diff options
author | Michael Weiss <dev.primeos@gmail.com> | 2021-02-07 19:34:48 +0100 |
---|---|---|
committer | Michael Weiss <dev.primeos@gmail.com> | 2021-02-07 20:09:55 +0100 |
commit | af9568fae8267c3c8b2ca18d3403ed1455387ae3 (patch) | |
tree | 6cdef557e925da19408da4cbd7a362efb373cab5 /pkgs/development/python-modules/cryptography | |
parent | 2226996f6ca0ca2e0d429633494a148dd5772560 (diff) |
python3Packages.cryptography: 3.3.1 -> 3.3.2 (security, CVE-2020-36242)
SECURITY ISSUE: Fixed a bug where certain sequences of update() calls when symmetrically encrypting very large payloads (>2GB) could result in an integer overflow, leading to buffer overflows. CVE-2020-36242 Note: This also updates {,vectors-}3.3.nix (for Python 2 / nixops) because of the security issue.
Diffstat (limited to 'pkgs/development/python-modules/cryptography')
4 files changed, 6 insertions, 6 deletions
diff --git a/pkgs/development/python-modules/cryptography/3.3.nix b/pkgs/development/python-modules/cryptography/3.3.nix index b6972e6d56bbc..0497185207532 100644 --- a/pkgs/development/python-modules/cryptography/3.3.nix +++ b/pkgs/development/python-modules/cryptography/3.3.nix @@ -22,11 +22,11 @@ buildPythonPackage rec { pname = "cryptography"; - version = "3.3.1"; # Also update the hash in vectors-3.3.nix + version = "3.3.2"; # Also update the hash in vectors-3.3.nix src = fetchPypi { inherit pname version; - sha256 = "1ribd1vxq9wwz564mg60dzcy699gng54admihjjkgs9dx95pw5vy"; + sha256 = "1vcvw4lkw1spiq322pm1256kail8nck6bbgpdxx3pqa905wd6q2s"; }; patches = [ ./cryptography-py27-warning.patch ]; diff --git a/pkgs/development/python-modules/cryptography/default.nix b/pkgs/development/python-modules/cryptography/default.nix index ad402efd75935..eb4eba0f5879e 100644 --- a/pkgs/development/python-modules/cryptography/default.nix +++ b/pkgs/development/python-modules/cryptography/default.nix @@ -22,11 +22,11 @@ buildPythonPackage rec { pname = "cryptography"; - version = "3.3.1"; # Also update the hash in vectors.nix + version = "3.3.2"; # Also update the hash in vectors.nix src = fetchPypi { inherit pname version; - sha256 = "1ribd1vxq9wwz564mg60dzcy699gng54admihjjkgs9dx95pw5vy"; + sha256 = "1vcvw4lkw1spiq322pm1256kail8nck6bbgpdxx3pqa905wd6q2s"; }; outputs = [ "out" "dev" ]; diff --git a/pkgs/development/python-modules/cryptography/vectors-3.3.nix b/pkgs/development/python-modules/cryptography/vectors-3.3.nix index 94526c8268ef5..f9b7c525237ab 100644 --- a/pkgs/development/python-modules/cryptography/vectors-3.3.nix +++ b/pkgs/development/python-modules/cryptography/vectors-3.3.nix @@ -7,7 +7,7 @@ buildPythonPackage rec { src = fetchPypi { inherit pname version; - sha256 = "192wix3sr678x21brav5hgc6j93l7ab1kh69p2scr3fsblq9qy03"; + sha256 = "1yhaps0f3h2yjb6lmz953z1l1d84y9swk4k3gj9nqyk4vbx5m7cc"; }; # No tests included diff --git a/pkgs/development/python-modules/cryptography/vectors.nix b/pkgs/development/python-modules/cryptography/vectors.nix index 94526c8268ef5..f9b7c525237ab 100644 --- a/pkgs/development/python-modules/cryptography/vectors.nix +++ b/pkgs/development/python-modules/cryptography/vectors.nix @@ -7,7 +7,7 @@ buildPythonPackage rec { src = fetchPypi { inherit pname version; - sha256 = "192wix3sr678x21brav5hgc6j93l7ab1kh69p2scr3fsblq9qy03"; + sha256 = "1yhaps0f3h2yjb6lmz953z1l1d84y9swk4k3gj9nqyk4vbx5m7cc"; }; # No tests included |