Merge pull request #290 from DevoInc/AL-1167_cryptography_vulnerability

franjuan · web-flow · commit eecbf7de3061 · 2024-09-13T16:01:01.000+02:00
fix: Upgraded dependency cryptography~=43.0.1
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -4,6 +4,11 @@ All notable changes to this project will be documented in this file.
 
 The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
 
+## [5.4.1] - 2024-09-13
+
+### Security
+- `cryptography` dependency upgraded from `cryptography~=42.0.5` to `cryptography~=43.0.1`
+
 ## [5.4.0] - 2024-07-09
 
 ### Changed
diff --git a/devo/__version__.py b/devo/__version__.py
@@ -1,6 +1,6 @@
 __description__ = "Devo Python Library."
 __url__ = "http://www.devo.com"
-__version__ = "5.4.0"
+__version__ = "5.4.1"
 __author__ = "Devo"
 __author_email__ = "support@devo.com"
 __license__ = "MIT"
diff --git a/requirements.txt b/requirements.txt
@@ -2,7 +2,7 @@ click==8.1.7
 PyYAML==6.0.1
 requests~=2.32
 pem~=21.2.0
-pyopenssl~=24.1.0
+pyopenssl~=24.2.1
 pytz~=2024.1
 certifi~=2024.7.4
-cryptography~=42.0.8
+cryptography~=43.0.1
diff --git a/setup.py b/setup.py
@@ -29,10 +29,10 @@
     "click==8.1.7",
     "PyYAML==6.0.1",
     "pem~=21.2.0",
-    "pyopenssl~=24.1.0",
+    "pyopenssl~=24.2.1",
     "pytz~=2024.1",
     "certifi~=2024.7.4",
-    "cryptography~=42.0.8",
+    "cryptography~=43.0.1",
 ]
 EXTRAS_REQUIRE = {
     "dev": [
