected

Update to version 1.26.0:

* GCP Permission list for certbot-dns-google in plugin documentation

References

Bugzilla: 954690 Support VPN feature in google-cloud-sdk
FATE: 321630 https://features.opensuse.org/321630
FATE: 316168 https://features.opensuse.org/316168
Bugzilla: 1161898 Request to add "gcp-vpc-move-route" resource agent to SLE12 and SLE15
Bugzilla: 1002895 update google-cloud-sdk

Packages

python-certbot-dns-google-2.11.0-bp157.2.3.1

python-google-api-python-client-2.170.0-bp157.2.1

python-google-auth-httplib2-0.2.0-bp157.2.1

python-uritemplate-4.1.1-bp157.2.1