Require cryptography >= 2.3

Landon Gilbert-Bland · Landon Gilbert-Bland · commit 6e445678efea · 2018-08-04T08:07:07.000-06:00
This is in response to https://nvd.nist.gov/vuln/detail/CVE-2018-10903
diff --git a/requirements.txt b/requirements.txt
@@ -5,7 +5,7 @@ certifi==2018.4.16
 cffi==1.11.5
 chardet==3.0.4
 click==6.7
-cryptography==2.2.2
+cryptography==2.3
 docutils==0.14
 Flask==1.0
 Flask-Sphinx-Themes==1.0.2
diff --git a/setup.py b/setup.py
@@ -34,7 +34,7 @@
           'PyJWT',
       ],
       extras_require={
-        'asymmetric_crypto':  ["cryptography"]
+        'asymmetric_crypto':  ["cryptography >= 2.3"]
       },
       classifiers=[
         'Development Status :: 5 - Production/Stable',
