From f86331b2567b81fdee926ecff28d397469bed689 Mon Sep 17 00:00:00 2001 From: Nabarun Pal Date: Fri, 6 Nov 2020 02:55:04 +0530 Subject: [PATCH] Update pyyaml from 3.12 to 5.4.1 5.3.1 fixed partially vulnerabilities disclosed in CVE-2020-1747. A complete fix was debated at https://github.com/yaml/pyyaml/issues/420 and eventually got patched in 5.4.1 Changeset: https://github.com/yaml/pyyaml/compare/3.12...5.4.1 Signed-off-by: Nabarun Pal --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 74e38b7cd4..5411efad1a 100644 --- a/requirements.txt +++ b/requirements.txt @@ -2,7 +2,7 @@ certifi>=14.05.14 # MPL six>=1.9.0 # MIT python-dateutil>=2.5.3 # BSD setuptools>=21.0.0 # PSF/ZPL -pyyaml>=3.12 # MIT +pyyaml>=5.4.1 # MIT google-auth>=1.0.1 # Apache-2.0 ipaddress>=1.0.17;python_version=="2.7" # PSF websocket-client>=0.32.0,!=0.40.0,!=0.41.*,!=0.42.* # LGPLv2+