See https://github.com/pyca/pyopenssl/blob/master/CHANGELOG.rst "Fixed a potential use-after-free in the verify callback and resolved a memory leak when loading PKCS12 files with cacerts" Bugreport: https://github.com/pyca/pyopenssl/pull/723 We should bump to 17.5.0.
@arches, please stabilize.
An automated check of this bug failed - repoman reported dependency errors (81 lines truncated): > dependency.bad dev-python/pyopenssl/pyopenssl-17.5.0.ebuild: DEPEND: alpha(default/linux/alpha/13.0) ['>=dev-python/cryptography-2.1.4[python_targets_pypy(-)?,python_targets_pypy3(-)?,python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,python_targets_python3_6(-)?,-python_single_target_pypy(-),-python_single_target_pypy3(-),-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-),-python_single_target_python3_6(-)]'] > dependency.bad dev-python/pyopenssl/pyopenssl-17.5.0.ebuild: RDEPEND: alpha(default/linux/alpha/13.0) ['>=dev-python/cryptography-2.1.4[python_targets_pypy(-)?,python_targets_pypy3(-)?,python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,python_targets_python3_6(-)?,-python_single_target_pypy(-),-python_single_target_pypy3(-),-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-),-python_single_target_python3_6(-)]'] > dependency.bad dev-python/pyopenssl/pyopenssl-17.5.0.ebuild: DEPEND: alpha(default/linux/alpha/13.0/desktop) ['>=dev-python/cryptography-2.1.4[python_targets_pypy(-)?,python_targets_pypy3(-)?,python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,python_targets_python3_6(-)?,-python_single_target_pypy(-),-python_single_target_pypy3(-),-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-),-python_single_target_python3_6(-)]']
This has a hard dependency on dev-python/cryptography-2.1.4, which is not stable on anything but x86* and arm*, which in turn needs "~dev-python/cryptography-vectors-${PV}[${PYTHON_USEDEP}]". Please add the missing dependencies to package list.
An automated check of this bug failed - repoman reported dependency errors (7 lines truncated): > dependency.bad dev-python/cryptography/cryptography-2.1.4.ebuild: DEPEND: alpha(default/linux/alpha/13.0) ['>=dev-python/asn1crypto-0.21.0[python_targets_pypy(-)?,python_targets_pypy3(-)?,python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,python_targets_python3_6(-)?,-python_single_target_pypy(-),-python_single_target_pypy3(-),-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-),-python_single_target_python3_6(-)]'] > dependency.bad dev-python/cryptography/cryptography-2.1.4.ebuild: RDEPEND: alpha(default/linux/alpha/13.0) ['>=dev-python/asn1crypto-0.21.0[python_targets_pypy(-)?,python_targets_pypy3(-)?,python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,python_targets_python3_6(-)?,-python_single_target_pypy(-),-python_single_target_pypy3(-),-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-),-python_single_target_python3_6(-)]'] > dependency.bad dev-python/cryptography/cryptography-2.1.4.ebuild: DEPEND: alpha(default/linux/alpha/13.0/desktop) ['>=dev-python/asn1crypto-0.21.0[python_targets_pypy(-)?,python_targets_pypy3(-)?,python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,python_targets_python3_6(-)?,-python_single_target_pypy(-),-python_single_target_pypy3(-),-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-),-python_single_target_python3_6(-)]']
Adding dev-python/asn1crypto-0.24.0 for alpha. No keywords for 0.21.
ia64 stable
alpha stable
ppc64 stable
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=71bf4902ef89a1c91e208b4d74a468916af646e7 commit 71bf4902ef89a1c91e208b4d74a468916af646e7 Author: Sergei Trofimovich <slyfox@gentoo.org> AuthorDate: 2018-04-16 21:06:20 +0000 Commit: Sergei Trofimovich <slyfox@gentoo.org> CommitDate: 2018-04-16 21:06:20 +0000 dev-python/pyopenssl: stable 17.5.0 for ppc, bug #647000 Bug: https://bugs.gentoo.org/647000 Package-Manager: Portage-2.3.28, Repoman-2.3.9 RepoMan-Options: --include-arches="ppc" dev-python/pyopenssl/pyopenssl-17.5.0.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=69e30e55516ee0e6dfe0a71b1156f5c6840cfe78 commit 69e30e55516ee0e6dfe0a71b1156f5c6840cfe78 Author: Sergei Trofimovich <slyfox@gentoo.org> AuthorDate: 2018-04-16 21:06:08 +0000 Commit: Sergei Trofimovich <slyfox@gentoo.org> CommitDate: 2018-04-16 21:06:08 +0000 dev-python/cryptography: stable 2.1.4 for ppc, bug #647000 Bug: https://bugs.gentoo.org/647000 Package-Manager: Portage-2.3.28, Repoman-2.3.9 RepoMan-Options: --include-arches="ppc" dev-python/cryptography/cryptography-2.1.4.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=879ffc0fc6804ebcf5b7d3dc8f18a74e3e550585 commit 879ffc0fc6804ebcf5b7d3dc8f18a74e3e550585 Author: Sergei Trofimovich <slyfox@gentoo.org> AuthorDate: 2018-04-16 21:05:53 +0000 Commit: Sergei Trofimovich <slyfox@gentoo.org> CommitDate: 2018-04-16 21:05:53 +0000 dev-python/asn1crypto: stable 0.24.0 for ppc, bug #647000 Bug: https://bugs.gentoo.org/647000 Package-Manager: Portage-2.3.28, Repoman-2.3.9 RepoMan-Options: --include-arches="ppc" dev-python/asn1crypto/asn1crypto-0.24.0.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)}
hppa stable
@maintainer(s), please clean vulnerable.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c7c613f49f387e8bb1cb920f8d895028856964e4 commit c7c613f49f387e8bb1cb920f8d895028856964e4 Author: Aaron Bauman <bman@gentoo.org> AuthorDate: 2018-05-14 22:30:24 +0000 Commit: Aaron Bauman <bman@gentoo.org> CommitDate: 2018-05-15 01:46:55 +0000 dev-python/pyopenssl: drop vulnerable Bug: https://bugs.gentoo.org/647000 Package-Manager: Portage-2.3.36, Repoman-2.3.9 Closes: https://github.com/gentoo/gentoo/pull/8404 dev-python/pyopenssl/Manifest | 4 -- dev-python/pyopenssl/pyopenssl-16.2.0.ebuild | 62 -------------------------- dev-python/pyopenssl/pyopenssl-17.0.0.ebuild | 62 -------------------------- dev-python/pyopenssl/pyopenssl-17.2.0.ebuild | 66 ---------------------------- dev-python/pyopenssl/pyopenssl-17.4.0.ebuild | 66 ---------------------------- 5 files changed, 260 deletions(-)
