From a779e43e2affc77889ab139ab76b0c2c3f07ede4 Mon Sep 17 00:00:00 2001
From: "J. Nick Koston" <nick@koston.org>
Date: Tue, 7 Feb 2023 19:30:16 -0600
Subject: [PATCH] Bump cryptography to 39.0.1 for CVE-2023-23931 (#87658)

Bump cryptography to 39.0.1

CVE-2023-23931
---
 homeassistant/package_constraints.txt | 2 +-
 pyproject.toml                        | 2 +-
 requirements.txt                      | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/homeassistant/package_constraints.txt b/homeassistant/package_constraints.txt
index 8dc60525be1..8ad9a144a1a 100644
--- a/homeassistant/package_constraints.txt
+++ b/homeassistant/package_constraints.txt
@@ -17,7 +17,7 @@ bluetooth-auto-recovery==1.0.3
 bluetooth-data-tools==0.3.1
 certifi>=2021.5.30
 ciso8601==2.3.0
-cryptography==39.0.0
+cryptography==39.0.1
 dbus-fast==1.84.0
 fnvhash==0.1.0
 hass-nabucasa==0.61.0
diff --git a/pyproject.toml b/pyproject.toml
index 6253e204117..216f5539463 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -41,7 +41,7 @@ dependencies    = [
     "lru-dict==1.1.8",
     "PyJWT==2.5.0",
     # PyJWT has loose dependency. We want the latest one.
-    "cryptography==39.0.0",
+    "cryptography==39.0.1",
     # pyOpenSSL 23.0.0 is required to work with cryptography 39+
     "pyOpenSSL==23.0.0",
     "orjson==3.8.5",
diff --git a/requirements.txt b/requirements.txt
index c423388bbbd..7d05e1bb2e7 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -16,7 +16,7 @@ ifaddr==0.1.7
 jinja2==3.1.2
 lru-dict==1.1.8
 PyJWT==2.5.0
-cryptography==39.0.0
+cryptography==39.0.1
 pyOpenSSL==23.0.0
 orjson==3.8.5
 pip>=21.0,<22.4