Skip to content

fix(deps): update dependency cryptography to v44 [security] #353

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

fix(deps): update dependency cryptography to v44 [security] #353

wants to merge 1 commit into from

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Feb 11, 2025
edited
Loading

This PR contains the following updates:

Package Change Age Confidence
cryptography (changelog) ^43.0.0 -> ^44.0.0 age confidence

Review

  • Updates have been tested and work
  • If updates are AWS related, versions match the infrastructure (e.g. Lambda runtime, database, etc.)

GitHub Vulnerability Alerts

CVE-2024-12797

pyca/cryptography's wheels include a statically linked copy of OpenSSL. The versions of OpenSSL included in cryptography 42.0.0-44.0.0 are vulnerable to a security issue. More details about the vulnerability itself can be found in https://openssl-library.org/news/secadv/20250211.txt.

If you are building cryptography source ("sdist") then you are responsible for upgrading your copy of OpenSSL. Only users installing from wheels built by the cryptography project (i.e., those distributed on PyPI) need to update their cryptography versions.

Release Notes

pyca/cryptography (cryptography)

v44.0.1

Compare Source

v44.0.0

Compare Source

v43.0.3

Compare Source

Configuration

📅 Schedule: Branch creation - "" in timezone America/Montreal, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot force-pushed the renovate/pypi-cryptography-vulnerability branch 2 times, most recently from f884b49 to 54c7e5f Compare February 18, 2025 13:59
@renovate renovate bot force-pushed the renovate/pypi-cryptography-vulnerability branch from 54c7e5f to 9ba44eb Compare February 27, 2025 03:44
@renovate renovate bot force-pushed the renovate/pypi-cryptography-vulnerability branch 2 times, most recently from b8f5e9d to 24c010e Compare March 14, 2025 19:03
@renovate renovate bot force-pushed the renovate/pypi-cryptography-vulnerability branch from 24c010e to 7e6dca1 Compare March 18, 2025 19:24
@renovate renovate bot force-pushed the renovate/pypi-cryptography-vulnerability branch 5 times, most recently from 29aca70 to ed79bff Compare May 13, 2025 20:31
@renovate renovate bot force-pushed the renovate/pypi-cryptography-vulnerability branch from ed79bff to 669fb8d Compare May 29, 2025 12:41
@renovate renovate bot changed the title fix(deps): update dependency cryptography to v44 [security] fix(deps): update dependency cryptography to v44 [security] - autoclosed May 30, 2025
@renovate renovate bot closed this May 30, 2025
@renovate renovate bot deleted the renovate/pypi-cryptography-vulnerability branch May 30, 2025 14:10
@renovate renovate bot changed the title fix(deps): update dependency cryptography to v44 [security] - autoclosed fix(deps): update dependency cryptography to v44 [security] May 30, 2025
@renovate renovate bot reopened this May 30, 2025
@renovate renovate bot force-pushed the renovate/pypi-cryptography-vulnerability branch 3 times, most recently from efe948d to 046f12b Compare June 4, 2025 17:55
@renovate renovate bot force-pushed the renovate/pypi-cryptography-vulnerability branch from 046f12b to 0c0acd0 Compare June 12, 2025 17:59
@renovate renovate bot force-pushed the renovate/pypi-cryptography-vulnerability branch from 0c0acd0 to 75b5fb3 Compare June 24, 2025 20:45
@renovate renovate bot force-pushed the renovate/pypi-cryptography-vulnerability branch 2 times, most recently from b752754 to 5a62b6e Compare September 3, 2025 14:53
@renovate renovate bot force-pushed the renovate/pypi-cryptography-vulnerability branch 2 times, most recently from cd97d96 to ce72550 Compare September 16, 2025 19:53
@renovate renovate bot force-pushed the renovate/pypi-cryptography-vulnerability branch from ce72550 to b3254e8 Compare October 6, 2025 14:21
@renovate renovate bot changed the title fix(deps): update dependency cryptography to v44 [security] fix(deps): update dependency cryptography to v46 [security] Oct 6, 2025
@renovate renovate bot changed the title fix(deps): update dependency cryptography to v46 [security] fix(deps): update dependency cryptography to v44 [security] Oct 6, 2025
@renovate renovate bot force-pushed the renovate/pypi-cryptography-vulnerability branch from b3254e8 to 57ed07f Compare October 6, 2025 19:37
@renovate renovate bot force-pushed the renovate/pypi-cryptography-vulnerability branch from 57ed07f to eaeedeb Compare October 15, 2025 19:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

Dependencies Renovate

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants