Upgrade to cryptography==41.0.1(and therefor pyopenssl==23.2.0 du…

…e to GHSA-5cpq-8wj7-hf2v

This only really impacts pip installs of Salt and the windows onedir
since the linux and macos onedir build every package dependency from
source, not from pre-existing wheels.

Signed-off-by: Pedro Algarvio <[email protected]>

changelog/64595.security.md

@@ -0,0 +1,3 @@
+Upgrade to `cryptography==41.0.1`(and therefor `pyopenssl==23.2.0` due to https://github.com/advisories/GHSA-5cpq-8wj7-hf2v
+
+This only really impacts pip installs of Salt and the windows onedir since the linux and macos onedir build every package dependency from source, not from pre-existing wheels.

requirements/darwin.txt

@@ -5,7 +5,7 @@
 apache-libcloud>=2.4.0
 backports.ssl_match_hostname>=3.7.0.1; python_version < '3.7'
 cherrypy>=17.4.1
-cryptography>=39.0.1
+cryptography>=41.0.1
 gitpython>=3.1.30; python_version >= '3.7'
 idna>=2.8
 linode-python>=1.1.1

requirements/static/ci/py3.10/cloud.txt

@@ -385,7 +385,7 @@ contextvars==2.4
     # via -r requirements/base.txt
 croniter==1.0.15 ; sys_platform != "win32"
     # via -r requirements/static/ci/common.in
-cryptography==39.0.2
+cryptography==41.0.1
     # via
     #   -r requirements/static/pkg/linux.in
     #   adal
@@ -669,7 +669,7 @@ pyjwt==2.4.0
     # via adal
 pynacl==1.4.0
     # via paramiko
-pyopenssl==23.0.0
+pyopenssl==23.2.0
     # via
     #   -r requirements/static/pkg/linux.in
     #   etcd3-py

requirements/static/ci/py3.10/darwin.txt

@@ -386,7 +386,7 @@ contextvars==2.4
     # via -r requirements/base.txt
 croniter==0.3.29 ; sys_platform != "win32"
     # via -r requirements/static/ci/common.in
-cryptography==39.0.2
+cryptography==41.0.1
     # via
     #   -r requirements/darwin.txt
     #   adal
@@ -670,7 +670,7 @@ pyjwt==2.4.0
     # via adal
 pynacl==1.3.0
     # via paramiko
-pyopenssl==23.0.0
+pyopenssl==23.2.0
     # via
     #   -r requirements/darwin.txt
     #   etcd3-py

requirements/static/ci/py3.10/freebsd.txt

@@ -384,7 +384,7 @@ contextvars==2.4
     # via -r requirements/base.txt
 croniter==0.3.29 ; sys_platform != "win32"
     # via -r requirements/static/ci/common.in
-cryptography==39.0.2
+cryptography==41.0.0
     # via
     #   adal
     #   azure-cosmosdb-table
@@ -669,7 +669,7 @@ pyjwt==2.4.0
     # via adal
 pynacl==1.3.0
     # via paramiko
-pyopenssl==23.0.0
+pyopenssl==23.2.0
     # via
     #   -r requirements/static/pkg/freebsd.in
     #   etcd3-py

requirements/static/ci/py3.10/lint.txt

@@ -390,7 +390,7 @@ contextvars==2.4
     # via -r requirements/base.txt
 croniter==1.0.15 ; sys_platform != "win32"
     # via -r requirements/static/ci/common.in
-cryptography==39.0.2
+cryptography==41.0.1
     # via
     #   -r requirements/static/pkg/linux.in
     #   adal
@@ -675,7 +675,7 @@ pymysql==1.0.2 ; python_version > "3.5"
     # via -r requirements/static/ci/linux.in
 pynacl==1.4.0
     # via paramiko
-pyopenssl==23.0.0
+pyopenssl==23.2.0
     # via
     #   -r requirements/static/pkg/linux.in
     #   etcd3-py

requirements/static/ci/py3.10/linux.txt

@@ -398,7 +398,7 @@ contextvars==2.4
     # via -r requirements/base.txt
 croniter==0.3.29 ; sys_platform != "win32"
     # via -r requirements/static/ci/common.in
-cryptography==39.0.2
+cryptography==41.0.1
     # via
     #   -r requirements/static/pkg/linux.in
     #   adal
@@ -689,7 +689,7 @@ pymysql==1.0.2 ; python_version > "3.5"
     # via -r requirements/static/ci/linux.in
 pynacl==1.3.0
     # via paramiko
-pyopenssl==23.0.0
+pyopenssl==23.2.0
     # via
     #   -r requirements/static/pkg/linux.in
     #   etcd3-py

requirements/static/ci/py3.10/windows.txt

@@ -71,7 +71,7 @@ colorama==0.4.1
     # via pytest
 contextvars==2.4
     # via -r requirements/base.txt
-cryptography==39.0.2
+cryptography==41.0.1
     # via
     #   -r requirements/windows.txt
     #   etcd3-py
@@ -237,7 +237,7 @@ pymssql==2.2.7
     # via -r requirements/windows.txt
 pymysql==1.0.2
     # via -r requirements/windows.txt
-pyopenssl==23.0.0
+pyopenssl==23.2.0
     # via
     #   -r requirements/windows.txt
     #   etcd3-py

requirements/static/ci/py3.7/cloud.txt

@@ -392,7 +392,7 @@ contextvars==2.4
     # via -r requirements/base.txt
 croniter==1.0.15 ; sys_platform != "win32"
     # via -r requirements/static/ci/common.in
-cryptography==39.0.2
+cryptography==41.0.1
     # via
     #   -r requirements/static/pkg/linux.in
     #   adal
@@ -711,7 +711,7 @@ pyjwt==2.4.0
     # via adal
 pynacl==1.4.0
     # via paramiko
-pyopenssl==23.0.0
+pyopenssl==23.2.0
     # via
     #   -r requirements/static/pkg/linux.in
     #   etcd3-py

requirements/static/ci/py3.7/freebsd.txt

@@ -391,7 +391,7 @@ contextvars==2.4
     # via -r requirements/base.txt
 croniter==0.3.29 ; sys_platform != "win32"
     # via -r requirements/static/ci/common.in
-cryptography==39.0.2
+cryptography==41.0.0
     # via
     #   adal
     #   azure-cosmosdb-table
@@ -705,7 +705,7 @@ pyjwt==2.4.0
     # via adal
 pynacl==1.3.0
     # via paramiko
-pyopenssl==23.0.0
+pyopenssl==23.2.0
     # via
     #   -r requirements/static/pkg/freebsd.in
     #   etcd3-py

requirements/static/ci/py3.7/lint.txt

@@ -399,7 +399,7 @@ contextvars==2.4
     # via -r requirements/base.txt
 croniter==1.0.15 ; sys_platform != "win32"
     # via -r requirements/static/ci/common.in
-cryptography==39.0.2
+cryptography==41.0.1
     # via
     #   -r requirements/static/pkg/linux.in
     #   adal
@@ -718,7 +718,7 @@ pymysql==1.0.2 ; python_version > "3.5"
     # via -r requirements/static/ci/linux.in
 pynacl==1.4.0
     # via paramiko
-pyopenssl==23.0.0
+pyopenssl==23.2.0
     # via
     #   -r requirements/static/pkg/linux.in
     #   etcd3-py

requirements/static/ci/py3.7/linux.txt

@@ -405,7 +405,7 @@ contextvars==2.4
     # via -r requirements/base.txt
 croniter==0.3.29 ; sys_platform != "win32"
     # via -r requirements/static/ci/common.in
-cryptography==39.0.2
+cryptography==41.0.1
     # via
     #   -r requirements/static/pkg/linux.in
     #   adal
@@ -725,7 +725,7 @@ pymysql==1.0.2 ; python_version > "3.5"
     # via -r requirements/static/ci/linux.in
 pynacl==1.3.0
     # via paramiko
-pyopenssl==23.0.0
+pyopenssl==23.2.0
     # via
     #   -r requirements/static/pkg/linux.in
     #   etcd3-py

requirements/static/ci/py3.7/windows.txt

@@ -77,7 +77,7 @@ colorama==0.4.1
     # via pytest
 contextvars==2.4
     # via -r requirements/base.txt
-cryptography==39.0.2
+cryptography==41.0.1
     # via
     #   -r requirements/windows.txt
     #   etcd3-py
@@ -250,7 +250,7 @@ pymssql==2.2.1
     # via -r requirements/windows.txt
 pymysql==1.0.2
     # via -r requirements/windows.txt
-pyopenssl==23.0.0
+pyopenssl==23.2.0
     # via
     #   -r requirements/windows.txt
     #   etcd3-py

requirements/static/ci/py3.8/cloud.txt

@@ -390,7 +390,7 @@ contextvars==2.4
     # via -r requirements/base.txt
 croniter==1.0.15 ; sys_platform != "win32"
     # via -r requirements/static/ci/common.in
-cryptography==39.0.2
+cryptography==41.0.1
     # via
     #   -r requirements/static/pkg/linux.in
     #   adal
@@ -700,7 +700,7 @@ pyjwt==2.4.0
     # via adal
 pynacl==1.4.0
     # via paramiko
-pyopenssl==23.0.0
+pyopenssl==23.2.0
     # via
     #   -r requirements/static/pkg/linux.in
     #   etcd3-py

requirements/static/ci/py3.8/freebsd.txt

@@ -389,7 +389,7 @@ contextvars==2.4
     # via -r requirements/base.txt
 croniter==0.3.29 ; sys_platform != "win32"
     # via -r requirements/static/ci/common.in
-cryptography==39.0.2
+cryptography==41.0.0
     # via
     #   adal
     #   azure-cosmosdb-table
@@ -695,7 +695,7 @@ pyjwt==2.4.0
     # via adal
 pynacl==1.3.0
     # via paramiko
-pyopenssl==23.0.0
+pyopenssl==23.2.0
     # via
     #   -r requirements/static/pkg/freebsd.in
     #   etcd3-py

requirements/static/ci/py3.8/lint.txt

@@ -397,7 +397,7 @@ contextvars==2.4
     # via -r requirements/base.txt
 croniter==1.0.15 ; sys_platform != "win32"
     # via -r requirements/static/ci/common.in
-cryptography==39.0.2
+cryptography==41.0.1
     # via
     #   -r requirements/static/pkg/linux.in
     #   adal
@@ -709,7 +709,7 @@ pymysql==1.0.2 ; python_version > "3.5"
     # via -r requirements/static/ci/linux.in
 pynacl==1.4.0
     # via paramiko
-pyopenssl==23.0.0
+pyopenssl==23.2.0
     # via
     #   -r requirements/static/pkg/linux.in
     #   etcd3-py

requirements/static/ci/py3.8/linux.txt

@@ -403,7 +403,7 @@ contextvars==2.4
     # via -r requirements/base.txt
 croniter==0.3.29 ; sys_platform != "win32"
     # via -r requirements/static/ci/common.in
-cryptography==39.0.2
+cryptography==41.0.1
     # via
     #   -r requirements/static/pkg/linux.in
     #   adal
@@ -715,7 +715,7 @@ pymysql==1.0.2 ; python_version > "3.5"
     # via -r requirements/static/ci/linux.in
 pynacl==1.3.0
     # via paramiko
-pyopenssl==23.0.0
+pyopenssl==23.2.0
     # via
     #   -r requirements/static/pkg/linux.in
     #   etcd3-py

requirements/static/ci/py3.8/windows.txt

@@ -73,7 +73,7 @@ colorama==0.4.1
     # via pytest
 contextvars==2.4
     # via -r requirements/base.txt
-cryptography==39.0.2
+cryptography==41.0.1
     # via
     #   -r requirements/windows.txt
     #   etcd3-py
@@ -238,7 +238,7 @@ pymssql==2.2.1
     # via -r requirements/windows.txt
 pymysql==1.0.2
     # via -r requirements/windows.txt
-pyopenssl==23.0.0
+pyopenssl==23.2.0
     # via
     #   -r requirements/windows.txt
     #   etcd3-py

requirements/static/ci/py3.9/cloud.txt

@@ -390,7 +390,7 @@ contextvars==2.4
     # via -r requirements/base.txt
 croniter==1.0.15 ; sys_platform != "win32"
     # via -r requirements/static/ci/common.in
-cryptography==39.0.2
+cryptography==41.0.1
     # via
     #   -r requirements/static/pkg/linux.in
     #   adal
@@ -703,7 +703,7 @@ pyjwt==2.4.0
     # via adal
 pynacl==1.4.0
     # via paramiko
-pyopenssl==23.0.0
+pyopenssl==23.2.0
     # via
     #   -r requirements/static/pkg/linux.in
     #   etcd3-py

requirements/static/ci/py3.9/darwin.txt

@@ -391,7 +391,7 @@ contextvars==2.4
     # via -r requirements/base.txt
 croniter==0.3.29 ; sys_platform != "win32"
     # via -r requirements/static/ci/common.in
-cryptography==39.0.2
+cryptography==41.0.1
     # via
     #   -r requirements/darwin.txt
     #   adal
@@ -699,7 +699,7 @@ pyjwt==2.4.0
     # via adal
 pynacl==1.3.0
     # via paramiko
-pyopenssl==23.0.0
+pyopenssl==23.2.0
     # via
     #   -r requirements/darwin.txt
     #   etcd3-py

requirements/static/ci/py3.9/freebsd.txt

@@ -389,7 +389,7 @@ contextvars==2.4
     # via -r requirements/base.txt
 croniter==0.3.29 ; sys_platform != "win32"
     # via -r requirements/static/ci/common.in
-cryptography==39.0.2
+cryptography==41.0.0
     # via
     #   adal
     #   azure-cosmosdb-table
@@ -698,7 +698,7 @@ pyjwt==2.4.0
     # via adal
 pynacl==1.3.0
     # via paramiko
-pyopenssl==23.0.0
+pyopenssl==23.2.0
     # via
     #   -r requirements/static/pkg/freebsd.in
     #   etcd3-py

requirements/static/ci/py3.9/lint.txt

@@ -395,7 +395,7 @@ contextvars==2.4
     # via -r requirements/base.txt
 croniter==1.0.15 ; sys_platform != "win32"
     # via -r requirements/static/ci/common.in
-cryptography==39.0.2
+cryptography==41.0.1
     # via
     #   -r requirements/static/pkg/linux.in
     #   adal
@@ -710,7 +710,7 @@ pymysql==1.0.2 ; python_version > "3.5"
     # via -r requirements/static/ci/linux.in
 pynacl==1.4.0
     # via paramiko
-pyopenssl==23.0.0
+pyopenssl==23.2.0
     # via
     #   -r requirements/static/pkg/linux.in
     #   etcd3-py

requirements/static/ci/py3.9/linux.txt

@@ -405,7 +405,7 @@ contextvars==2.4
     # via -r requirements/base.txt
 croniter==0.3.29 ; sys_platform != "win32"
     # via -r requirements/static/ci/common.in
-cryptography==39.0.2
+cryptography==41.0.1
     # via
     #   -r requirements/static/pkg/linux.in
     #   adal
@@ -720,7 +720,7 @@ pymysql==1.0.2 ; python_version > "3.5"
     # via -r requirements/static/ci/linux.in
 pynacl==1.3.0
     # via paramiko
-pyopenssl==23.0.0
+pyopenssl==23.2.0
     # via
     #   -r requirements/static/pkg/linux.in
     #   etcd3-py