Updated external deps sheets after own review.

chevah · Oct 5, 2023 · 1dcddae · 1dcddae
1 parent af4642a
commit 1dcddae
Show file tree

Hide file tree

Showing 2 changed files with 205 additions and 237 deletions.
diff --git a/external_deps.csv b/external_deps.csv
@@ -29,7 +29,7 @@ pip,20.3.4¹⁴,9.0.3¹⁴,20.3.4chevah1,20.3.4chevah1,20.3.4chevah1,20.3.4cheva
 setuptools,44.1.1¹⁷,44.1.1¹⁷,44.1.1¹⁷,44.1.1¹⁷,44.1.1¹⁷,44.1.1¹⁷,44.1.1¹⁷,44.1.1¹⁷,44.1.1¹⁷,44.1.1¹⁷,44.1.1¹⁷,44.1.1¹⁷,44.1.1¹⁷,44.1.1¹⁷,44.1.1¹⁷,41.6.0¹⁷,41.6.0¹⁷,41.6.0¹⁷,44.1.1¹⁷,44.1.1¹⁷,44.1.1¹⁷,44.1.1¹⁷,44.1.1¹⁷,44.1.1¹⁷,44.1.1¹⁷
 pycparser,2.20,2.20,2.21,2.21,2.21,2.21,2.20,2.21,2.20,2.21,2.20,2.21,2.21,2.21,2.21,2.20,2.20,2.20,2.21,2.21,2.21,2.21,2.21,2.20,2.21
 setproctitle,1.1.10,1.1.10,1.1.10,1.1.10,1.1.10,1.1.10,1.1.10,1.1.10,1.1.10,1.1.10,1.1.10,1.1.10,1.1.10,1.1.10,1.1.10,1.1.10,1.1.10,1.1.10,1.1.10,1.1.10,1.1.10,1.1.10,1.1.10,1.1.10,1.1.10
-cryptography¹⁶,3.2.1¹²,2.9.2¹²,3.2.1¹²,3.3.2,3.3.2,3.3.2,2.9.2¹²,3.3.2,n/a,3.3.2,2.9.2¹² (wheel includes OpenSSL),3.3.2,3.3.2,3.3.2,3.3.2,n/a,n/a,n/a,3.2.1¹²,3.3.2,3.3.2,3.3.2,3.3.2,2.9.2¹² (wheel includes OpenSSL),3.3.2
+cryptography,3.2.1¹²,2.9.2¹²,3.2.1¹⁶,3.3.2¹⁶,3.3.2¹⁶,3.3.2¹⁶,2.9.2¹²,3.3.2¹⁶,n/a,3.3.2¹⁶,2.9.2¹² (wheel includes OpenSSL),3.3.2¹⁶,3.3.2¹⁶,3.3.2¹⁶,3.3.2¹⁶,n/a,n/a,n/a,3.2.1¹²,3.3.2¹⁶,3.3.2¹⁶,3.3.2¹⁶,3.3.2¹⁶,2.9.2¹² (wheel includes OpenSSL),3.3.2¹⁶
 six,1.15.0,1.13.0,1.15.0,1.15.0,1.15.0,1.15.0,1.11.0,1.15.0,1.15.0,1.15.0,1.11.0,1.15.0,1.15.0,1.15.0,1.15.0,1.15.0,1.11.0,1.15.0,1.15.0,1.11.0,1.11.0,1.11.0,1.11.0,1.11.0,1.11.0
 ipaddress,1.0.23,1.0.23,1.0.23,1.0.23,1.0.23,1.0.23,1.0.23,1.0.23,n/a,1.0.23,1.0.23,1.0.23,1.0.23,1.0.23,1.0.23,n/a,n/a,n/a,1.0.23,1.0.23,1.0.23,1.0.23,1.0.23,1.0.23,1.0.23
 cffi,1.14.5,1.14.0,1.15.1,1.15.1,1.15.1,1.15.1,1.14.0,1.15.1,n/a,1.15.1,1.14.0,1.15.1,1.15.1,1.15.1,1.15.1,n/a,1.14.0,1.14.5,1.15.1,1.15.1,1.15.1,1.15.1,1.15.1,1.14.0,1.15.1
@@ -59,5 +59,5 @@ Colour codes:,DARKGREY: Tier 2 platforms and their problematic dependencies,,,,,
 ,,,,,,,,,,,,"13. On Windows, the upstream Python 2.7.18 packages are hot patched with all the ActivePython fixes except CVE-2021-3177 and CVE-2020-10735",,,,,,,,,,,,,
 ,,,,,,,,,,,,14. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3572,,,,,,,,,,,,,
 ,,,,,,,,,,,,15. Corresponds to upstream OpenSSL version 1.0.2zg from 07 Feb 2023.,,,,,,,,,,,,,
-,,,,,,,,,,,,16. Both cryptography 3.2.1 and version 3.3.2 have been patched for CVE-2023-23931.,,,,,,,,,,,,,
+,,,,,,,,,,,,"16. Both cryptography 3.2.1 and version 3.3.2 have been patched for CVE-2023-23931, but not for CVE-2023-38325.",,,,,,,,,,,,,
 ,,,,,,,,,,,,17. Versions older than 65.5.1 are vulnerable to CVE-2022-40897.,,,,,,,,,,,,,