[OE-core] [PATCH 08/19] python3-cryptography{-vectors}: 46.0.4 -> 46.0.5

Mon, 02 Mar 2026 22:56:55 -0800 

46.0.5 - 2026-02-10 [1]

- An attacker could create a malicious public key that reveals portions of your
  private key when using certain uncommon elliptic curves (binary curves).
  This version now includes additional security checks to prevent this attack.
  This issue only affects binary elliptic curves, which are rarely used in
  real-world applications. Credit to XlabAI Team of Tencent Xuanwu Lab and Atuin
  Automated Vulnerability Discovery Engine for reporting the issue. 
CVE-2026-26007

- Support for SECT* binary elliptic curves is deprecated and will be removed in
  the next release.

[1] 
https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst#4605---2026-02-10

Backport 0001-bump-uv_build-to-0.10.0-14271.patch to fix compile failure
...
| ERROR Missing dependencies:
|       uv_build<0.10.0,>=0.7.19
| WARNING: exit code 1 from a shell command.
...

Signed-off-by: Hongxu Jia <[email protected]>
---
 .../python/python3-cryptography-common.inc    |  2 +-
 .../python/python3-cryptography-vectors.bb    |  6 +++--
 .../0001-bump-uv_build-to-0.10.0-14271.patch  | 27 +++++++++++++++++++
 ...ml-bump-uv_build-version-requirement.patch |  4 +--
 .../python/python3-cryptography.bb            |  2 +-
 ...toml-remove-benchmark-disable-option.patch |  4 +--
 6 files changed, 37 insertions(+), 8 deletions(-)
 create mode 100644 
meta/recipes-devtools/python/python3-cryptography-vectors/0001-bump-uv_build-to-0.10.0-14271.patch

diff --git a/meta/recipes-devtools/python/python3-cryptography-common.inc 
b/meta/recipes-devtools/python/python3-cryptography-common.inc
index 789ce89e53..4e4434bd66 100644
--- a/meta/recipes-devtools/python/python3-cryptography-common.inc
+++ b/meta/recipes-devtools/python/python3-cryptography-common.inc
@@ -3,4 +3,4 @@
 #
 # Additionally AUH will detect that they share this .inc file and
 # perform a lockstep upgrade for both.
-PV = "46.0.4"
+PV = "46.0.5"
diff --git a/meta/recipes-devtools/python/python3-cryptography-vectors.bb 
b/meta/recipes-devtools/python/python3-cryptography-vectors.bb
index 1408b6b010..3ed3160072 100644
--- a/meta/recipes-devtools/python/python3-cryptography-vectors.bb
+++ b/meta/recipes-devtools/python/python3-cryptography-vectors.bb
@@ -9,8 +9,10 @@ LIC_FILES_CHKSUM = 
"file://LICENSE;md5=8c3617db4fb6fae01f1d253ab91511e4 \
 # NOTE: Make sure to keep this recipe at the same version as 
python3-cryptography
 #       Upgrade both recipes at the same time
 require python3-cryptography-common.inc
-SRC_URI += "file://0001-pyproject.toml-bump-uv_build-version-requirement.patch"
-SRC_URI[sha256sum] = 
"fb8e489f5688d9751fd9631d4be0a0df3275698e78d6d753c1b8cf3ce4127c78"
+SRC_URI += "file://0001-pyproject.toml-bump-uv_build-version-requirement.patch 
\
+            file://0001-bump-uv_build-to-0.10.0-14271.patch \
+"
+SRC_URI[sha256sum] = 
"ffbccee9455201c01b37c63d65d9f83b362d40c2bed9caac248ebbdfa4e4fc7c"
 
 PYPI_PACKAGE = "cryptography_vectors"
 UPSTREAM_CHECK_PYPI_PACKAGE = "${PYPI_PACKAGE}"
diff --git 
a/meta/recipes-devtools/python/python3-cryptography-vectors/0001-bump-uv_build-to-0.10.0-14271.patch
 
b/meta/recipes-devtools/python/python3-cryptography-vectors/0001-bump-uv_build-to-0.10.0-14271.patch
new file mode 100644
index 0000000000..9fa4d1cd47
--- /dev/null
+++ 
b/meta/recipes-devtools/python/python3-cryptography-vectors/0001-bump-uv_build-to-0.10.0-14271.patch
@@ -0,0 +1,27 @@
+From 1f6626557e4766ffa40874984f1e29197ed66eb8 Mon Sep 17 00:00:00 2001
+From: Ridai Govinda Pombo <[email protected]>
+Date: Tue, 3 Mar 2026 10:38:12 +0800
+Subject: [PATCH] bump uv_build to 0.10.0 (#14271)
+
+Co-authored-by: Ridai Govinda Pombo <[email protected]>
+
+Upstream-Status: Backport 
[https://github.com/pyca/cryptography/commit/14cfa5757461d5c228600fc0104ac0ef08ea15d9]
+Signed-off-by: Hongxu Jia <[email protected]>
+---
+ pyproject.toml | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/pyproject.toml b/pyproject.toml
+index f01d2c1..f7af712 100644
+--- a/pyproject.toml
++++ b/pyproject.toml
+@@ -1,5 +1,5 @@
+ [build-system]
+-requires = ["uv_build>=0.7.19,<0.10.0"]
++requires = ["uv_build>=0.7.19,<0.11.0"]
+ build-backend = "uv_build"
+ 
+ [project]
+-- 
+2.34.1
+
diff --git 
a/meta/recipes-devtools/python/python3-cryptography-vectors/0001-pyproject.toml-bump-uv_build-version-requirement.patch
 
b/meta/recipes-devtools/python/python3-cryptography-vectors/0001-pyproject.toml-bump-uv_build-version-requirement.patch
index 23af7c200d..6faaf1051d 100644
--- 
a/meta/recipes-devtools/python/python3-cryptography-vectors/0001-pyproject.toml-bump-uv_build-version-requirement.patch
+++ 
b/meta/recipes-devtools/python/python3-cryptography-vectors/0001-pyproject.toml-bump-uv_build-version-requirement.patch
@@ -1,4 +1,4 @@
-From f2f6b2b391a34a10ad5d94f5c8c70c32a72a34a3 Mon Sep 17 00:00:00 2001
+From 6d4c14a2781fb02903fd4d59f638cf72ee370b8d Mon Sep 17 00:00:00 2001
 From: Alexander Kanavin <[email protected]>
 Date: Thu, 18 Dec 2025 20:20:13 +0100
 Subject: [PATCH] pyproject.toml: bump uv_build version requirement
@@ -10,7 +10,7 @@ Signed-off-by: Alexander Kanavin <[email protected]>
  1 file changed, 1 insertion(+), 1 deletion(-)
 
 diff --git a/pyproject.toml b/pyproject.toml
-index 9beed0d..0c421f3 100644
+index 2ed12a3..f01d2c1 100644
 --- a/pyproject.toml
 +++ b/pyproject.toml
 @@ -1,5 +1,5 @@
diff --git a/meta/recipes-devtools/python/python3-cryptography.bb 
b/meta/recipes-devtools/python/python3-cryptography.bb
index 036bfd2117..fc5cb50b02 100644
--- a/meta/recipes-devtools/python/python3-cryptography.bb
+++ b/meta/recipes-devtools/python/python3-cryptography.bb
@@ -11,7 +11,7 @@ LDSHARED += "-pthread"
 # NOTE: Make sure to keep this recipe at the same version as 
python3-cryptography-vectors
 #       Upgrade both recipes at the same time
 require python3-cryptography-common.inc
-SRC_URI[sha256sum] = 
"bfd019f60f8abc2ed1b9be4ddc21cfef059c841d86d710bb69909a688cbb8f59"
+SRC_URI[sha256sum] = 
"abace499247268e3757271b2f1e244b36b06f8515cf27c4d49468fc9eb16e93d"
 
 SRC_URI += "file://0001-pyproject.toml-remove-benchmark-disable-option.patch \
             file://check-memfree.py \
diff --git 
a/meta/recipes-devtools/python/python3-cryptography/0001-pyproject.toml-remove-benchmark-disable-option.patch
 
b/meta/recipes-devtools/python/python3-cryptography/0001-pyproject.toml-remove-benchmark-disable-option.patch
index 866b7a058f..5c2e3c53ba 100644
--- 
a/meta/recipes-devtools/python/python3-cryptography/0001-pyproject.toml-remove-benchmark-disable-option.patch
+++ 
b/meta/recipes-devtools/python/python3-cryptography/0001-pyproject.toml-remove-benchmark-disable-option.patch
@@ -1,4 +1,4 @@
-From 1fb7785f80037fa1258added61470d0c73fd3222 Mon Sep 17 00:00:00 2001
+From 6d6fbe77732ce3c4d2dcf3a5f75bb20ea352bf4a Mon Sep 17 00:00:00 2001
 From: Mingli Yu <[email protected]>
 Date: Tue, 17 May 2022 17:22:48 +0800
 Subject: [PATCH] pyproject.toml: remove --benchmark-disable option
@@ -26,7 +26,7 @@ Signed-off-by: Tim Orling <[email protected]>
  1 file changed, 1 insertion(+), 1 deletion(-)
 
 diff --git a/pyproject.toml b/pyproject.toml
-index b3d8c31..6593057 100644
+index 95ced11..75bfcbb 100644
 --- a/pyproject.toml
 +++ b/pyproject.toml
 @@ -134,7 +134,7 @@ exclude = [
-- 
2.34.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#232246): 
https://lists.openembedded.org/g/openembedded-core/message/232246
Mute This Topic: https://lists.openembedded.org/mt/118109848/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to