Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enforce Python 3.9.2 or higher to resolve CVE #233

Merged
merged 1 commit into from
Feb 28, 2025
Merged

Enforce Python 3.9.2 or higher to resolve CVE #233

merged 1 commit into from
Feb 28, 2025

Conversation

dbwiddis
Copy link
Member

Description

CVE-2024-12797 requires cryptography version 44.0.1 to resolve. This in turn is incompatible with Python 3.9.0 and 3.9.1. Enforcing >=3.9.2 to resolve.

Issues Resolved

Fixes #230

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

@dbwiddis dbwiddis requested a review from dblock as a code owner February 25, 2025 18:08
@codecov Codecov
Copy link

codecov bot commented Feb 25, 2025
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 100.00%. Comparing base (2393216) to head (ffd777f).
Report is 109 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff            @@
##              main      #233   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files           78        78           
  Lines         2058      2063    +5     
=========================================
+ Hits          2058      2063    +5

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@dbwiddis
Copy link
Member Author

Pinging @dblock for a review here :)

@dblock dblock merged commit 6051b22 into opensearch-project:main Feb 28, 2025
7 checks passed
@dbwiddis dbwiddis deleted the python-version branch February 28, 2025 14:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dblock dblock dblock approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

cryptography-43.0.1-cp39-abi3-manylinux_2_28_x86_64.whl: 1 vulnerabilities (highest severity is: 4.8)
2 participants
@dbwiddis @dblock