python-crypto (2.6-4+deb7u8) wheezy-security; urgency=high

  * Non-maintainer upload by the LTS Team.
  * CVE-2018-6594: fix generating weak ElGamal key parameters, which allowed
    attackers to obtain sensitive information by reading ciphertext data.

 -- Brian May <bam@debian.org>  Fri, 09 Feb 2018 16:41:36 +1100

python-crypto (2.6-4+deb7u7) wheezy-security; urgency=high

  * Add a check for an actually working multiprocessing.Queue(), improving on
    the existing checks added as part of CVE-2013-7459 (NB. not CVE-2013-7459).
    This should fix the missing builds on !amd64 due to skipping this (failing)
    test on the Debian buildds.

 -- Chris Lamb <lamby@debian.org>  Mon, 09 Jan 2017 21:12:25 +0000

python-crypto (2.6-4+deb7u6) wheezy-security; urgency=high

  * Update CVE-2013-7459: Actually print the warning, not raise the exception.
    Thanks to Sebastian Ramacher. (Closes: #849495, #850025, #850077)

 -- Chris Lamb <lamby@debian.org>  Thu, 05 Jan 2017 10:34:54 +0000

python-crypto (2.6-4+deb7u5) wheezy-security; urgency=high

  * Update CVE-2013-7459: Raise a warning (not an error) on invalid input to
    avoid regressions in (eg.) python-paramiko, duplicity. etc. introduced
    in 2.6-4+deb7u4. Thanks to Salvatore Bonaccorso and Sebastian Ramacher.
    (Closes: #849495, #850025, #850077)

 -- Chris Lamb <lamby@debian.org>  Wed, 04 Jan 2017 16:42:54 +0000

python-crypto (2.6-4+deb7u4) wheezy-security; urgency=high

  * CVE-2013-7459: Fix issue where calling AES.new with an invalid parameter
    crashes Python interpreter. (Closes: #849495)

 -- Chris Lamb <lamby@debian.org>  Sun, 01 Jan 2017 10:58:48 +0000

python-crypto (2.6-4+deb7u3) wheezy-security; urgency=low

  * debian/patches/CVE-2013-1445.patch: Disable multiprocessing tests on
    kfreebsd-* completely since Python 2.6 and 2.7 report different errors if
    multiprocessing is not working.

 -- Sebastian Ramacher <sramacher@debian.org>  Fri, 18 Oct 2013 14:21:33 +0200

python-crypto (2.6-4+deb7u2) wheezy-security; urgency=low

  * debian/patches/CVE-2013-1445.patch: Check if multiprocessing.synchronize
    is working in the test suite to fix a build failure on kfreebsd-*.

 -- Sebastian Ramacher <sramacher@debian.org>  Fri, 18 Oct 2013 01:07:38 +0200

python-crypto (2.6-4+deb7u1) wheezy-security; urgency=high

  * debian/patches/CVE-2013-1445.patch: Apply upstream patch to fix
    CVE-2013-1445: PRNG not correctly reseeded in some situations.

 -- Sebastian Ramacher <sramacher@debian.org>  Thu, 17 Oct 2013 21:55:30 +0200

python-crypto (2.6-4) unstable; urgency=low

  * debian/python-crypto-dbg.preinst: Add preinst script to handle symlink to
    directory conversion for /usr/share/doc/python-crypto-dbg. Thanks to
    Andreas Beckmann for the report. (Closes: #700778)

 -- Sebastian Ramacher <sramacher@debian.org>  Sun, 17 Feb 2013 16:24:21 +0100

python-crypto (2.6-3) unstable; urgency=low

  * debian/{control,copyright}: Update my mail address.
  * debian/control:
    - Remove DM-Upload-Allowed.
    - Add Breaks python{,3}-keyring (<= 0.7.1-1) to python{,3}-crypto.

 -- Sebastian Ramacher <sramacher@debian.org>  Thu, 03 Jan 2013 00:32:03 +0100

python-crypto (2.6-2) unstable; urgency=low

  * debian/patches:
    - fix-cipher-iv-documentation.patch: Add patch from Stefano Rivera to
      document the actual behavior of the ciphers' new method with respect to
      the IV.
    - fix-epydoc-ignore.patch: Mark as forwarded.
    - reenable-redefined-tests.patch: Re-enable tests that have been redefined.
      Thanks to Jakub Wilk's lintian4python.
    - fix-py3-errors.patch: Fix Python 3 compatibility issues revealed by the
      re-enabled tests.
    - fix-except-shadows-builtin.patch: Fix 'except shadows builtin' error
      found by lintian4python.
  * debian/compat: Bump to 9.
  * debian/control: Bump Build-Dep on debhelper to >= 9.
  * debian/rules:
    - Run loops with set -ex.
    - Merge Python 2 and Python 3 loops. This can be done at once.
    - Don't call dh_install twice.
    - Build documentation in override_dh_auto_build.
    - Drop the *FLAGS exports.

 -- Sebastian Ramacher <s.ramacher@gmx.at>  Thu, 31 May 2012 11:46:10 +0200

python-crypto (2.6-1) unstable; urgency=high

  * New upstream release.
    - Fixes CVE-2012-2417: insecure ElGamal key generation.
  * Set urgency to high since this fixes a security issue.
  * debian/copyright:
    - Fix formatting.
    - Update Format URL.
  * debian/control:
    - Bump Standards-Version to 3.9.3 (no changes required).
    - Drop qNEW from Description since qNEW has been removed.
  * debian/patches: Remove posixread.patch (not needed anymore).

 -- Sebastian Ramacher <s.ramacher@gmx.at>  Thu, 24 May 2012 20:16:34 +0200

python-crypto (2.5-2) unstable; urgency=low

  * debian/patches: add posixread.patch to fix incorrect assumption on data
    returned from read. (Closes: #654160)

 -- Sebastian Ramacher <s.ramacher@gmx.at>  Sat, 21 Jan 2012 13:09:09 +0100

python-crypto (2.5-1) unstable; urgency=low

  * New upstream release.
  * debian/patches: add fix-epydog-ignore.patch to fix some warnings from
    epydoc.

 -- Sebastian Ramacher <s.ramacher@gmx.at>  Fri, 13 Jan 2012 21:46:38 +0100

python-crypto (2.4.1-1) unstable; urgency=low

  * New upstream release.
  * debian/rules: also export CPPFLAGS to honor all hardening flags.
  * Support noopt.
    - debian/patches:
      + dont-drop-g.patch: update to don't drop optimization flags and to
        don't append -O3.
      + Add fix-unresolved-reference-size.patch to fix an unresolved reference
        in _fastmath when built without optimization.
    - debian/rules: if noopt is not set, append -O3 to CFLAGS (as upstream
      does).

 -- Sebastian Ramacher <s.ramacher@gmx.at>  Wed, 16 Nov 2011 18:09:13 +0100

python-crypto (2.4-1) unstable; urgency=low

  [ Sebastian Ramacher ]
  * New upstream release.
  * debian/rules: export CFLAGS and LDFLAGS to build with hardening flags.
  * debian/patches:
    - Add dont-drop-g.patch to compile non debug builds with -g.
    - Remove epydoc-exclude-introspect.patch, fix-RSA-generate-exception.patch
      and no-usr-local.patch: all applied upstream.
    - Remove setup-dont-check-gmp.patch: not needed anymore.
  * Add python3-crypto and python3-crypto-dbg packages.
    - debian/rules: build, install and test for all available versions of
      Python 2 and Python 3.
    - debian/control: add Build-Dep on python3-all-dev and python3-all-dbg.

  [ Jan Dittberner ]
  * add debian/control: DM-Upload-Allowed: yes

 -- Sebastian Ramacher <s.ramacher@gmx.at>  Mon, 24 Oct 2011 21:10:19 +0200

python-crypto (2.3-3) unstable; urgency=low

  * Add patch setup-dont-check-gmp.patch to build _fastmath.so even with
    multiarch-ified versions of libgmp.

 -- Sebastian Ramacher <s.ramacher@gmx.at>  Sat, 24 Sep 2011 16:19:11 +0200

python-crypto (2.3-2) unstable; urgency=low

  * Add Vcs-* entries.
  * Add patch fix-RSA-generate-exception.patch to fix exception message in
    Crypto.PublicKey.RSA.generate (Closes: #627959).

 -- Sebastian Ramacher <s.ramacher@gmx.at>  Thu, 26 May 2011 18:50:11 +0200

python-crypto (2.3-1) unstable; urgency=low

  * New maintainer (Closes: #532121).
  * New upstream release (Closes: #625238).
  * Switch format to 3.0 (quilt).
  * Use dh instead of cdbs:
    - Switch to dh_python2 (Closes: #617001).
    - Drop Build-Depends on quilt, cdbs, ed, python-central.
    - Raise required debhelper version to 8.1.0.
    - Drop XB-Python-Version and depend on python:Depends.
    - Replace XS-Python-Version by X-Python-Version.
    - Drop Depends on python-dbg in python-crypto-dbg as dh_python2 will add
      these dependencies anyway.
    - Remove unused files patch-mangle.sh and pycompat.
  * Build-Depend on libgmp-dev.
  * Build-Depend on python-docutils since the documentation uses reST.
  * Ship documentation in extra package to satisfy lintian
    (arch-dep-package-has-big-usr-share).
  * Bump Standards-Version to 3.9.2.
  * Convert patches to DEP3.
  * Remove unused patch m68k-no-O3.patch and doc.patch.
  * Add patch epydoc-exclude-introspect.patch to update the exclude-introspect
    field in epydoc to the new module locations.
  * Convert changelog to DEP5.
  * Run upstream's test suite.
  * Add DPMT to Uploaders.

 -- Sebastian Ramacher <s.ramacher@gmx.at>  Mon, 09 May 2011 21:18:17 +0200

python-crypto (2.1.0-2) unstable; urgency=low

  * Added missing .install file (closes: #576478)
  * Added myself to Uploaders.

 -- Andreas Rottmann <rotty@debian.org>  Wed, 07 Apr 2010 17:24:11 +0200

python-crypto (2.1.0-1) unstable; urgency=low

  * New upstream version. (closes: #561306).
    - 2.1.0 includes fix for 160-bit DSS key issue (closes: #433563).
    - The following patches have been obsoleted (fixed by upstream):
      errata-2.0.1.patch
      dfsg-adjust.patch
      aes256-55bytes.patch
      arc2-buffer-overflow.patch
      run-tests.patch
    - The following patches have been updated:
      no-usr-local.patch:
        Remove #!/usr/local/bin/python shebang line.
  * New patches:
    - doc.patch:
        Build doc with local source directory.

 -- James Cook <zealcook@gmail.com>  Sun, 28 Feb 2010 10:17:19 +0800

python-crypto (2.0.1+dfsg1-5) unstable; urgency=low

  * Added python-old-doctools to Build-Depends (closes: #568047).
  * Bumped Standards-Version to 3.8.4 (no changes).
  
 -- Andreas Rottmann <rotty@debian.org>  Thu, 11 Feb 2010 00:45:34 +0100

python-crypto (2.0.1+dfsg1-4) unstable; urgency=low

  * Switched to quilt patches:
    - errata-2.0.1.patch: 
        Syncs the source tree to the actually released 2.0.1 tarball.
    - dfsg-adjust.patch:
        Adjusts the build system to the DFSGified source, to deal with 
        the removed files.
    - aes256-55bytes.patch:
        Fixes the AES256 padding bug (Bug#474177).
    - arc2-buffer-overflow.patch:
        Fixes the ARC2 buffer overflow (Bug#516660).
    - m68k-no-O3.patch: 
        Workaround GCC 4.0.1 ICE regarding -O3 on m68k. This patch is 
        deactived -- hopefully this is fixed in recent GCC.
  * New patches:
    - run-tests.patch:
        Non-Debian part of the patch by Kees Cook <kees@debian.org> 
        to run test suite during build (closes: #518202).
    - no-usr-local.patch:
        Remove #!/usr/local/bin/python shebang line from Util/RFC1751.py.
  * Run test suite during build.
  * Added ${misc:Depends}.
  * Added ${shlib:Depends} to python-crypto.
  * Restored old changelog entries, which seem to got cut off between 2.
    0.1+dfsg1-2.1 and 2.0.1+dfsg1-2.3 (by Matthias?).
  * Typo fix for python-crypto-dbg description: python -> Python.
  * Use ${binary:Version} instead of ${Source-Version}.
  * Added debian/watch.
  * Bump Standards-Version to 3.8.1:
    - Added Homepage field to debian/control.
  * Adjust copyright line in debian/copyright.
  * Move python-crypto-dbg to section 'debug'.
  * Add XB-Python-Version to python-crypto-dbg.

 -- Andreas Rottmann <rotty@debian.org>  Fri, 20 Mar 2009 20:16:38 +0100

python-crypto (2.0.1+dfsg1-3) unstable; urgency=low

  * Acknowlege NMUs.
  * Apply fix for CVE-2009-0544 (Buffer overflow in the ARC2 module), and
    a stand-alone version of the associated testcase (see
    http://www.openwall.com/lists/oss-security/2009/02/07/1). 
    Closes: #516660.

 -- Andreas Rottmann <rotty@debian.org>  Fri, 20 Mar 2009 17:10:55 +0100

python-crypto (2.0.1+dfsg1-2.3) unstable; urgency=low

  * NMU.
  * Fix build failure introduced in previous upload; add build dependency
    on texlive-fonts-recommended.

 -- Matthias Klose <doko@debian.org>  Tue, 15 Jul 2008 18:10:57 +0200

python-crypto (2.0.1+dfsg1-2.2) unstable; urgency=low

  * NMU.
  * Fix padding bug in SHA256; this resulted in bad digests whenever 	
    (the number of bytes hashed) mod 64 == 55. Closes: #474177. LP: #191683.
  * Build-depend on texlive-latex-recommended instead of tetex.

 -- Matthias Klose <doko@debian.org>  Sat, 12 Jul 2008 12:44:34 +0200

python-crypto (2.0.1+dfsg1-2.1) unstable; urgency=low

  * Non-Maintainer upload.
  * Build the python-crypto-dbg binary package (patch from Matthias Klose).
    (Closes: #437808)

 -- Fabio Tranchitella <kobold@debian.org>  Tue, 04 Sep 2007 20:42:37 +0200

python-crypto (2.0.1+dfsg1-2ubuntu1) gutsy; urgency=low

  * Merge from Debian unstable.
  * Remaining Ubuntu changes:
    - Add -dbg package.
    - Bump debhelper compat level to 5.
    - Set Ubuntu maintainer address.

 -- Steve Kowalik <stevenk@ubuntu.com>  Tue, 29 May 2007 19:41:45 +1000

python-crypto (2.0.1+dfsg1-2) unstable; urgency=low

  * Acknowledge NMUs (closes: #374807, #373524, #313349).

 -- Andreas Rottmann <rotty@debian.org>  Wed, 23 May 2007 14:43:13 +0200

python-crypto (2.0.1+dfsg1-1.2ubuntu1) feisty; urgency=low

  * Build the extension for the python debug interpreter.
  * Bump debhelper to v5.
  * Set Ubuntu maintainer address.

 -- Matthias Klose <doko@ubuntu.com>  Sat, 17 Feb 2007 02:58:24 +0100

python-crypto (2.0.1+dfsg1-1.2build1) edgy; urgency=low

  * Rebuild to add support for python2.5.

 -- Matthias Klose <doko@ubuntu.com>  Fri,  8 Sep 2006 13:33:18 +0000

python-crypto (2.0.1+dfsg1-1.2) unstable; urgency=low

  * Non-maintainer upload.
  * Add missing Provides: ${python:Provides} to debian/control, completing
    fix for #373524 from the previous NMU.

 -- Adeodato Simó <dato@net.com.org.es>  Mon, 19 Jun 2006 03:06:37 +0200

python-crypto (2.0.1+dfsg1-1.1) unstable; urgency=low

  * Convert to the updated Python policy using python-central.
    Closes: #373524.
  * Support for python2.4 is provided. Closes: #313349.

 -- Matthias Klose <doko@debian.org>  Fri, 16 Jun 2006 01:28:51 +0000

python-crypto (2.0.1+dfsg1-1) unstable; urgency=low

  * Acknowlegde NMUs (closes: #318055, #318012).
  * Packaged new upstream version (closes: #325517).
    - 2.0.1 includes fix for AMD64, presumingly also closes: #297516.

 -- Andreas Rottmann <rotty@debian.org>  Tue,  4 Oct 2005 00:10:40 +0200

python-crypto (2.0+dp1-2.3) unstable; urgency=low

  * NMU.
  * Add python2.4-crypto package, drop python2.1 and python2.2 packages
    (closes: #313349).

 -- Matthias Klose <doko@debian.org>  Mon, 29 Aug 2005 07:18:38 +0000

python-crypto (2.0+dp1-2.2) unstable; urgency=low

  * NMU to fix build failures on some architectures
  * Remove -O3 gcc option on m68k architecture to fix FTBFS due to an
    internal compiler error
  * Standards version 3.6.2 (no changes required)
  * Relax the versioned build dependency of libgmp3-dev to 4.1.4-8
    instead of -9. Some architectures only have -8 at this point
    which is sufficient.

 -- Bastian Kleineidam <calvin@debian.org>  Fri, 12 Aug 2005 11:04:21 +0200

python-crypto (2.0+dp1-2.1) unstable; urgency=low

  * NMU to make package installable again
  * Added missing build dependency on (versioned) libgmp3-dev, otherwise
    the _fastmath module won't be compiled.
  * Recompile against libgmp3c2 (Closes: #318055)

 -- Bastian Kleineidam <calvin@debian.org>  Tue,  9 Aug 2005 10:54:41 +0200

python-crypto (2.0+dp1-2) unstable; urgency=medium

  * Added missing build-dependency on tetex-bin and tetex-extra (closes:
    #288602).

 -- Andreas Rottmann <rotty@debian.org>  Tue,  4 Jan 2005 17:47:27 +0100

python-crypto (2.0+dp1-1) unstable; urgency=medium

  * Again remove problematic code from orig tarball, which the NMU did
    miss (not to mention that the orig tarball from the NMU wasn't
    pristine and contained .pyc files). Urgency medium, so sarge won't end
    up with problematic code.
  * Include the manual in binary packages (closes: #273622).
  * Switch to CDBS.
  * Lowercase description synopsis, as suggested by lintian/developer's
    reference.
  * Advertice the newly-included (since 2.0) SHA256 module in the
    description.

 -- Andreas Rottmann <rotty@debian.org>  Sat,  1 Jan 2005 14:47:12 +0100

python-crypto (2.0-1) unstable; urgency=medium

  * NMU.
  * New upstream version.

 -- Matthias Klose <doko@debian.org>  Tue, 17 Aug 2004 23:44:24 +0200

python-crypto (1.9a6+dp2-1) unstable; urgency=low

  * Transitioned to Python 2.3.
  * Removed accidential junk form .orig.tar.gz.
  
 -- Andreas Rottmann <rotty@debian.org>  Sat,  9 Aug 2003 12:41:23 +0200

python-crypto (1.9a6+dp1-2) unstable; urgency=low

  * Fixed Section (python instead of interpreters).

 -- Andreas Rottmann <rotty@debian.org>  Sun, 20 Jul 2003 15:21:37 +0200

python-crypto (1.9a6+dp1-1) unstable; urgency=low

  * New upstream release.
  * Bump Standards-Version to 3.6.0 (no changes).

 -- Andreas Rottmann <rotty@debian.org>  Sun, 13 Jul 2003 18:26:54 +0200

python-crypto (1.9a4+dp1-4) unstable; urgency=low

  * Use dh_python.
      + Build-depend on debhelper >= 4.1.29.
      + Build-depend on python.
  * Bump Standards-Version to 3.5.8.
  
 -- Andreas Rottmann <rotty@debian.org>  Thu, 20 Feb 2003 14:55:12 +0100

python-crypto (1.9a4+dp1-3) unstable; urgency=low

  * Cipher/__init__.py: Remove 'RC5' and 'IDEA' from __all__.

 -- Andreas Rottmann <rotty@debian.org>  Fri, 14 Feb 2003 01:10:26 +0100

python-crypto (1.9a4+dp1-2) unstable; urgency=low

  * debian/control: Added python2.x dependencies to binary packages.
  * debian/control: Fixed 'Cryptpgraphic' typo (closes: #162884).

 -- Andreas Rottmann <rotty@debian.org>  Thu,  7 Nov 2002 22:05:27 +0100

python-crypto (1.9a4+dp1-1) unstable; urgency=low

  * Removed problematic algorithms from source code.
      + Added README.Debian with details.
      + Updated package descriptions.
  * Include docs in all pythonX.Y-crypto packages.

 -- Andreas Rottmann <rotty@debian.org>  Wed, 11 Sep 2002 13:15:45 +0200

python-crypto (1.9a4-1) unstable; urgency=low

  * Initial Release (closes: #159717)

 -- Andreas Rottmann <rotty@debian.org>  Thu,  5 Sep 2002 14:53:33 +0200
