Skip to content
This repository has been archived by the owner on Aug 22, 2022. It is now read-only.

Commit

Permalink
[SE-4386] Address vulnerabilities (#776)
Browse files Browse the repository at this point in the history 
* [SE-4386] Address CVE-2020-1747

Upgrade PyYAML in order to address CVE-2020-1747[1].

Ocim only loads YAML from trusted sources, but it's better to be safe
than sorry.

[1] GHSA-6757-jp84-gxfx

* [SE-4386] Address CVE-2021-20270

Upgrade Pygments to 2.7.4 in order to address CVE-2021-20270[1].

Also pin pip-tools so we get consistent output from pip-compile.

[1] GHSA-9w8r-397f-prfh
  • Loading branch information
Adolfo R. Brandes authored Apr 26, 2021
1 parent f1fbb8b commit ca61823
Show file tree
Hide file tree
Showing 7 changed files with 17 additions and 17 deletions.
2 changes: 1 addition & 1 deletion documentation/requirements.in
View file
Original file line number Diff line number Diff line change
@@ -1,2 +1,2 @@
mkdocs==1.1.2
pygments==2.7.3
pygments==2.7.4
2 changes: 1 addition & 1 deletion documentation/requirements.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ mkdocs==1.1.2
# via -r requirements.in
nltk==3.5
# via lunr
pygments==2.7.3
pygments==2.7.4
# via -r requirements.in
pyyaml==5.1.2
# via mkdocs
Expand Down
4 changes: 2 additions & 2 deletions requirements/base.in
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ mysqlclient==1.4.2.post1
openstacksdk==0.31.1
os-client-config==1.32.0
Pillow
pip-tools
pip-tools==5.5.0
psycopg2-binary==2.8.3
pyjwkest==1.4.0
pymongo==3.8.0
Expand All @@ -59,7 +59,7 @@ python-novaclient==14.1.0
python-openstackclient==3.19.0
python-swiftclient==3.7.0
pytz==2019.1
PyYAML<5.2,>=5.1.2
PyYAML<5.5,>=5.4.1
redis==3.2.1
requests
requests-file==1.4.3
Expand Down
5 changes: 2 additions & 3 deletions requirements/base.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -341,7 +341,7 @@ pbr==5.4.5
# stevedore
pillow==8.1.2
# via -r requirements/base.in
pip-tools==5.1.2
pip-tools==5.5.0
# via -r requirements/base.in
portend==2.6
# via cherrypy
Expand Down Expand Up @@ -423,7 +423,7 @@ pytz==2019.1
# oslo.serialization
# oslo.utils
# tempora
pyyaml==5.1.2
pyyaml==5.4.1
# via
# -r requirements/base.in
# cliff
Expand Down Expand Up @@ -502,7 +502,6 @@ six==1.14.0
# oslo.i18n
# oslo.utils
# packaging
# pip-tools
# pyjwkest
# pyopenssl
# pyrsistent
Expand Down
3 changes: 2 additions & 1 deletion requirements/dev.in
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,5 +3,6 @@
cryptography==3.2.1
django-debug-toolbar==2.2
ipdb==0.12
ipython==7.5.0
ipython==7.16.1
pygments==2.7.4
isort==4.3.20
13 changes: 7 additions & 6 deletions requirements/dev.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -251,7 +251,7 @@ ipdb==0.12
# via -r requirements/dev.in
ipython-genutils==0.2.0
# via traitlets
ipython==7.5.0
ipython==7.16.1
# via
# -r requirements/dev.in
# ipdb
Expand Down Expand Up @@ -405,7 +405,7 @@ pickleshare==0.7.5
# via ipython
pillow==8.1.2
# via -r requirements/base.in
pip-tools==5.1.2
pip-tools==5.5.0
# via -r requirements/base.in
portend==2.6
# via cherrypy
Expand Down Expand Up @@ -443,8 +443,10 @@ pyflakes==1.6.0
# via
# flake8
# prospector
pygments==2.6.1
# via ipython
pygments==2.7.4
# via
# -r requirements/dev.in
# ipython
pyhamcrest==2.0.2
# via twisted
pyjwkest==1.4.0
Expand Down Expand Up @@ -529,7 +531,7 @@ pytz==2019.1
# oslo.serialization
# oslo.utils
# tempora
pyyaml==5.1.2
pyyaml==5.4.1
# via
# -r requirements/base.in
# cliff
Expand Down Expand Up @@ -617,7 +619,6 @@ six==1.14.0
# oslo.i18n
# oslo.utils
# packaging
# pip-tools
# prompt-toolkit
# pyjwkest
# pyopenssl
Expand Down
5 changes: 2 additions & 3 deletions requirements/test.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -379,7 +379,7 @@ pep8-naming==0.4.1
# via prospector
pillow==8.1.2
# via -r requirements/base.in
pip-tools==5.1.2
pip-tools==5.5.0
# via -r requirements/base.in
portend==2.6
# via cherrypy
Expand Down Expand Up @@ -497,7 +497,7 @@ pytz==2019.1
# oslo.serialization
# oslo.utils
# tempora
pyyaml==5.1.2
pyyaml==5.4.1
# via
# -r requirements/base.in
# cliff
Expand Down Expand Up @@ -585,7 +585,6 @@ six==1.14.0
# oslo.i18n
# oslo.utils
# packaging
# pip-tools
# pyjwkest
# pyopenssl
# pyrsistent
Expand Down

0 comments on commit ca61823

Please sign in to comment.