nordic-dev.net/nixpkgs
nordic-dev.net/nixpkgs
2
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-12-21 13:13:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

python3Packages.cryptography: 3.1.1 -> 3.2 (security, CVE-2020-25659)

Browse Source 
SECURITY ISSUE: Attempted to make RSA PKCS#1v1.5 decryption more
constant time, to protect against Bleichenbacher vulnerabilities. Due to
limitations imposed by our API, we cannot completely mitigate this
vulnerability and a future release will contain a new API which is
designed to be resilient to these for contexts where it is required.
Credit to Hubert Kario for reporting the issue. CVE-2020-25659
This commit is contained in:
Michael Weiss 2020-10-26 11:49:18 +01:00
parent 1111911593
commit 1083cdd279
No known key found for this signature in database
GPG Key ID: 5BE487C4D4771D83
2 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
pkgs/development/python-modules/cryptography/default.nix
View File

@ -22,11 +22,11 @@
buildPythonPackage rec {
pname = "cryptography";
version = "3.1.1"; # Also update the hash in vectors.nix
version = "3.2"; # Also update the hash in vectors.nix
src = fetchPypi {
inherit pname version;
sha256 = "0z81q4d1nangw3r0v5f41mfl4d9r04qnbayl5ll5v5jpcfhwd7wx";
sha256 = "1afcw79yg4bvw4v4l6dvkhnphi3jzrdpq7s4900ikpyyz229ny74";
};
outputs = [ "out" "dev" ];

2
pkgs/development/python-modules/cryptography/vectors.nix
View File

@ -7,7 +7,7 @@ buildPythonPackage rec {
src = fetchPypi {
inherit pname version;
sha256 = "1xp2j79c1y8qj4b97ygx451gzp8l4cp830hnvg3zw8j134bcaaam";
sha256 = "1r4qzmm15mrmlblrmxxvqg3jfy3s5bbn9cfhd7fkpixvs3zhcpvq";
};
# No tests included