Debian Patches
Status for python-cryptography/43.0.0-3+deb13u1
| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| Use-local-python3-doc-inventory.patch | Use local python3-doc inventory. | Tristan Seligmann <mithrandi@debian.org> | not-needed | 2020-07-18 | ||
| drop-cffi-dep.patch | Remove run-time dependency on cffi On Debian we ship a separate cffi-backend package (without the cffi .egg-info), that just contains the run-time backend. This is all that cryptography requires at runtime. However, pkg_resources is pedantic and complains if it can't find expected run-time dependency's .egg-info. To, avoid the problem, we drop the dependency. |
Stefano Rivera <stefanor@debian.org> | no | debian | 2023-01-08 | |
| downgrade-deps.patch | Update some requirement versions to sid ones. | Andrey Rakhmatullin <wrar@debian.org> | no | 2025-03-23 | ||
| 0004-update-to-asn1-0.19-and-use-X509GeneralizedTime.patch | update to asn1 0.19 and use X509GeneralizedTime | Paul Kehrer <paul.l.kehrer@gmail.com> | no | 2024-11-17 | ||
| 0005-Support-128-bit-OID-arcs-11820.patch | Support 128-bit OID arcs (#11820) * Support 128-bit OID arcs * Update Cargo.lock to reflect updated rust-asn1 dependency |
Robby Cornelissen <robby.cornelissen@gmail.com> | no | 2024-10-24 | ||
| 0006-CVE-2026-26007.patch | EC check key on cofactor > 1 An attacker could create a malicious public key that reveals portions of your private key when using certain uncommon elliptic curves (binary curves). This version now includes additional security checks to prevent this attack. This issue only affects binary elliptic curves, which are rarely used in real-world applications. Credit to **XlabAI Team of Tencent Xuanwu Lab and Atuin Automated Vulnerability Discovery Engine** for reporting the issue. **CVE-2026-26007** Debian note: this is a partial backport of upstream commit 0eebb9dbb6343d9bc1d91e5a2482ed4e054a6d8c, to only include what's relevant for CVE-2026-26007. |
Paul Kehrer <paul.l.kehrer@gmail.com> | no | backport, https://github.com/pyca/cryptography/commit/0eebb9dbb6343d9bc1d91e5a2482ed4e054a6d8c | 2026-02-10 |
All known versions for source package 'python-cryptography'
- 46.0.5-1 (sid, forky)
- 43.0.0-3+deb13u1 (trixie-proposed-updates)
- 43.0.0-3 (trixie)
- 38.0.4-3+deb12u1 (bookworm)
- 38.0.4-3~deb12u1 (bookworm-security)