File matrix-synapse-cryptography-version.patch of Package matrix-synapse
From c20f16678d759a34ab42a85435a3caeed3de16db Mon Sep 17 00:00:00 2001
From: Oleg Girko <email@example.com>
Date: Tue, 6 Apr 2021 23:39:20 +0100
Subject: [PATCH] Don't require specific version of cryptography library.
This partially reverts 12d6184713 that was supposed to fix OpenSSL bug
by requiring cryptography Python package that is built with newer
The problem with this approach is that Linux distributions (like Fedora)
ship this package built with OpenSSL dynamically linked and update
Requiring newest cryptography package is not just unnecessary, but also
doesn't work for these distributions because they have older version of
Signed-off-by: Oleg Girko <firstname.lastname@example.org>
pyproject.toml | 3 ---
1 file changed, 3 deletions(-)
diff --git a/pyproject.toml b/pyproject.toml
index e600a1d52e..2acbed18ba 100644
@@ -146,9 +146,6 @@ bleach = ">=1.4.3"
# Additionally we need https://github.com/python/typing/pull/817 to allow types to be
# generic over ParamSpecs.
typing-extensions = ">=18.104.22.168"
-# We enforce that we have a `cryptography` version that bundles an `openssl`
-# with the latest security patches.
-cryptography = ">=3.4.7"
# ijson 3.1.4 fixes a bug with "." in property names
ijson = ">=3.1.4"
matrix-common = "~=1.1.0"