Skip to content

[Security] Bump certifi from 2022.12.7 to 2023.7.22

HIFIS Bot requested to merge dependabot/pip/certifi-2023.7.22 into master

Bumps certifi from 2022.12.7 to 2023.7.22. This update includes a security fix.

Vulnerabilities fixed

Removal of e-Tugra root certificate Certifi 2023.07.22 removes root certificates from "e-Tugra" from the root store. These are in the process of being removed from Mozilla's trust store.

e-Tugra's root certificates are being removed pursuant to an investigation prompted by reporting of security issues in their systems. Conclusions of Mozilla's investigation can be found here.

Patched versions: 2023.07.22; 2023.7.22 Affected versions: >= 2015.04.28, = 2015.4.28, < 2023.7.22

Commits

Merge request reports

Loading