diff options
author | Michael Weiss <dev.primeos@gmail.com> | 2020-10-26 11:49:18 +0100 |
---|---|---|
committer | Michael Weiss <dev.primeos@gmail.com> | 2020-10-26 12:19:28 +0100 |
commit | 1083cdd279dc71b8aebb1e600fe9ad52d9e47b70 (patch) | |
tree | 9c94d2972a8dd36ceae984cc4536f0d7224ced1e /pkgs/development/python-modules/cryptography | |
parent | 1111911593b8bafbab4c280f53d728ee51522689 (diff) |
python3Packages.cryptography: 3.1.1 -> 3.2 (security, CVE-2020-25659)
SECURITY ISSUE: Attempted to make RSA PKCS#1v1.5 decryption more constant time, to protect against Bleichenbacher vulnerabilities. Due to limitations imposed by our API, we cannot completely mitigate this vulnerability and a future release will contain a new API which is designed to be resilient to these for contexts where it is required. Credit to Hubert Kario for reporting the issue. CVE-2020-25659
Diffstat (limited to 'pkgs/development/python-modules/cryptography')
-rw-r--r-- | pkgs/development/python-modules/cryptography/default.nix | 4 | ||||
-rw-r--r-- | pkgs/development/python-modules/cryptography/vectors.nix | 2 |
2 files changed, 3 insertions, 3 deletions
diff --git a/pkgs/development/python-modules/cryptography/default.nix b/pkgs/development/python-modules/cryptography/default.nix index 426f6af7aa61b..b9d66203d8d76 100644 --- a/pkgs/development/python-modules/cryptography/default.nix +++ b/pkgs/development/python-modules/cryptography/default.nix @@ -22,11 +22,11 @@ buildPythonPackage rec { pname = "cryptography"; - version = "3.1.1"; # Also update the hash in vectors.nix + version = "3.2"; # Also update the hash in vectors.nix src = fetchPypi { inherit pname version; - sha256 = "0z81q4d1nangw3r0v5f41mfl4d9r04qnbayl5ll5v5jpcfhwd7wx"; + sha256 = "1afcw79yg4bvw4v4l6dvkhnphi3jzrdpq7s4900ikpyyz229ny74"; }; outputs = [ "out" "dev" ]; diff --git a/pkgs/development/python-modules/cryptography/vectors.nix b/pkgs/development/python-modules/cryptography/vectors.nix index c7b244ff04176..90fbda940b386 100644 --- a/pkgs/development/python-modules/cryptography/vectors.nix +++ b/pkgs/development/python-modules/cryptography/vectors.nix @@ -7,7 +7,7 @@ buildPythonPackage rec { src = fetchPypi { inherit pname version; - sha256 = "1xp2j79c1y8qj4b97ygx451gzp8l4cp830hnvg3zw8j134bcaaam"; + sha256 = "1r4qzmm15mrmlblrmxxvqg3jfy3s5bbn9cfhd7fkpixvs3zhcpvq"; }; # No tests included |