Closed jauderho closed 1 year ago
Hi @nabla-c0d3, do you have bandwidth to work on this or do you need help with it? This would unblock some dependency updates for us.
Fixed as part of v5.1.2.
@eloquence Hello! Which of your projects is using sslyze? Just curious
Thanks much @nabla-c0d3! We have a custom test suite that performs various config checks against our prod websites (in a private repo right now), and we also use pshtt (forked because it has its own set of dependency issues) as part of our landing page scanner for SecureDrop landing pages.
Describe the bug cryptography==38.0.4 is being flagged as being vulnerable. The recommended solution is to move to 39.x
To Reproduce See https://github.com/jauderho/dockerfiles/pull/1723
Expected behavior Remove constraint in https://github.com/nabla-c0d3/sslyze/blob/4ec80a38c7be787e5d05576f0f9b92920bc370b2/setup.py#L102
Python environment (please complete the following information):
Additional context Add any other context about the problem here.