From 2403774e76b279ecdd7238d35f04def6fb1ca8b8 Mon Sep 17 00:00:00 2001
From: Felipe Ruhland <felipe.ruhland@gmail.com>
Date: Fri, 2 Apr 2021 02:30:22 +0200
Subject: Upgrade cryptography library to version 3.4.7

Dependabot opened a pull request
93bcc0497d8302aa2d78bd7ef756fc2ff3fd0912 to upgrade cryptography from
2.3 to 3.2.

However, only `requirements.txt` was updated.
The extra requirements were kept outdated.

This commit was made to update the library to the last version.

Fix #2791

Signed-off-by: Felipe Ruhland <felipe.ruhland@gmail.com>
---
 requirements.txt | 2 +-
 setup.py         | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/requirements.txt b/requirements.txt
index f86a7bd..1d0be30 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -2,7 +2,7 @@ appdirs==1.4.3
 asn1crypto==0.22.0
 backports.ssl-match-hostname==3.5.0.1
 cffi==1.14.4
-cryptography==3.2
+cryptography==3.4.7
 enum34==1.1.6
 idna==2.5
 ipaddress==1.0.18
diff --git a/setup.py b/setup.py
index b86016e..b692eab 100644
--- a/setup.py
+++ b/setup.py
@@ -27,7 +27,7 @@ extras_require = {
     # https://github.com/pypa/pip/issues/4391).  Once that's fixed, instead of
     # installing the extra dependencies, install the following instead:
     # 'requests[security] >= 2.5.2, != 2.11.0, != 2.12.2'
-    'tls': ['pyOpenSSL>=17.5.0', 'cryptography>=1.3.4', 'idna>=2.0.0'],
+    'tls': ['pyOpenSSL>=17.5.0', 'cryptography>=3.4.7', 'idna>=2.0.0'],
 
     # Only required when connecting using the ssh:// protocol
     'ssh': ['paramiko>=2.4.2'],
-- 
cgit v1.2.1