[Cryptography-dev] PyCA cryptography 42.0.4 released
Alex Gaynor
alex.gaynor at gmail.com
Tue Feb 20 22:08:47 EST 2024
PyCA cryptography 42.0.3 has been released to PyPI. cryptography
includes both high level recipes and low level interfaces to common
cryptographic algorithms such as symmetric ciphers, asymmetric
algorithms, message digests, X509, key derivation functions, and much
more. We support Python 3.7+, and PyPy3 7.3.10+.
Changelog (https://cryptography.io/en/latest/changelog/#v42-0-4):
* Fixed a null-pointer-dereference and segfault that could occur when creating
a PKCS#12 bundle. Credit to **Alexander-Programming** for reporting the
issue. **CVE-2024-26130**
* Fixed ASN.1 encoding for PKCS7/SMIME signed messages. The fields
``SMIMECapabilities``
and ``SignatureAlgorithmIdentifier`` should now be correctly encoded
according to the
definitions in :rfc:`2633` :rfc:`3370`.
Alex
--
All that is necessary for evil to succeed is for good people to do nothing.
More information about the Cryptography-dev
mailing list