[Bug 214915] security/py-cryptography: Update to 1.6 (security fixes)
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Thu Dec 8 17:07:45 UTC 2016
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=214915
--- Comment #12 from commit-hook at freebsd.org ---
A commit references this bug:
Author: feld
Date: Thu Dec 8 17:07:23 UTC 2016
New revision: 428138
URL: https://svnweb.freebsd.org/changeset/ports/428138
Log:
security/py-pycryptography: Fix build on FreeBSD 9.3
Modern py-cryptography requires a more modern OpenSSL. This switch to
requiring OpenSSL from ports is a disruptive change, but it will protect
these users from the recently patched vulnerabilites.
Support for OpenSSL 0.9.8 was removed in pycryptography as of version 1.4.
The last release to support OpenSSL 0.9.8 was 1.3.4 which is still
vulnerable to the HDKF key generation bug. It appears that version 1.4
did build successfully on FreeBSD 9.3, but upstream had abandoned
support for OpenSSL 0.9.8 at that point so it is unclear if it was fully
functional.
PR: 214915
MFH: 2016Q4
Changes:
head/security/py-cryptography/Makefile
--
You are receiving this mail because:
You are on the CC list for the bug.
More information about the freebsd-python
mailing list