python3Packages.cryptography: 3.2.1 -> 3.3.1

Backward incompatible changes:
- Support for Python 3.5 has been removed due to low usage and
  maintenance burden.
- The GCM and AESGCM now require 64-bit to 1024-bit (8 byte to 128 byte)
  initialization vectors. This change is to conform with an upcoming
  OpenSSL release that will no longer support sizes outside this window.
- When deserializing asymmetric keys we now raise ValueError rather than
  UnsupportedAlgorithm when an unsupported cipher is used. This change
  is to conform with an upcoming OpenSSL release that will no longer
  distinguish between error types.
- We no longer allow loading of finite field Diffie-Hellman parameters
  of less than 512 bits in length. This change is to conform with an
  upcoming OpenSSL release that no longer supports smaller sizes. These
  keys were already wildly insecure and should not have been used in any
  application outside of testing.
This commit is contained in:
Michael Weiss 2020-12-10 13:38:54 +01:00
parent 4e33f29b79
commit 44b7d77591
No known key found for this signature in database
GPG Key ID: 5BE487C4D4771D83
2 changed files with 3 additions and 3 deletions

View File

@ -22,11 +22,11 @@
buildPythonPackage rec { buildPythonPackage rec {
pname = "cryptography"; pname = "cryptography";
version = "3.2.1"; # Also update the hash in vectors.nix version = "3.3.1"; # Also update the hash in vectors.nix
src = fetchPypi { src = fetchPypi {
inherit pname version; inherit pname version;
sha256 = "1qxz02kfsrihq1h4afyqwcsv9nh3s9mmrr6y9lhi4angw05y3mfk"; sha256 = "1ribd1vxq9wwz564mg60dzcy699gng54admihjjkgs9dx95pw5vy";
}; };
outputs = [ "out" "dev" ]; outputs = [ "out" "dev" ];

View File

@ -7,7 +7,7 @@ buildPythonPackage rec {
src = fetchPypi { src = fetchPypi {
inherit pname version; inherit pname version;
sha256 = "12dq1grn0bjj7c6sj6apd6328525n7xq4kbbmww63sn3x7081vls"; sha256 = "192wix3sr678x21brav5hgc6j93l7ab1kh69p2scr3fsblq9qy03";
}; };
# No tests included # No tests included