From 12d61847133c4da60d3e511af37d6f7e548ccb7a Mon Sep 17 00:00:00 2001
From: Erik Johnston <erik@matrix.org>
Date: Fri, 26 Mar 2021 12:00:25 +0000
Subject: Explicitly upgrade openssl in docker file and enforce new version of
 cryptography (#9697)

---
 synapse/python_dependencies.py | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'synapse')

diff --git a/synapse/python_dependencies.py b/synapse/python_dependencies.py
index 321a333820..14ddaed026 100644
--- a/synapse/python_dependencies.py
+++ b/synapse/python_dependencies.py
@@ -82,6 +82,9 @@ REQUIREMENTS = [
     "Jinja2>=2.9",
     "bleach>=1.4.3",
     "typing-extensions>=3.7.4",
+    # We enforce that we have a `cryptography` version that bundles an `openssl`
+    # with the latest security patches.
+    "cryptography>=3.4.7;python_version>='3.6'",
 ]
 
 CONDITIONAL_REQUIREMENTS = {
-- 
cgit 1.4.1