[2/2] python3-cryptography{-vectors}: 41.0.5 -> 41.0.7

Message ID	20231129041137.2280657-2-tim.orling@konsulko.com
State	Accepted, archived
Commit	25fba6dd44f64e1e476c2e537d4a20cdbdc7ed25
Headers	show Return-Path: <ticotimo@gmail.com> ip: 209.85.210.177, mailfrom: ticotimo@gmail.com) From: Tim Orling <ticotimo@gmail.com> To: openembedded-core@lists.openembedded.org Cc: Tim Orling <tim.orling@konsulko.com> Subject: [PATCH 2/2] python3-cryptography{-vectors}: 41.0.5 -> 41.0.7 Date: Tue, 28 Nov 2023 20:11:38 -0800 Message-Id: <20231129041137.2280657-2-tim.orling@konsulko.com> In-Reply-To: <20231129041137.2280657-1-tim.orling@konsulko.com> References: <20231129041137.2280657-1-tim.orling@konsulko.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	[1/2] python3-cryptography-vectors: add RECIPE_NO_UPDATE_REASON \| expand [1/2] python3-cryptography-vectors: add RECIPE_NO_UPDATE_REASON [2/2] python3-cryptography{-vectors}: 41.0.5 -> 41.0.7

Message ID

20231129041137.2280657-2-tim.orling@konsulko.com

State

Accepted, archived

Commit

25fba6dd44f64e1e476c2e537d4a20cdbdc7ed25

Headers

From: Tim Orling <ticotimo@gmail.com>
To: openembedded-core@lists.openembedded.org
Cc: Tim Orling <tim.orling@konsulko.com>
Subject: [PATCH 2/2] python3-cryptography{-vectors}: 41.0.5 -> 41.0.7
Date: Tue, 28 Nov 2023 20:11:38 -0800
Message-Id: <20231129041137.2280657-2-tim.orling@konsulko.com>
In-Reply-To: <20231129041137.2280657-1-tim.orling@konsulko.com>
References: <20231129041137.2280657-1-tim.orling@konsulko.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

[1/2] python3-cryptography-vectors: add RECIPE_NO_UPDATE_REASON | expand

Commit Message

Tim Orling Nov. 29, 2023, 4:11 a.m. UTC

https://github.com/pyca/cryptography/compare/41.0.5...41.0.7

https://cryptography.io/en/latest/changelog/#v41-0-7
https://cryptography.io/en/latest/changelog/#v41-0-6

41.0.7 - 2023-11-27
Fixed compilation when using LibreSSL 3.8.2.

41.0.6 - 2023-11-27
Fixed a null-pointer-dereference and segfault that could occur when loading
certificates from a PKCS#7 bundle. Credit to pkuzco for reporting the issue.

CVE: CVE-2023-49083

Signed-off-by: Tim Orling <tim.orling@konsulko.com>
---
Tested with core-image-ptest-python3-crytography on qemux86-64 (all tests pass)

 .../python/python3-cryptography-crates.inc             | 10 ++++++----
 ...1.0.5.bb => python3-cryptography-vectors_41.0.7.bb} |  2 +-
 ...graphy_41.0.5.bb => python3-cryptography_41.0.7.bb} |  2 +-
 3 files changed, 8 insertions(+), 6 deletions(-)
 rename meta/recipes-devtools/python/{python3-cryptography-vectors_41.0.5.bb => python3-cryptography-vectors_41.0.7.bb} (91%)
 rename meta/recipes-devtools/python/{python3-cryptography_41.0.5.bb => python3-cryptography_41.0.7.bb} (95%)

diff --git a/meta/recipes-devtools/python/python3-cryptography-crates.inc b/meta/recipes-devtools/python/python3-cryptography-crates.inc
index da0a3f2ee86..3a5edaa3494 100644
--- a/meta/recipes-devtools/python/python3-cryptography-crates.inc
+++ b/meta/recipes-devtools/python/python3-cryptography-crates.inc
@@ -9,6 +9,7 @@  SRC_URI += " \
     crate://crates.io/autocfg/1.1.0 \
     crate://crates.io/base64/0.13.1 \
     crate://crates.io/bitflags/1.3.2 \
+    crate://crates.io/bitflags/2.4.1 \
     crate://crates.io/cc/1.0.79 \
     crate://crates.io/cfg-if/1.0.0 \
     crate://crates.io/foreign-types/0.3.2 \
@@ -18,9 +19,9 @@  SRC_URI += " \
     crate://crates.io/lock_api/0.4.9 \
     crate://crates.io/memoffset/0.8.0 \
     crate://crates.io/once_cell/1.17.2 \
-    crate://crates.io/openssl/0.10.54 \
+    crate://crates.io/openssl/0.10.60 \
     crate://crates.io/openssl-macros/0.1.1 \
-    crate://crates.io/openssl-sys/0.9.88 \
+    crate://crates.io/openssl-sys/0.9.96 \
     crate://crates.io/ouroboros/0.15.6 \
     crate://crates.io/ouroboros_macro/0.15.6 \
     crate://crates.io/parking_lot/0.12.1 \
@@ -64,6 +65,7 @@  SRC_URI[asn1_derive-0.15.2.sha256sum] = "a045c3ccad89f244a86bd1e6cf1a7bf645296e7
 SRC_URI[autocfg-1.1.0.sha256sum] = "d468802bab17cbc0cc575e9b053f41e72aa36bfa6b7f55e3529ffa43161b97fa"
 SRC_URI[base64-0.13.1.sha256sum] = "9e1b586273c5702936fe7b7d6896644d8be71e6314cfe09d3167c95f712589e8"
 SRC_URI[bitflags-1.3.2.sha256sum] = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a"
+SRC_URI[bitflags-2.4.1.sha256sum] = "327762f6e5a765692301e5bb513e0d9fef63be86bbc14528052b1cd3e6f03e07"
 SRC_URI[cc-1.0.79.sha256sum] = "50d30906286121d95be3d479533b458f87493b30a4b5f79a607db8f5d11aa91f"
 SRC_URI[cfg-if-1.0.0.sha256sum] = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd"
 SRC_URI[foreign-types-0.3.2.sha256sum] = "f6f339eb8adc052cd2ca78910fda869aefa38d22d5cb648e6485e4d3fc06f3b1"
@@ -73,9 +75,9 @@  SRC_URI[libc-0.2.144.sha256sum] = "2b00cc1c228a6782d0f076e7b232802e0c5689d41bb5d
 SRC_URI[lock_api-0.4.9.sha256sum] = "435011366fe56583b16cf956f9df0095b405b82d76425bc8981c0e22e60ec4df"
 SRC_URI[memoffset-0.8.0.sha256sum] = "d61c719bcfbcf5d62b3a09efa6088de8c54bc0bfcd3ea7ae39fcc186108b8de1"
 SRC_URI[once_cell-1.17.2.sha256sum] = "9670a07f94779e00908f3e686eab508878ebb390ba6e604d3a284c00e8d0487b"
-SRC_URI[openssl-0.10.54.sha256sum] = "69b3f656a17a6cbc115b5c7a40c616947d213ba182135b014d6051b73ab6f019"
+SRC_URI[openssl-0.10.60.sha256sum] = "79a4c6c3a2b158f7f8f2a2fc5a969fa3a068df6fc9dbb4a43845436e3af7c800"
 SRC_URI[openssl-macros-0.1.1.sha256sum] = "a948666b637a0f465e8564c73e89d4dde00d72d4d473cc972f390fc3dcee7d9c"
-SRC_URI[openssl-sys-0.9.88.sha256sum] = "c2ce0f250f34a308dcfdbb351f511359857d4ed2134ba715a4eadd46e1ffd617"
+SRC_URI[openssl-sys-0.9.96.sha256sum] = "3812c071ba60da8b5677cc12bcb1d42989a65553772897a7e0355545a819838f"
 SRC_URI[ouroboros-0.15.6.sha256sum] = "e1358bd1558bd2a083fed428ffeda486fbfb323e698cdda7794259d592ca72db"
 SRC_URI[ouroboros_macro-0.15.6.sha256sum] = "5f7d21ccd03305a674437ee1248f3ab5d4b1db095cf1caf49f1713ddf61956b7"
 SRC_URI[parking_lot-0.12.1.sha256sum] = "3742b2c103b9f06bc9fff0a37ff4912935851bee6d36f3c02bcc755bcfec228f"
diff --git a/meta/recipes-devtools/python/python3-cryptography-vectors_41.0.5.bb b/meta/recipes-devtools/python/python3-cryptography-vectors_41.0.7.bb
similarity index 91%
rename from meta/recipes-devtools/python/python3-cryptography-vectors_41.0.5.bb
rename to meta/recipes-devtools/python/python3-cryptography-vectors_41.0.7.bb
index e304c4261a2..eda492d312a 100644
--- a/meta/recipes-devtools/python/python3-cryptography-vectors_41.0.5.bb
+++ b/meta/recipes-devtools/python/python3-cryptography-vectors_41.0.7.bb
@@ -9,7 +9,7 @@  LIC_FILES_CHKSUM = "file://LICENSE;md5=8c3617db4fb6fae01f1d253ab91511e4 \
 # NOTE: Make sure to keep this recipe at the same version as python3-cryptography
 #       Upgrade both recipes at the same time
 
-SRC_URI[sha256sum] = "75e82aea2982729312af735adb2983f347bb21fff88ad5dda3673ed70e1d1caf"
+SRC_URI[sha256sum] = "7b36f976b6e58cc1801310e1c93c584c6539d371da7f8538edd8fc463dc80d5b"
 
 PYPI_PACKAGE = "cryptography_vectors"
 
diff --git a/meta/recipes-devtools/python/python3-cryptography_41.0.5.bb b/meta/recipes-devtools/python/python3-cryptography_41.0.7.bb
similarity index 95%
rename from meta/recipes-devtools/python/python3-cryptography_41.0.5.bb
rename to meta/recipes-devtools/python/python3-cryptography_41.0.7.bb
index 17b08f05cdf..45856774403 100644
--- a/meta/recipes-devtools/python/python3-cryptography_41.0.5.bb
+++ b/meta/recipes-devtools/python/python3-cryptography_41.0.7.bb
@@ -8,7 +8,7 @@  LIC_FILES_CHKSUM = "file://LICENSE;md5=8c3617db4fb6fae01f1d253ab91511e4 \
                    "
 LDSHARED += "-pthread"
 
-SRC_URI[sha256sum] = "392cb88b597247177172e02da6b7a63deeff1937fa6fec3bbf902ebd75d97ec7"
+SRC_URI[sha256sum] = "13f93ce9bea8016c253b34afc6bd6a75993e5c40672ed5405a9c832f0d4a00bc"
 
 SRC_URI += "file://0001-pyproject.toml-remove-benchmark-disable-option.patch \
             file://0001-Fix-include-directory-when-cross-compiling-9129.patch \

[2/2] python3-cryptography{-vectors}: 41.0.5 -> 41.0.7

Commit Message

Patch