python · cryptographyCritical
cryptography: OpenSSL vulnerability in statically linked wheels
pyca/cryptography wheels include a statically linked copy of OpenSSL that is vulnerable to a security issue.
What changed
pyca/cryptography wheels include a statically linked copy of OpenSSL that is vulnerable to a security issue. Versions prior to 48.01 are affected.
Who it affects
Users installing cryptography from wheels distributed on PyPI (not those building from source).
What to do today
Upgrade cryptography to version 48.01 or later.
The trail
Collected→
Audited→
Written→
Published