Skip to content

Commit 8810d2e

Browse files
WadeBarnesWadeBarnes
authored
Merge pull request #1679 from OpSecId/replace-sha3-package
[Security] Remove sha3 (CVE-2022-37454)
2 parents 80c5226 + 8df8910 commit 8810d2e

File tree

2 files changed

+2
-9
lines changed

2 files changed

+2
-9
lines changed

setup.py

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -127,8 +127,6 @@ def run(self):
127127
### Tests fail without version pin (GHA run: https://github.com/udosson/indy-plenum/actions/runs/1078745445)
128128
'rlp==0.6.0',
129129
'semver==2.13.0',
130-
# 'sha3==0.2.1',
131-
'sha3',
132130
# 'six==1.15.0',
133131
'six',
134132
### Tests fail without version pin (GHA run: https://github.com/udosson/indy-plenum/actions/runs/1078741118)

state/util/utils.py

Lines changed: 2 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -3,14 +3,9 @@
33

44

55
import hashlib
6-
if hasattr(hashlib, 'sha3_256'):
7-
def sha3_256(x):
8-
return hashlib.sha3_256(x).digest()
9-
else:
10-
import sha3 as _sha3
11-
def sha3_256(x):
12-
return _sha3.sha3_256(x).digest()
136

7+
def sha3_256(x):
8+
return hashlib.sha3_256(x).digest()
149

1510
import rlp
1611
from rlp.sedes import big_endian_int, BigEndianInt, Binary

0 commit comments

Comments
 (0)