{Packaging} Bump cryptography to 39.0.1 and pyOpenSSL to 23.0.0

[tspearconquest]

… and pyOpenSSL to 23.0.0

Related command

Description

Azure-CLI dependency: cryptography v38.0.4 has a CVE, this release of cryptography patches the CVE

Testing Guide

cryptography v38.0.4 has a CVE and v39.0.1 is no longer compatible with OpenSSL 1.x releases. All users must upgrade OpenSSL to 3.x to continue using the CLI

History Notes

[Component Name 1] BREAKING CHANGE: az command a: Make some customer-facing breaking change
[Component Name 2] az command b: Add some customer-facing feature

---

This checklist is used to make sure that common guidelines for a pull request are followed.

• The PR title and description has followed the guideline in Submitting Pull Requests.

• I adhere to the Command Guidelines.

• I adhere to the Error Handling Guidelines.

[ghost]

Thank you for your contribution tspearconquest! We will review the pull request and get back to you soon.

[tspearconquest]

@microsoft-github-policy-service agree

[tspearconquest]

@microsoft-github-policy-service agree

[yonzhan]

Add @bebound for awareness

[jiasli]

Thank you for your contribution @tspearconquest. The PR looks good. I will merge it once CI passes.

[bebound]

cryptography has built-in openssl, which is cryptography\hazmat\bindings\_openssl.pyd

import cryptography.hazmat.backends.openssl.backend
cryptography.hazmat.backends.openssl.backend.openssl_version_text()
>>> 'OpenSSL 3.0.8 7 Feb 2023'

import ssl
ssl.OPENSSL_VERSION
>>> 'OpenSSL 1.1.1q  5 Jul 2022'

Ref: https://cryptography.io/en/39.0.1/openssl/#cryptography.hazmat.backends.openssl.openssl_version_text