From 9b3b258b881ea56d538599b4e9b003763cd3b206 Mon Sep 17 00:00:00 2001
From: John Walstra <70371225+jsupun@users.noreply.github.com>
Date: Wed, 2 Nov 2022 10:08:43 -0700
Subject: [PATCH] Pin the Python SDK >= 16.4.1 for OpenSSL fix (#385)

KSM-336

Python SDK includes update of cryptography module which ...

    Updated Windows, macOS, and Linux wheels to be compiled with
    OpenSSL 3.0.7, which resolves CVE-2022-3602 and CVE-2022-3786.

This pins the SDK version in order to get those fixes. OpenSSL 3.0.7
still needs to be updated on the hosting operating system.
---
 integration/keeper_secrets_manager_ansible/README.md      | 6 +++++-
 .../keepersecurity/keeper_secrets_manager/README.md       | 4 ++++
 .../tower_execution_environment/requirements.txt          | 2 +-
 .../keeper_secrets_manager_ansible/requirements.txt       | 4 ++--
 integration/keeper_secrets_manager_ansible/setup.py       | 8 +++++---
 5 files changed, 17 insertions(+), 7 deletions(-)

diff --git a/integration/keeper_secrets_manager_ansible/README.md b/integration/keeper_secrets_manager_ansible/README.md
index 4f41af15..c57d9f1a 100644
--- a/integration/keeper_secrets_manager_ansible/README.md
+++ b/integration/keeper_secrets_manager_ansible/README.md
@@ -14,6 +14,10 @@ For more information see our official documentation page https://docs.keeper.io/
 
 # Changes
 
+## 1.1.5
+
+* Update pinned KSM SDK version. The KSM SDK has been updated to use OpenSSL 3.0.7 which resolves CVE-2022-3602, CVE-2022-3786.
+
 ## 1.1.4
 
 * Move check for custom record type in `keeper_create` plugin.
@@ -36,4 +40,4 @@ generation. `keeper_app_owner_public_key` also added to Ansible variables.
 * Fixed misspelled collection name in `README.md`
 
 ## 1.1.0
-* First Ansible Galaxy release
\ No newline at end of file
+* First Ansible Galaxy release
diff --git a/integration/keeper_secrets_manager_ansible/ansible_galaxy/keepersecurity/keeper_secrets_manager/README.md b/integration/keeper_secrets_manager_ansible/ansible_galaxy/keepersecurity/keeper_secrets_manager/README.md
index cb0cdf44..6e9012a3 100644
--- a/integration/keeper_secrets_manager_ansible/ansible_galaxy/keepersecurity/keeper_secrets_manager/README.md
+++ b/integration/keeper_secrets_manager_ansible/ansible_galaxy/keepersecurity/keeper_secrets_manager/README.md
@@ -116,6 +116,10 @@ configuration file or even a playbook.
 
 # Changes
 
+## 1.1.5
+
+* Update pinned KSM SDK version. The KSM SDK has been updated to use OpenSSL 3.0.7 which resolves CVE-2022-3602, CVE-2022-3786.
+
 ## 1.1.4
 
 * Move check for custom record type in `keeper_create` plugin.
diff --git a/integration/keeper_secrets_manager_ansible/ansible_galaxy/tower_execution_environment/requirements.txt b/integration/keeper_secrets_manager_ansible/ansible_galaxy/tower_execution_environment/requirements.txt
index d92d209a..7753b88b 100644
--- a/integration/keeper_secrets_manager_ansible/ansible_galaxy/tower_execution_environment/requirements.txt
+++ b/integration/keeper_secrets_manager_ansible/ansible_galaxy/tower_execution_environment/requirements.txt
@@ -1,3 +1,3 @@
 importlib_metadata
-keeper-secrets-manager-core>=16.3.5
+keeper-secrets-manager-core>=16.4.1
 keeper-secrets-manager-helper>=1.0.4
\ No newline at end of file
diff --git a/integration/keeper_secrets_manager_ansible/requirements.txt b/integration/keeper_secrets_manager_ansible/requirements.txt
index 9e95d294..fdb686b6 100644
--- a/integration/keeper_secrets_manager_ansible/requirements.txt
+++ b/integration/keeper_secrets_manager_ansible/requirements.txt
@@ -1,4 +1,4 @@
 ansible
 importlib_metadata
-keeper-secrets-manager-core>=16.3.5
-keeper-secrets-manager-helper>=1.0.4
\ No newline at end of file
+keeper-secrets-manager-core>=16.4.1
+keeper-secrets-manager-helper>=1.0.4
diff --git a/integration/keeper_secrets_manager_ansible/setup.py b/integration/keeper_secrets_manager_ansible/setup.py
index 20d2ed21..436ba9e9 100644
--- a/integration/keeper_secrets_manager_ansible/setup.py
+++ b/integration/keeper_secrets_manager_ansible/setup.py
@@ -9,7 +9,7 @@
     long_description = fp.read()
 
 install_requires = [
-    'keeper-secrets-manager-core>=16.3.5',
+    'keeper-secrets-manager-core>=16.4.1',
     'keeper-secrets-manager-helper>=1.0.4',
     'importlib_metadata',
     'ansible'
@@ -17,7 +17,7 @@
 
 setup(
     name="keeper-secrets-manager-ansible",
-    version='1.1.4',
+    version='1.1.5',
     description="Keeper Secrets Manager plugins for Ansible.",
     long_description=long_description,
     long_description_content_type="text/markdown",
@@ -37,7 +37,7 @@
         "Source Code": "https://github.com/Keeper-Security/secrets-manager",
     },
     classifiers=[
-        "Development Status :: 1 - Planning",
+        "Development Status :: 5 - Production/Stable",
         "Intended Audience :: Developers",
         "Intended Audience :: System Administrators",
         "License :: OSI Approved :: MIT License",
@@ -48,6 +48,8 @@
         "Programming Language :: Python :: 3.7",
         "Programming Language :: Python :: 3.8",
         "Programming Language :: Python :: 3.9",
+        "Programming Language :: Python :: 3.10",
+        "Programming Language :: Python :: 3.11",
         "Topic :: Security",
         "Topic :: System :: Installation/Setup",
         "Topic :: System :: Systems Administration"