crowdresearch / daemo

The Daemo crowdsourcing platform
https://www.daemo.org
MIT License
146 stars 231 forks source link

Bump pyopenssl from 17.2.0 to 17.5.0 #1053

Open dependabot[bot] opened 5 years ago

dependabot[bot] commented 5 years ago

Bumps pyopenssl from 17.2.0 to 17.5.0.

Changelog *Sourced from [pyopenssl's changelog](https://github.com/pyca/pyopenssl/blob/master/CHANGELOG.rst).* > 17.5.0 (2017-11-30) > ------------------- > > > Backward-incompatible changes: > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > > - The minimum ``cryptography`` version is now 2.1.4. > > > Deprecations: > ^^^^^^^^^^^^^ > > *none* > > > Changes: > ^^^^^^^^ > > - Fixed a potential use-after-free in the verify callback and resolved a memory leak when loading PKCS12 files with ``cacerts``. > `[#723](https://github.com/pyca/pyopenssl/issues/723) `_ > - Added ``Connection.export_keying_material`` for RFC 5705 compatible export of keying material. > `[#725](https://github.com/pyca/pyopenssl/issues/725) `_ > > ---- > > > > 17.4.0 (2017-11-21) > ------------------- > > > Backward-incompatible changes: > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > > *none* > > > Deprecations: > ^^^^^^^^^^^^^ > > *none* > > > Changes: > ^^^^^^^^ > > > - Re-added a subset of the ``OpenSSL.rand`` module. > This subset allows conscientious users to reseed the OpenSSL CSPRNG after fork. > ... (truncated)
Commits - [`d21fcd8`](https://github.com/pyca/pyopenssl/commit/d21fcd810317aa7579af0c194a61af377ade7f0e) 17.5.0 version bump ([#726](https://github-redirect.dependabot.com/pyca/pyopenssl/issues/726)) - [`bdb7639`](https://github.com/pyca/pyopenssl/commit/bdb7639ad53427fae38695d2dc5bf5bd794787c8) Export keying material support ([#725](https://github-redirect.dependabot.com/pyca/pyopenssl/issues/725)) - [`e738186`](https://github.com/pyca/pyopenssl/commit/e73818600065821d588af475b024f4eb518c3509) fix a memory leak and a potential UAF and also [#722](https://github-redirect.dependabot.com/pyca/pyopenssl/issues/722) ([#723](https://github-redirect.dependabot.com/pyca/pyopenssl/issues/723)) - [`f724786`](https://github.com/pyca/pyopenssl/commit/f724786613f90eb6e6ea26f4dbe17a1cda238d1e) Pin pytest until we drop 2.6 ([#721](https://github-redirect.dependabot.com/pyca/pyopenssl/issues/721)) - [`736c621`](https://github.com/pyca/pyopenssl/commit/736c62111550972d835e33a3084c3bfc37bb61f7) define __all__ to make wildcard import work ([#719](https://github-redirect.dependabot.com/pyca/pyopenssl/issues/719)) - [`57051a5`](https://github.com/pyca/pyopenssl/commit/57051a53e154c2b401ab84d6f01c6512e6c7b346) reopen master ([#718](https://github-redirect.dependabot.com/pyca/pyopenssl/issues/718)) - [`e61e202`](https://github.com/pyca/pyopenssl/commit/e61e2025237c571ee5ee8dc1735381252f5c5abf) Require urllib3 tests to pass; fixes [#712](https://github-redirect.dependabot.com/pyca/pyopenssl/issues/712) ([#716](https://github-redirect.dependabot.com/pyca/pyopenssl/issues/716)) - [`5a3fb40`](https://github.com/pyca/pyopenssl/commit/5a3fb407b3d7b2f2dcc144055ee707614ead1817) bump to 17.4.0 ([#714](https://github-redirect.dependabot.com/pyca/pyopenssl/issues/714)) - [`acbd662`](https://github.com/pyca/pyopenssl/commit/acbd662b62a2de0e7102d560f7e73d7feaf9e600) restore a subset of the rand module ([#708](https://github-redirect.dependabot.com/pyca/pyopenssl/issues/708)) - [`4aa52c3`](https://github.com/pyca/pyopenssl/commit/4aa52c33d3ee51c632e0e1e10cafb7745fd1028c) Don't use things after they're freed...duh ([#709](https://github-redirect.dependabot.com/pyca/pyopenssl/issues/709)) - Additional commits viewable in [compare view](https://github.com/pyca/pyopenssl/compare/17.2.0...17.5.0)


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/crowdresearch/daemo/network/alerts).