nixpkgs/pkgs/development/python-modules/cryptography/vectors.nix
Michael Weiss af9568fae8
python3Packages.cryptography: 3.3.1 -> 3.3.2 (security, CVE-2020-36242)
SECURITY ISSUE: Fixed a bug where certain sequences of update() calls
when symmetrically encrypting very large payloads (>2GB) could result in
an integer overflow, leading to buffer overflows. CVE-2020-36242

Note: This also updates {,vectors-}3.3.nix (for Python 2 / nixops)
because of the security issue.
2021-02-07 20:09:55 +01:00

24 lines
725 B
Nix

{ buildPythonPackage, fetchPypi, lib, cryptography }:
buildPythonPackage rec {
pname = "cryptography_vectors";
# The test vectors must have the same version as the cryptography package:
version = cryptography.version;
src = fetchPypi {
inherit pname version;
sha256 = "1yhaps0f3h2yjb6lmz953z1l1d84y9swk4k3gj9nqyk4vbx5m7cc";
};
# No tests included
doCheck = false;
meta = with lib; {
description = "Test vectors for the cryptography package";
homepage = "https://cryptography.io/en/latest/development/test-vectors/";
# Source: https://github.com/pyca/cryptography/tree/master/vectors;
license = with licenses; [ asl20 bsd3 ];
maintainers = with maintainers; [ primeos ];
};
}