From 4527f06bb0c33ab1ade34f6e5827ff9d00fc303d Mon Sep 17 00:00:00 2001
From: akalex <oomyshev@healthjoy.com>
Date: Fri, 1 Mar 2024 10:34:01 +0200
Subject: [PATCH] chore: Bump up version to 3.6.2

---
 CHANGES.md     | 7 +++++++
 pyproject.toml | 2 +-
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/CHANGES.md b/CHANGES.md
index fd23741..182edf4 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -1,4 +1,11 @@
 # Changelog
+## 3.6.2
+* Resolve a couple of security concerns by updating `cryptography` package to `42.0.4`.
+  * [High] cryptography NULL pointer dereference with pkcs12.serialize_key_and_certificates when called with a non-matching certificate and private key and an hmac_hash override
+  * [High] Python Cryptography package vulnerable to Bleichenbacher timing oracle attack
+  * [Moderate] Null pointer dereference in PKCS12 parsing
+  * [Moderate] cryptography vulnerable to NULL-dereference when loading PKCS7 certificates
+
 ## 3.6.1
 * Remove unintended quoting of the column char in the API URLs
 
diff --git a/pyproject.toml b/pyproject.toml
index 41bdb26..c62cc8c 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "async-firebase"
-version = "3.6.1"
+version = "3.6.2"
 description = "Async Firebase Client - a Python asyncio client to interact with Firebase Cloud Messaging in an easy way."
 license = "MIT"
 authors = [