Skip to content

Commit

Permalink
update cryptography to fix CVE-2023-50782, CVE-2024-6119, CVE-2024-26130
Browse files Browse the repository at this point in the history 
, CVE-2023-49083
  • Loading branch information
@fmigneault
fmigneault committed Mar 5, 2025
1 parent eaa57d8 commit 02839f4
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 2 deletions.
6 changes: 5 additions & 1 deletion CHANGES.rst
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,11 @@ Changes:

Fixes:
------
- No change.
- Pin ``cryptography>=44.0.1`` to address vulnerabilities
`CVE-2023-50782 <https://nvd.nist.gov/vuln/detail/CVE-2023-50782>`_,
`CVE-2024-6119 <https://nvd.nist.gov/vuln/detail/CVE-2024-6119>`_,
`CVE-2024-26130 <https://nvd.nist.gov/vuln/detail/CVE-2024-26130>`_,
`CVE-2023-49083 <https://nvd.nist.gov/vuln/detail/CVE-2023-49083>`_.

.. _changes_6.4.0:

Expand Down
2 changes: 1 addition & 1 deletion requirements.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ colander<2
cornice
#cornice_swagger>=0.7.0
cornice-swagger @ git+https://github.com/fmigneault/cornice.ext.swagger.git@openapi-3
cryptography
cryptography>=44.0.1
# FIXME: properly support GPU execution
# - https://github.com/crim-ca/weaver/issues/104
# - https://github.com/crim-ca/weaver/issues/138
Expand Down

0 comments on commit 02839f4

Please sign in to comment.