The Product Security Team opened 10 invalid CVE bugs against all of python-cryptography's dependents. No rebuilds are needed, as Python is a dynamic language. I wrote a script to close all of these and wanted a bug to block to keep track.
Note sure if setting `minor_update=True` would've been a good idea. It would avoid spam on the Blocked bugs, but then the actual maintainers wouldn't know that the bug was closed...