Changelog
*Sourced from [pycryptodome's changelog](https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst).*
> 3.6.6 (17 August 2018)
> ++++++++++++++++++++++
>
> Resolved issues
> ---------------
>
> * GH#198: Fix vulnerability on AESNI ECB with payloads smaller than 16 bytes (CVE-2018-15560).
>
> 3.6.5 (12 August 2018)
> ++++++++++++++++++++++
>
> Resolved issues
> ---------------
>
> * GH#187: Fixed incorrect AES encryption/decryption with AES acceleration on x86
> due to gcc's optimization and strict aliasing rules.
> * GH#188: More prime number candidates than necessary where discarded as composite
> due to the limited way D values were searched in the Lucas test.
> * Fixed ResouceWarnings and DeprecationWarnings.
> * Workaround for Python 3.7.0 bug on Windows (https://bugs.python.org/issue34108).
>
> 3.6.4 (10 July 2018)
> +++++++++++++++++++++
>
> New features
> ------------
>
> * Build Python 3.7 wheels on Linux, Windows and Mac.
>
> Resolved issues
> ---------------
>
> * GH#178: Rename ``_cpuid`` module to make upgrades more robust.
> * More meaningful exceptions in case of mismatch in IV length (CBC/OFB/CFB modes).
> * Fix compilation issues on Solaris 10/11.
>
> 3.6.3 (21 June 2018)
> +++++++++++++++++++++
>
> Resolved issues
> ---------------
>
> * GH#175: Fixed incorrect results for CTR encryption/decryption with more than 8 blocks.
>
> 3.6.2 (19 June 2018)
> +++++++++++++++++++++
>
> New features
> ------------
> * ChaCha20 accepts 96 bit nonces (in addition to 64 bit nonces)
> ... (truncated)
Commits
- [`3506836`](https://github.com/Legrandin/pycryptodome/commit/3506836f34b9008ba714e7beab097fecb42832da) Update to Changelog
- [`d1739c6`](https://github.com/Legrandin/pycryptodome/commit/d1739c62b9b845f8a5b342de08d6bf6e2722d247) Fix issue [#198](https://github-redirect.dependabot.com/Legrandin/pycryptodome/issues/198): AESNI breaks with messages shorter than 16 bytes
- [`df80035`](https://github.com/Legrandin/pycryptodome/commit/df800357717cc8519d200e4548f410053825cd00) Bump version
- [`e16bc22`](https://github.com/Legrandin/pycryptodome/commit/e16bc2263991df6fa304dfd616bbb96185386cb3) Update to Changelog
- [`d97a099`](https://github.com/Legrandin/pycryptodome/commit/d97a099faf0de9014d76c16008bd9858a5f51215) Deal with strict aliasing when extracting SSE2 values
- [`f25c0e5`](https://github.com/Legrandin/pycryptodome/commit/f25c0e536c5d40275f9140449a8e67219555ac6a) Drop mpir.dll from packaging
- [`9990033`](https://github.com/Legrandin/pycryptodome/commit/9990033025ee7cc60aa6a4098769afcd4ec9fe88) Jacobi symbol not defined for negative n, add more test vectors
- [`8bdb02e`](https://github.com/Legrandin/pycryptodome/commit/8bdb02edcd995f49abd2e4d93ed60f9a49a80891) Merge branch 'lucas'
- [`66fdb1f`](https://github.com/Legrandin/pycryptodome/commit/66fdb1fdd437669513d9ad0095f8023950a8421d) Increase testing for primality
- [`4994e3d`](https://github.com/Legrandin/pycryptodome/commit/4994e3d2e9cdbe203622064fa9f1a7bc6975a948) Update Changelog
- Additional commits viewable in [compare view](https://github.com/Legrandin/pycryptodome/compare/v3.4.3...v3.6.6)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/thisbejim/Pyrebase/network/alerts).
Bumps pycryptodome from 3.4.3 to 3.6.6.
Changelog
*Sourced from [pycryptodome's changelog](https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst).* > 3.6.6 (17 August 2018) > ++++++++++++++++++++++ > > Resolved issues > --------------- > > * GH#198: Fix vulnerability on AESNI ECB with payloads smaller than 16 bytes (CVE-2018-15560). > > 3.6.5 (12 August 2018) > ++++++++++++++++++++++ > > Resolved issues > --------------- > > * GH#187: Fixed incorrect AES encryption/decryption with AES acceleration on x86 > due to gcc's optimization and strict aliasing rules. > * GH#188: More prime number candidates than necessary where discarded as composite > due to the limited way D values were searched in the Lucas test. > * Fixed ResouceWarnings and DeprecationWarnings. > * Workaround for Python 3.7.0 bug on Windows (https://bugs.python.org/issue34108). > > 3.6.4 (10 July 2018) > +++++++++++++++++++++ > > New features > ------------ > > * Build Python 3.7 wheels on Linux, Windows and Mac. > > Resolved issues > --------------- > > * GH#178: Rename ``_cpuid`` module to make upgrades more robust. > * More meaningful exceptions in case of mismatch in IV length (CBC/OFB/CFB modes). > * Fix compilation issues on Solaris 10/11. > > 3.6.3 (21 June 2018) > +++++++++++++++++++++ > > Resolved issues > --------------- > > * GH#175: Fixed incorrect results for CTR encryption/decryption with more than 8 blocks. > > 3.6.2 (19 June 2018) > +++++++++++++++++++++ > > New features > ------------ > * ChaCha20 accepts 96 bit nonces (in addition to 64 bit nonces) > ... (truncated)Commits
- [`3506836`](https://github.com/Legrandin/pycryptodome/commit/3506836f34b9008ba714e7beab097fecb42832da) Update to Changelog - [`d1739c6`](https://github.com/Legrandin/pycryptodome/commit/d1739c62b9b845f8a5b342de08d6bf6e2722d247) Fix issue [#198](https://github-redirect.dependabot.com/Legrandin/pycryptodome/issues/198): AESNI breaks with messages shorter than 16 bytes - [`df80035`](https://github.com/Legrandin/pycryptodome/commit/df800357717cc8519d200e4548f410053825cd00) Bump version - [`e16bc22`](https://github.com/Legrandin/pycryptodome/commit/e16bc2263991df6fa304dfd616bbb96185386cb3) Update to Changelog - [`d97a099`](https://github.com/Legrandin/pycryptodome/commit/d97a099faf0de9014d76c16008bd9858a5f51215) Deal with strict aliasing when extracting SSE2 values - [`f25c0e5`](https://github.com/Legrandin/pycryptodome/commit/f25c0e536c5d40275f9140449a8e67219555ac6a) Drop mpir.dll from packaging - [`9990033`](https://github.com/Legrandin/pycryptodome/commit/9990033025ee7cc60aa6a4098769afcd4ec9fe88) Jacobi symbol not defined for negative n, add more test vectors - [`8bdb02e`](https://github.com/Legrandin/pycryptodome/commit/8bdb02edcd995f49abd2e4d93ed60f9a49a80891) Merge branch 'lucas' - [`66fdb1f`](https://github.com/Legrandin/pycryptodome/commit/66fdb1fdd437669513d9ad0095f8023950a8421d) Increase testing for primality - [`4994e3d`](https://github.com/Legrandin/pycryptodome/commit/4994e3d2e9cdbe203622064fa9f1a7bc6975a948) Update Changelog - Additional commits viewable in [compare view](https://github.com/Legrandin/pycryptodome/compare/v3.4.3...v3.6.6)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/thisbejim/Pyrebase/network/alerts).