Closed renovate-bot closed 4 months ago
This PR contains the following updates:
==42.0.2
==42.0.4
If pkcs12.serialize_key_and_certificates is called with both:
pkcs12.serialize_key_and_certificates
encryption_algorithm
hmac_hash
PrivateFormat.PKCS12.encryption_builder().hmac_hash(...)
Then a NULL pointer dereference would occur, crashing the Python process.
This has been resolved, and now a ValueError is properly raised.
ValueError
Patched in https://github.com/pyca/cryptography/pull/10423
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.
This PR contains the following updates:
==42.0.2
->==42.0.4
GitHub Vulnerability Alerts
CVE-2024-26130
If
pkcs12.serialize_key_and_certificates
is called with both:encryption_algorithm
withhmac_hash
set (viaPrivateFormat.PKCS12.encryption_builder().hmac_hash(...)
Then a NULL pointer dereference would occur, crashing the Python process.
This has been resolved, and now a
ValueError
is properly raised.Patched in https://github.com/pyca/cryptography/pull/10423
Release Notes
pyca/cryptography (cryptography)
### [`v42.0.4`](https://togithub.com/pyca/cryptography/compare/42.0.3...42.0.4) [Compare Source](https://togithub.com/pyca/cryptography/compare/42.0.3...42.0.4) ### [`v42.0.3`](https://togithub.com/pyca/cryptography/compare/42.0.2...42.0.3) [Compare Source](https://togithub.com/pyca/cryptography/compare/42.0.2...42.0.3)Configuration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.