Skip to content

build(deps): bump cryptography from 46.0.6 to 46.0.7#211

Merged
kevinbackhouse merged 3 commits into
mainfrom
dependabot/pip/cryptography-46.0.7
May 22, 2026
Merged

build(deps): bump cryptography from 46.0.6 to 46.0.7#211
kevinbackhouse merged 3 commits into
mainfrom
dependabot/pip/cryptography-46.0.7

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 8, 2026
edited
Loading

Bumps cryptography from 46.0.6 to 46.0.7.

Changelog

Sourced from cryptography's changelog.

46.0.7 - 2026-04-07


* **SECURITY ISSUE**: Fixed an issue where non-contiguous buffers could be
  passed to APIs that accept Python buffers, which could lead to buffer
  overflow. **CVE-2026-39892**
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.5.6.

.. _v46-0-6:

Commits

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Apr 8, 2026
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Apr 8, 2026
@dependabot dependabot Bot added the python Pull requests that update python code label Apr 8, 2026
@dependabot
build(deps): bump cryptography from 46.0.6 to 46.0.7
8bad606 
Bumps [cryptography](https://github.com/pyca/cryptography) from 46.0.6 to 46.0.7.
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](pyca/cryptography@46.0.6...46.0.7)

---
updated-dependencies:
- dependency-name: cryptography
  dependency-version: 46.0.7
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/pip/cryptography-46.0.7 branch from f3a7723 to 8bad606 Compare April 9, 2026 15:32
@kevinbackhouse kevinbackhouse merged commit 51277f1 into main May 22, 2026
9 checks passed
@dependabot dependabot Bot deleted the dependabot/pip/cryptography-46.0.7 branch May 22, 2026 10:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kevinbackhouse kevinbackhouse kevinbackhouse approved these changes

@m-y-mo m-y-mo Awaiting requested review from m-y-mo

@p- p- Awaiting requested review from p- p- is a code owner

@JarLob JarLob Awaiting requested review from JarLob JarLob is a code owner

@sylwia-budzynska sylwia-budzynska Awaiting requested review from sylwia-budzynska sylwia-budzynska is a code owner

@Kwstubbs Kwstubbs Awaiting requested review from Kwstubbs Kwstubbs is a code owner

@anticomputer anticomputer Awaiting requested review from anticomputer anticomputer is a code owner

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@kevinbackhouse