|
|
* Includes an upgrade to pyo3 from 0.20.0 to 0.20.3 which fixes ppc64
* Refresh -crates.inc
https://cryptography.io/en/latest/changelog/#v42-0-5
https://cryptography.io/en/latest/changelog/#v42-0-4
https://cryptography.io/en/latest/changelog/#v42-0-3
42.0.5 - 2024-02-23
* Limit the number of name constraint checks that will be performed in
X.509 path validation to protect against denial of service attacks.
* Upgrade pyo3 version, which fixes building on PowerPC.
42.0.4 - 2024-02-20
* Fixed a null-pointer-dereference and segfault that could occur when
creating a PKCS#12 bundle. Credit to Alexander-Programming for
reporting the issue. CVE-2024-26130
* Fixed ASN.1 encoding for PKCS7/SMIME signed messages. The fields
SMIMECapabilities and SignatureAlgorithmIdentifier should now be
correctly encoded according to the definitions in RFC 2633 RFC 3370.
42.0.3 - 2024-02-15
* Fixed an initialization issue that caused key loading failures for
some users.
CVE: CVE-2024-26130
https://nvd.nist.gov/vuln/detail/CVE-2024-26130
(From OE-Core rev: 83dad4a93ff81c6c1e048443e0827d825670158b)
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
