From Newsgroup: comp.lang.python.announce
PyCA cryptography 42.0.3 has been released to PyPI. cryptography
includes both high level recipes and low level interfaces to common cryptographic algorithms such as symmetric ciphers, asymmetric
algorithms, message digests, X509, key derivation functions, and much
more. We support Python 3.7+, and PyPy3 7.3.10+.
Changelog (
https://cryptography.io/en/latest/changelog/#v42-0-4):
* Fixed a null-pointer-dereference and segfault that could occur when creating a PKCS#12 bundle. Credit to **Alexander-Programming** for reporting the
issue. **CVE-2024-26130**
* Fixed ASN.1 encoding for PKCS7/SMIME signed messages. The fields ``SMIMECapabilities``
and ``SignatureAlgorithmIdentifier`` should now be correctly encoded
according to the
definitions in :rfc:`2633` :rfc:`3370`.
Alex
--
All that is necessary for evil to succeed is for good people to do nothing.
--- Synchronet 3.20a-Linux NewsLink 1.114