From 71b546ed8595b14d29efc1e8b951f8c845ad10c4 Mon Sep 17 00:00:00 2001
From: Mingli Yu <mingli.yu@windriver.com>
Date: Fri, 23 Apr 2021 13:48:04 +0800
Subject: python3-cryptography: Upgrade to 3.3.2

Fix a security issue CVE-2020-36242 where certain sequences of
``update()`` calls when symmetrically encrypting very large
payloads (>2GB) could result in an integer overflow, leading to
buffer overflows.

Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
 .../python/python3-cryptography_3.3.2.bb           | 65 ++++++++++++++++++++++
 1 file changed, 65 insertions(+)
 create mode 100644 meta-python/recipes-devtools/python/python3-cryptography_3.3.2.bb

(limited to 'meta-python/recipes-devtools/python/python3-cryptography_3.3.2.bb')

diff --git a/meta-python/recipes-devtools/python/python3-cryptography_3.3.2.bb b/meta-python/recipes-devtools/python/python3-cryptography_3.3.2.bb
new file mode 100644
index 0000000000..0a36ffe1bd
--- /dev/null
+++ b/meta-python/recipes-devtools/python/python3-cryptography_3.3.2.bb
@@ -0,0 +1,65 @@
+SUMMARY = "Provides cryptographic recipes and primitives to python developers"
+HOMEPAGE = "https://cryptography.io/"
+SECTION = "devel/python"
+LICENSE = "Apache-2.0 | BSD"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=bf405a8056a6647e7d077b0e7bc36aba"
+
+LDSHARED += "-pthread"
+
+SRC_URI[sha256sum] = "5a60d3780149e13b7a6ff7ad6526b38846354d11a15e21068e57073e29e19bed"
+
+SRC_URI += " \
+    file://run-ptest \
+    file://h-test.patch \
+"
+
+inherit pypi setuptools3
+
+DEPENDS += " \
+    ${PYTHON_PN}-cffi \
+    ${PYTHON_PN}-cffi-native \
+    ${PYTHON_PN}-asn1crypto \
+    ${PYTHON_PN}-six \
+"
+
+RDEPENDS_${PN} += " \
+    ${PYTHON_PN}-cffi \
+    ${PYTHON_PN}-idna \
+    ${PYTHON_PN}-asn1crypto \
+    ${PYTHON_PN}-setuptools \
+    ${PYTHON_PN}-six \
+"
+
+RDEPENDS_${PN}_class-target += " \
+    ${PYTHON_PN}-cffi \
+    ${PYTHON_PN}-idna \
+    ${PYTHON_PN}-numbers \
+    ${PYTHON_PN}-asn1crypto \
+    ${PYTHON_PN}-setuptools \
+    ${PYTHON_PN}-six \
+    ${PYTHON_PN}-threading \
+"
+
+RDEPENDS_${PN}-ptest += " \
+    ${PN} \
+    ${PYTHON_PN}-cryptography-vectors \
+    ${PYTHON_PN}-iso8601 \
+    ${PYTHON_PN}-pretend \
+    ${PYTHON_PN}-pytest \
+    ${PYTHON_PN}-pytz \
+"
+
+inherit ptest
+
+do_install_ptest() {
+    install -d ${D}${PTEST_PATH}/tests
+    cp -rf ${S}/tests/* ${D}${PTEST_PATH}/tests/
+    install -d ${D}${PTEST_PATH}/tests/hazmat
+    cp -rf ${S}/tests/hazmat/* ${D}${PTEST_PATH}/tests/hazmat/
+}
+
+FILES_${PN}-dbg += " \
+    ${libdir}/${PYTHON_PN}2.7/site-packages/${SRCNAME}/hazmat/bindings/.debug \
+"
+
+BBCLASSEXTEND = "native nativesdk"
-- 
cgit v1.2.3-54-g00ecf