- update to 41.0.7 (CVE-2023-49083, bsc#FIXME):

* Fixed compilation when using LibreSSL 3.8.2.
  * Fixed a null-pointer-dereference and segfault that could
    occur when loading certificates from a PKCS#7 bundle.
    Credit to **pkuzco** for reporting the issue. **CVE-2023-49083**

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=202

_service

@@ -1,7 +1,7 @@
 <services>
   <service name="download_files" mode="manual"/>
   <service name="cargo_vendor" mode="manual">
-    <param name="srcdir">cryptography-41.0.5/src/rust</param>
+    <param name="srcdir">cryptography-41.0.7/src/rust</param>
     <param name="compression">zst</param>
   </service>
   <service name="cargo_audit" mode="manual">

cryptography-41.0.5.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:392cb88b597247177172e02da6b7a63deeff1937fa6fec3bbf902ebd75d97ec7
-size 630537

python-cryptography.changes

@@ -1,3 +1,12 @@
+-------------------------------------------------------------------
+Tue Nov 28 09:27:57 UTC 2023 - Dirk Müller <dmueller@suse.com>
+
+- update to 41.0.7 (CVE-2023-49083, bsc#FIXME):
+  * Fixed compilation when using LibreSSL 3.8.2.
+  * Fixed a null-pointer-dereference and segfault that could
+    occur when loading certificates from a PKCS#7 bundle.
+    Credit to **pkuzco** for reporting the issue. **CVE-2023-49083**
+
 -------------------------------------------------------------------
 Fri Nov 10 13:28:56 UTC 2023 - Dirk Müller <dmueller@suse.com>
 

python-cryptography.spec

@@ -27,7 +27,7 @@
 %endif
 %{?sle15_python_module_pythons}
 Name:           python-cryptography%{psuffix}
-Version:        41.0.5
+Version:        41.0.7
 Release:        0
 Summary:        Python library which exposes cryptographic recipes and primitives
 License:        Apache-2.0 OR BSD-3-Clause
@@ -85,7 +85,6 @@ functions.
 
 %prep
 %autosetup -a2 -p1 -n cryptography-%{version}
-mkdir .cargo
 cp %{SOURCE3} .cargo/config
 rm -v src/rust/Cargo.lock