Skip to content

chore(deps): update dependency rsa to v4 [security] #986

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 3 commits into from
Closed

chore(deps): update dependency rsa to v4 [security] #986

wants to merge 3 commits into from

Conversation

renovate-bot
Copy link
Contributor

@renovate-bot renovate-bot commented Feb 23, 2022
edited
Loading

WhiteSource Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
rsa <4.6 -> <4.8 age adoption passing confidence

GitHub Vulnerability Alerts

CVE-2020-25658

It was found that python-rsa is vulnerable to Bleichenbacher timing attacks. An attacker can use this flaw via the RSA decryption API to decrypt parts of the cipher text encrypted with RSA.

Configuration

📅 Schedule: "" (UTC).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Renovate will not automatically rebase this PR, because other commits have been found.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, click this checkbox.

This PR has been generated by WhiteSource Renovate. View repository job log here.

@trusted-contributions-gcf trusted-contributions-gcf bot added kokoro:force-run Add this label to force Kokoro to re-run the tests. owlbot:run Add this label to trigger the Owlbot post processor. labels Feb 23, 2022
@gcf-owl-bot gcf-owl-bot bot removed the owlbot:run Add this label to trigger the Owlbot post processor. label Feb 23, 2022
@yoshi-kokoro yoshi-kokoro removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Feb 23, 2022
@renovate-bot renovate-bot changed the title chore(deps): update dependency rsa to v4 [security] chore(deps): update dependency rsa to <4.9 [security] Feb 24, 2022
@renovate-bot renovate-bot force-pushed the renovate/pypi-rsa-vulnerability branch from 3fa18c0 to 9ad2c43 Compare February 24, 2022 19:12
@trusted-contributions-gcf trusted-contributions-gcf bot added kokoro:force-run Add this label to force Kokoro to re-run the tests. owlbot:run Add this label to trigger the Owlbot post processor. labels Feb 24, 2022
@gcf-owl-bot gcf-owl-bot bot removed the owlbot:run Add this label to trigger the Owlbot post processor. label Feb 24, 2022
@yoshi-kokoro yoshi-kokoro removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Feb 24, 2022
@renovate-bot renovate-bot force-pushed the renovate/pypi-rsa-vulnerability branch from 9ad2c43 to c0576c3 Compare February 24, 2022 21:51
@renovate-bot renovate-bot changed the title chore(deps): update dependency rsa to <4.9 [security] chore(deps): update dependency rsa to v4 [security] Feb 24, 2022
@trusted-contributions-gcf trusted-contributions-gcf bot added kokoro:force-run Add this label to force Kokoro to re-run the tests. owlbot:run Add this label to trigger the Owlbot post processor. labels Feb 24, 2022
@gcf-owl-bot gcf-owl-bot bot removed the owlbot:run Add this label to trigger the Owlbot post processor. label Feb 24, 2022
@renovate-bot renovate-bot force-pushed the renovate/pypi-rsa-vulnerability branch from c0576c3 to d45981d Compare February 27, 2022 08:48
@renovate-bot renovate-bot changed the title chore(deps): update dependency rsa to v4 [security] chore(deps): update dependency rsa to <4.9 [security] Feb 27, 2022
@trusted-contributions-gcf trusted-contributions-gcf bot added the owlbot:run Add this label to trigger the Owlbot post processor. label Feb 27, 2022
@gcf-owl-bot gcf-owl-bot bot removed the owlbot:run Add this label to trigger the Owlbot post processor. label Feb 27, 2022
@yoshi-kokoro yoshi-kokoro removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Feb 27, 2022
@renovate-bot renovate-bot force-pushed the renovate/pypi-rsa-vulnerability branch from d45981d to eeb394a Compare February 27, 2022 10:43
@renovate-bot renovate-bot changed the title chore(deps): update dependency rsa to <4.9 [security] chore(deps): update dependency rsa to v4 [security] Feb 27, 2022
@trusted-contributions-gcf trusted-contributions-gcf bot added kokoro:force-run Add this label to force Kokoro to re-run the tests. owlbot:run Add this label to trigger the Owlbot post processor. labels Feb 27, 2022
@gcf-owl-bot gcf-owl-bot bot removed the owlbot:run Add this label to trigger the Owlbot post processor. label Feb 27, 2022
@yoshi-kokoro yoshi-kokoro removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Feb 27, 2022
@renovate-bot renovate-bot force-pushed the renovate/pypi-rsa-vulnerability branch from eeb394a to e7eb589 Compare February 27, 2022 14:12
@trusted-contributions-gcf trusted-contributions-gcf bot added the owlbot:run Add this label to trigger the Owlbot post processor. label Mar 12, 2022
@gcf-owl-bot gcf-owl-bot bot removed the owlbot:run Add this label to trigger the Owlbot post processor. label Mar 12, 2022
@yoshi-kokoro yoshi-kokoro removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Mar 12, 2022
@renovate-bot renovate-bot force-pushed the renovate/pypi-rsa-vulnerability branch from f9f8735 to f1165ac Compare March 15, 2022 23:27
@renovate-bot renovate-bot changed the title chore(deps): update dependency rsa to v4 [security] chore(deps): update dependency rsa to <4.9 [security] Mar 15, 2022
@trusted-contributions-gcf trusted-contributions-gcf bot added kokoro:force-run Add this label to force Kokoro to re-run the tests. owlbot:run Add this label to trigger the Owlbot post processor. labels Mar 15, 2022
@gcf-owl-bot gcf-owl-bot bot removed the owlbot:run Add this label to trigger the Owlbot post processor. label Mar 15, 2022
@yoshi-kokoro yoshi-kokoro removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Mar 15, 2022
@renovate-bot renovate-bot force-pushed the renovate/pypi-rsa-vulnerability branch from f1165ac to bc8af70 Compare March 16, 2022 01:37
@renovate-bot renovate-bot changed the title chore(deps): update dependency rsa to <4.9 [security] chore(deps): update dependency rsa to v4 [security] Mar 16, 2022
@trusted-contributions-gcf trusted-contributions-gcf bot added kokoro:force-run Add this label to force Kokoro to re-run the tests. owlbot:run Add this label to trigger the Owlbot post processor. labels Mar 16, 2022
@gcf-owl-bot gcf-owl-bot bot removed the owlbot:run Add this label to trigger the Owlbot post processor. label Mar 16, 2022
@yoshi-kokoro yoshi-kokoro removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Mar 16, 2022
@trusted-contributions-gcf trusted-contributions-gcf bot added kokoro:force-run Add this label to force Kokoro to re-run the tests. owlbot:run Add this label to trigger the Owlbot post processor. labels Mar 16, 2022
@gcf-owl-bot gcf-owl-bot bot removed the owlbot:run Add this label to trigger the Owlbot post processor. label Mar 16, 2022
@yoshi-kokoro yoshi-kokoro removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Mar 16, 2022
@trusted-contributions-gcf trusted-contributions-gcf bot added kokoro:force-run Add this label to force Kokoro to re-run the tests. owlbot:run Add this label to trigger the Owlbot post processor. labels Mar 19, 2022
@gcf-owl-bot gcf-owl-bot bot removed the owlbot:run Add this label to trigger the Owlbot post processor. label Mar 19, 2022
@yoshi-kokoro yoshi-kokoro removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Mar 19, 2022
@parthea
Copy link
Contributor

parthea commented Apr 5, 2022

Prefer #942

@parthea parthea closed this Apr 5, 2022
@forking-renovate
Copy link

Renovate Ignore Notification

As this PR has been closed unmerged, Renovate will ignore this upgrade and you will not receive PRs for any future 4.x releases. However, if you upgrade to 4.x manually then Renovate will reenable minor and patch updates automatically.

If this PR was closed by mistake or you changed your mind, you can simply rename this PR and you will soon get a fresh replacement PR opened.

@renovate-bot renovate-bot deleted the renovate/pypi-rsa-vulnerability branch April 5, 2022 11:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@arithmetic1728 arithmetic1728 Awaiting requested review from arithmetic1728

@sai-sunder-s sai-sunder-s Awaiting requested review from sai-sunder-s

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@renovate-bot @parthea @yoshi-kokoro