[Bug 253711] security/py-openssl issues while running certbot after 20.0.1 upgrade
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Tue Feb 23 10:40:52 UTC 2021
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=253711
Matthew Seaman <matthew at FreeBSD.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |matthew at FreeBSD.org
--- Comment #5 from Matthew Seaman <matthew at FreeBSD.org> ---
If the issue with py-cryptography becoming dependent on a rust toolchain is a
blocker, then a compromise might be to update py-cryptography to version 3.3.2
(Released on 2021-02-07) which is the last version before the rust dependency
was introduced. See:
https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst
Note that was also a security fix / workaround for CVE-2020-36242,
CVE-2021-23840 -- but those could also be fixed by upgrading to openssl-1.1.1j
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-ports-bugs
mailing list