From 95dfc5bfc56536ab92661b806982ccdd5b166706 Mon Sep 17 00:00:00 2001
From: lucyli-ca <107629053+lucyli-ca@users.noreply.github.com>
Date: Wed, 11 Sep 2024 11:20:35 -0400
Subject: [PATCH] Bump cryptography to 43.0.1 in
 llvm/utils/git/requirements.txt

PR to bump dependency version to resolve security vulnerability found.

pyca/cryptography's wheels include a statically linked copy of OpenSSL. The versions of OpenSSL included in cryptography 37.0.0-43.0.0 are vulnerable to a security issue. More details about the vulnerability itself can be found in https://openssl-library.org/news/secadv/20240903.txt.
---
 llvm/utils/git/requirements.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/llvm/utils/git/requirements.txt b/llvm/utils/git/requirements.txt
index 35d38df674a89..9080e76558841 100644
--- a/llvm/utils/git/requirements.txt
+++ b/llvm/utils/git/requirements.txt
@@ -158,7 +158,7 @@ charset-normalizer==3.3.2 \
     --hash=sha256:fd1abc0d89e30cc4e02e4064dc67fcc51bd941eb395c502aac3ec19fab46b519 \
     --hash=sha256:ff8fa367d09b717b2a17a052544193ad76cd49979c805768879cb63d9ca50561
     # via requests
-cryptography==42.0.5 \
+cryptography==43.0.1 \
     --hash=sha256:0270572b8bd2c833c3981724b8ee9747b3ec96f699a9665470018594301439ee \
     --hash=sha256:111a0d8553afcf8eb02a4fea6ca4f59d48ddb34497aa8706a6cf536f1a5ec576 \
     --hash=sha256:16a48c23a62a2f4a285699dba2e4ff2d1cff3115b9df052cdd976a18856d8e3d \