diff options
| author | Tim Orling <tim.orling@konsulko.com> | 2024-02-28 08:25:31 -0800 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2024-02-29 10:26:13 +0000 |
| commit | af7d65adfbe0bae4eecac00caf5b73f0e790d0f5 (patch) | |
| tree | fee5d94d33959d410785164e7cafb8f8fb7500f6 /meta/lib/oeqa | |
| parent | eb11e03c8175dd71b69aaf6b8fd81d2bb0df18d8 (diff) | |
| download | poky-af7d65adfbe0bae4eecac00caf5b73f0e790d0f5.tar.gz | |
python3-cryptography{-vectors}: upgrade to 42.0.5
* Includes an upgrade to pyo3 from 0.20.0 to 0.20.3 which fixes ppc64
* Refresh -crates.inc
https://cryptography.io/en/latest/changelog/#v42-0-5
https://cryptography.io/en/latest/changelog/#v42-0-4
https://cryptography.io/en/latest/changelog/#v42-0-3
42.0.5 - 2024-02-23
* Limit the number of name constraint checks that will be performed in
X.509 path validation to protect against denial of service attacks.
* Upgrade pyo3 version, which fixes building on PowerPC.
42.0.4 - 2024-02-20
* Fixed a null-pointer-dereference and segfault that could occur when
creating a PKCS#12 bundle. Credit to Alexander-Programming for
reporting the issue. CVE-2024-26130
* Fixed ASN.1 encoding for PKCS7/SMIME signed messages. The fields
SMIMECapabilities and SignatureAlgorithmIdentifier should now be
correctly encoded according to the definitions in RFC 2633 RFC 3370.
42.0.3 - 2024-02-15
* Fixed an initialization issue that caused key loading failures for
some users.
CVE: CVE-2024-26130
https://nvd.nist.gov/vuln/detail/CVE-2024-26130
(From OE-Core rev: 83dad4a93ff81c6c1e048443e0827d825670158b)
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/lib/oeqa')
0 files changed, 0 insertions, 0 deletions