Skip to content

chore(deps): bump pyasn1 from 0.6.2 to 0.6.3#701

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/uv/pyasn1-0.6.3
Open

chore(deps): bump pyasn1 from 0.6.2 to 0.6.3#701
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/uv/pyasn1-0.6.3

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Mar 17, 2026
edited
Loading

Bumps pyasn1 from 0.6.2 to 0.6.3.

Release notes

Sourced from pyasn1's releases.

Release 0.6.3

It's a minor release.

  • Added nesting depth limit to ASN.1 decoder to prevent stack overflow from deeply nested structures (CVE-2026-30922).
  • Fixed OverflowError from oversized BER length field.
  • Fixed DeprecationWarning stacklevel for deprecated attributes.
  • Fixed asDateTime incorrect fractional seconds parsing.

All changes are noted in the CHANGELOG.

Changelog

Sourced from pyasn1's changelog.

Revision 0.6.3, released 16-03-2026

Commits
  • af65c3b Prepare release 0.6.3
  • 5a49bd1 Merge commit from fork
  • 5494ba4 Fix asDateTime incorrect fractional seconds parsing (#102)
  • 71f486e Fix DeprecationWarning stacklevel for deprecated attributes (#101)
  • d7cb42d Fix OverflowError from oversized BER length field (#100)
  • See full diff in compare view

@dependabot dependabot bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels Mar 17, 2026
@dependabot dependabot bot force-pushed the dependabot/uv/pyasn1-0.6.3 branch 11 times, most recently from 85a34de to 84e8a59 Compare March 24, 2026 15:48
@dependabot dependabot bot force-pushed the dependabot/uv/pyasn1-0.6.3 branch 5 times, most recently from f226570 to c0410c2 Compare March 26, 2026 17:19
@dependabot
chore(deps): bump pyasn1 from 0.6.2 to 0.6.3
1649fac 
Bumps [pyasn1](https://github.com/pyasn1/pyasn1) from 0.6.2 to 0.6.3.
- [Release notes](https://github.com/pyasn1/pyasn1/releases)
- [Changelog](https://github.com/pyasn1/pyasn1/blob/main/CHANGES.rst)
- [Commits](pyasn1/pyasn1@v0.6.2...v0.6.3)

---
updated-dependencies:
- dependency-name: pyasn1
  dependency-version: 0.6.3
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/uv/pyasn1-0.6.3 branch from c0410c2 to 1649fac Compare March 27, 2026 10:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants