Repin cryptography before 1.32.0 release for critical OpenSSL vulnerability
alexzorin opened this issue · comments
alexzorin commented
If we can, depending on the details of the issue and the timing of the next cryptography release, we should try repin cryptography before releasing Certbot 1.32.0.
https://mta.openssl.org/pipermail/openssl-announce/2022-October/000238.html
Our snaps are running cryptography 38.0.1 wheels with OpenSSL 3.0.5.