Bump cryptography to 39.0.1 for CVE-2023-23931 (#87658)

Bump cryptography to 39.0.1 CVE-2023-23931
2023-02-07 19:30:16 -06:00 · 2023-02-07 19:30:16 -06:00 · f0118b3d30
parent d829a2045a
commit f0118b3d30
3 changed files with 3 additions and 3 deletions
--- a/homeassistant/package_constraints.txt
+++ b/homeassistant/package_constraints.txt
@ -17,7 +17,7 @@ bluetooth-auto-recovery==1.0.3
 bluetooth-data-tools==0.3.1
 certifi>=2021.5.30
 ciso8601==2.3.0
-cryptography==39.0.0
+cryptography==39.0.1
 dbus-fast==1.84.0
 fnvhash==0.1.0
 hass-nabucasa==0.61.0
--- a/pyproject.toml
+++ b/pyproject.toml
@ -41,7 +41,7 @@ dependencies    = [
    "lru-dict==1.1.8",
    "PyJWT==2.5.0",
    # PyJWT has loose dependency. We want the latest one.
-    "cryptography==39.0.0",
+    "cryptography==39.0.1",
    # pyOpenSSL 23.0.0 is required to work with cryptography 39+
    "pyOpenSSL==23.0.0",
    "orjson==3.8.5",
--- a/requirements.txt
+++ b/requirements.txt
@ -16,7 +16,7 @@ ifaddr==0.1.7
 jinja2==3.1.2
 lru-dict==1.1.8
 PyJWT==2.5.0
-cryptography==39.0.0
+cryptography==39.0.1
 pyOpenSSL==23.0.0
 orjson==3.8.5
 pip>=21.0,<23.1