From ec10c5ca11f82838b773b3d733e124fa03a164cfa96fb0762d8475e80faa92e1 Mon Sep 17 00:00:00 2001
From: Dirk Mueller <dmueller@suse.com>
Date: Tue, 28 Nov 2023 09:39:28 +0000
Subject: [PATCH] - update to 41.0.7 (CVE-2023-49083, bsc#FIXME):   * Fixed
 compilation when using LibreSSL 3.8.2.   * Fixed a null-pointer-dereference
 and segfault that could     occur when loading certificates from a PKCS#7
 bundle.     Credit to **pkuzco** for reporting the issue. **CVE-2023-49083**

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=202
---
 _service                    | 2 +-
 cryptography-41.0.5.tar.gz  | 3 ---
 cryptography-41.0.7.tar.gz  | 3 +++
 python-cryptography.changes | 9 +++++++++
 python-cryptography.spec    | 3 +--
 vendor.tar.zst              | 4 ++--
 6 files changed, 16 insertions(+), 8 deletions(-)
 delete mode 100644 cryptography-41.0.5.tar.gz
 create mode 100644 cryptography-41.0.7.tar.gz

diff --git a/_service b/_service
index a1236c3..fbf0073 100644
--- a/_service
+++ b/_service
@@ -1,7 +1,7 @@
 <services>
   <service name="download_files" mode="manual"/>
   <service name="cargo_vendor" mode="manual">
-    <param name="srcdir">cryptography-41.0.5/src/rust</param>
+    <param name="srcdir">cryptography-41.0.7/src/rust</param>
     <param name="compression">zst</param>
   </service>
   <service name="cargo_audit" mode="manual">
diff --git a/cryptography-41.0.5.tar.gz b/cryptography-41.0.5.tar.gz
deleted file mode 100644
index 21fd163..0000000
--- a/cryptography-41.0.5.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:392cb88b597247177172e02da6b7a63deeff1937fa6fec3bbf902ebd75d97ec7
-size 630537
diff --git a/cryptography-41.0.7.tar.gz b/cryptography-41.0.7.tar.gz
new file mode 100644
index 0000000..fcaca6b
--- /dev/null
+++ b/cryptography-41.0.7.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:13f93ce9bea8016c253b34afc6bd6a75993e5c40672ed5405a9c832f0d4a00bc
+size 630892
diff --git a/python-cryptography.changes b/python-cryptography.changes
index bc05e64..dcbc71d 100644
--- a/python-cryptography.changes
+++ b/python-cryptography.changes
@@ -1,3 +1,12 @@
+-------------------------------------------------------------------
+Tue Nov 28 09:27:57 UTC 2023 - Dirk Müller <dmueller@suse.com>
+
+- update to 41.0.7 (CVE-2023-49083, bsc#FIXME):
+  * Fixed compilation when using LibreSSL 3.8.2.
+  * Fixed a null-pointer-dereference and segfault that could
+    occur when loading certificates from a PKCS#7 bundle.
+    Credit to **pkuzco** for reporting the issue. **CVE-2023-49083**
+
 -------------------------------------------------------------------
 Fri Nov 10 13:28:56 UTC 2023 - Dirk Müller <dmueller@suse.com>
 
diff --git a/python-cryptography.spec b/python-cryptography.spec
index 60d05e0..ac221d9 100644
--- a/python-cryptography.spec
+++ b/python-cryptography.spec
@@ -27,7 +27,7 @@
 %endif
 %{?sle15_python_module_pythons}
 Name:           python-cryptography%{psuffix}
-Version:        41.0.5
+Version:        41.0.7
 Release:        0
 Summary:        Python library which exposes cryptographic recipes and primitives
 License:        Apache-2.0 OR BSD-3-Clause
@@ -85,7 +85,6 @@ functions.
 
 %prep
 %autosetup -a2 -p1 -n cryptography-%{version}
-mkdir .cargo
 cp %{SOURCE3} .cargo/config
 rm -v src/rust/Cargo.lock
 
diff --git a/vendor.tar.zst b/vendor.tar.zst
index 5c589b6..6242fe0 100644
--- a/vendor.tar.zst
+++ b/vendor.tar.zst
@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:c2bf8b0ccf00709609c959240f80eeed491146b88230c846be7f57f36b09c6f3
-size 4964767
+oid sha256:14b79b0953fcc5bf8ca400a3b568cfdbf6f7e12b83dfb9632e557ba0c5c85ac9
+size 4968945