diff options
author | Michael Weiss <dev.primeos@gmail.com> | 2021-02-07 19:34:48 +0100 |
---|---|---|
committer | Michael Weiss <dev.primeos@gmail.com> | 2021-02-07 20:09:55 +0100 |
commit | af9568fae8267c3c8b2ca18d3403ed1455387ae3 (patch) | |
tree | 6cdef557e925da19408da4cbd7a362efb373cab5 /pkgs/development/python-modules/cryptography/default.nix | |
parent | 2226996f6ca0ca2e0d429633494a148dd5772560 (diff) | |
download | nixpkgs-af9568fae8267c3c8b2ca18d3403ed1455387ae3.tar nixpkgs-af9568fae8267c3c8b2ca18d3403ed1455387ae3.tar.gz nixpkgs-af9568fae8267c3c8b2ca18d3403ed1455387ae3.tar.bz2 nixpkgs-af9568fae8267c3c8b2ca18d3403ed1455387ae3.tar.lz nixpkgs-af9568fae8267c3c8b2ca18d3403ed1455387ae3.tar.xz nixpkgs-af9568fae8267c3c8b2ca18d3403ed1455387ae3.tar.zst nixpkgs-af9568fae8267c3c8b2ca18d3403ed1455387ae3.zip |
python3Packages.cryptography: 3.3.1 -> 3.3.2 (security, CVE-2020-36242)
SECURITY ISSUE: Fixed a bug where certain sequences of update() calls when symmetrically encrypting very large payloads (>2GB) could result in an integer overflow, leading to buffer overflows. CVE-2020-36242 Note: This also updates {,vectors-}3.3.nix (for Python 2 / nixops) because of the security issue.
Diffstat (limited to 'pkgs/development/python-modules/cryptography/default.nix')
-rw-r--r-- | pkgs/development/python-modules/cryptography/default.nix | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/pkgs/development/python-modules/cryptography/default.nix b/pkgs/development/python-modules/cryptography/default.nix index ad402efd759..eb4eba0f587 100644 --- a/pkgs/development/python-modules/cryptography/default.nix +++ b/pkgs/development/python-modules/cryptography/default.nix @@ -22,11 +22,11 @@ buildPythonPackage rec { pname = "cryptography"; - version = "3.3.1"; # Also update the hash in vectors.nix + version = "3.3.2"; # Also update the hash in vectors.nix src = fetchPypi { inherit pname version; - sha256 = "1ribd1vxq9wwz564mg60dzcy699gng54admihjjkgs9dx95pw5vy"; + sha256 = "1vcvw4lkw1spiq322pm1256kail8nck6bbgpdxx3pqa905wd6q2s"; }; outputs = [ "out" "dev" ]; |