Skip to content

chore(deps): bump cryptography from 46.0.5 to 46.0.6 in /backend#1137

Merged
c0rydoras merged 1 commit intomainfrom
dependabot/pip/backend/cryptography-46.0.6
Apr 1, 2026
Merged

chore(deps): bump cryptography from 46.0.5 to 46.0.6 in /backend#1137
c0rydoras merged 1 commit intomainfrom
dependabot/pip/backend/cryptography-46.0.6

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Mar 29, 2026
edited
Loading

Bumps cryptography from 46.0.5 to 46.0.6.

Changelog

Sourced from cryptography's changelog.

46.0.6 - 2026-03-25


* **SECURITY ISSUE**: Fixed a bug where name constraints were not applied
  to peer names during verification when the leaf certificate contains a
  wildcard DNS SAN. Ordinary X.509 topologies are not affected by this bug,
  including those used by the Web PKI. Credit to **Oleh Konko (1seal)** for
  reporting the issue. **CVE-2026-34073**

.. _v46-0-5:

Commits

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Mar 29, 2026
@dependabot dependabot Bot requested a review from a team as a code owner March 29, 2026 00:14
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Mar 29, 2026
@dependabot dependabot Bot force-pushed the dependabot/pip/backend/cryptography-46.0.6 branch 2 times, most recently from a2655da to 9864ad4 Compare April 1, 2026 13:56
@c0rydoras
Copy link
Copy Markdown
Collaborator

c0rydoras commented Apr 1, 2026

@dependabot rebase

@c0rydoras c0rydoras enabled auto-merge (squash) April 1, 2026 14:19
@c0rydoras
Copy link
Copy Markdown
Collaborator

c0rydoras commented Apr 1, 2026

@dependabot rebase

@dependabot dependabot Bot force-pushed the dependabot/pip/backend/cryptography-46.0.6 branch from 9864ad4 to a6ef6c2 Compare April 1, 2026 14:20
@c0rydoras
Copy link
Copy Markdown
Collaborator

c0rydoras commented Apr 1, 2026

@dependabot rebase

@dependabot
chore(deps): bump cryptography from 46.0.5 to 46.0.6 in /backend
500056f 
Bumps [cryptography](https://github.com/pyca/cryptography) from 46.0.5 to 46.0.6.
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](pyca/cryptography@46.0.5...46.0.6)

---
updated-dependencies:
- dependency-name: cryptography
  dependency-version: 46.0.6
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot Bot force-pushed the dependabot/pip/backend/cryptography-46.0.6 branch from a6ef6c2 to 500056f Compare April 1, 2026 14:34
@c0rydoras c0rydoras merged commit 662bdd9 into main Apr 1, 2026
5 checks passed
@c0rydoras c0rydoras deleted the dependabot/pip/backend/cryptography-46.0.6 branch April 1, 2026 14:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@c0rydoras c0rydoras c0rydoras approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@c0rydoras