Hi,
We have gotten a report that the fix for CVE-2026-26007 included in 46.0.5 is breaking Ansible.
Ansible now returns the following error:
fatal: [localhost]: FAILED! => changed=false
msg: Your cryptography version does not support SECP384R1
A simple reproducer for this issue is:
import cryptography.hazmat.primitives.asymmetric.ec
ecclass = cryptography.hazmat.primitives.asymmetric.ec.__dict__.get('SECP384R1')
print(ecclass)
Downstream bug report for possibly more information:
https://bugs.launchpad.net/ubuntu/+source/python-cryptography/+bug/2144373
(We had backported the security fix to our stable releases in Ubuntu, but the same issue is present in 46.0.5)
Thanks!
Hi,
We have gotten a report that the fix for CVE-2026-26007 included in 46.0.5 is breaking Ansible.
Ansible now returns the following error:
fatal: [localhost]: FAILED! => changed=false
msg: Your cryptography version does not support SECP384R1
A simple reproducer for this issue is:
Downstream bug report for possibly more information:
https://bugs.launchpad.net/ubuntu/+source/python-cryptography/+bug/2144373
(We had backported the security fix to our stable releases in Ubuntu, but the same issue is present in 46.0.5)
Thanks!