From owner-freebsd-python@freebsd.org Thu Dec 8 17:07:45 2016 Return-Path: Delivered-To: freebsd-python@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id AF138C6DD38 for ; Thu, 8 Dec 2016 17:07:45 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 97F0D14FF for ; Thu, 8 Dec 2016 17:07:45 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.ysv.freebsd.org (Postfix) id 975CBC6DD37; Thu, 8 Dec 2016 17:07:45 +0000 (UTC) Delivered-To: python@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 970F1C6DD36 for ; Thu, 8 Dec 2016 17:07:45 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 863A414FD for ; Thu, 8 Dec 2016 17:07:45 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id uB8H7jfD075055 for ; Thu, 8 Dec 2016 17:07:45 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: python@FreeBSD.org Subject: [Bug 214915] security/py-cryptography: Update to 1.6 (security fixes) Date: Thu, 08 Dec 2016 17:07:45 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Ports & Packages X-Bugzilla-Component: Individual Port(s) X-Bugzilla-Version: Latest X-Bugzilla-Keywords: needs-qa, patch, security X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: commit-hook@freebsd.org X-Bugzilla-Status: In Progress X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: feld@FreeBSD.org X-Bugzilla-Flags: maintainer-feedback+ merge-quarterly? X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-python@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: FreeBSD-specific Python issues List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 08 Dec 2016 17:07:45 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D214915 --- Comment #12 from commit-hook@freebsd.org --- A commit references this bug: Author: feld Date: Thu Dec 8 17:07:23 UTC 2016 New revision: 428138 URL: https://svnweb.freebsd.org/changeset/ports/428138 Log: security/py-pycryptography: Fix build on FreeBSD 9.3 Modern py-cryptography requires a more modern OpenSSL. This switch to requiring OpenSSL from ports is a disruptive change, but it will protect these users from the recently patched vulnerabilites. Support for OpenSSL 0.9.8 was removed in pycryptography as of version 1.4. The last release to support OpenSSL 0.9.8 was 1.3.4 which is still vulnerable to the HDKF key generation bug. It appears that version 1.4 did build successfully on FreeBSD 9.3, but upstream had abandoned support for OpenSSL 0.9.8 at that point so it is unclear if it was fully functional. PR: 214915 MFH: 2016Q4 Changes: head/security/py-cryptography/Makefile --=20 You are receiving this mail because: You are on the CC list for the bug.=