From b955b90439c62d0cbacfd267e2bca712eae07a68 Mon Sep 17 00:00:00 2001
From: Andrew <realeandrea@yahoo.it>
Date: Thu, 25 May 2023 08:33:38 +0200
Subject: [PATCH] fix library vulnerability (do not merge)

fix CVE-2023-0465
Update ssl environment.devenv.yml

fix:
CVE-2023-0465 Invalid certificate policies in leaf certificates are silently ignored [Low severity] 23 March 2023
CVE-2023-1255 Input buffer over-read in AES-XTS implementation on 64 bit ARM
CVE-2023-0466 Certificate policy check not enabled [Low severity]
CVE-2023-0464 Excessive Resource Usage Verifying X.509 Policy Constraints [Low severity] 21 March 2023
wait ssl update version
---
 conda/environment.devenv.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/conda/environment.devenv.yml b/conda/environment.devenv.yml
index 9b71c679d8..5e33387c9e 100644
--- a/conda/environment.devenv.yml
+++ b/conda/environment.devenv.yml
@@ -75,7 +75,7 @@ dependencies:
 - ninja
 - numpy
 - occt==7.6.3
-- openssl==3.0.8
+- openssl==3.0.9
 - pcl
 - pip
 - pivy