[PATCH] doc/sphinx, test/py: Update requests module to 2.32.0
The issue described in https://github.com/psf/requests/pull/6655 has been assigned as a security issue. While unlikely to be exploited in our usage, update to the current release to fix it.
Reported-by: GitHub dependabot Signed-off-by: Tom Rini trini@konsulko.com --- Cc: Heinrich Schuchardt xypron.glpk@gmx.de --- doc/sphinx/requirements.txt | 2 +- test/py/requirements.txt | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/doc/sphinx/requirements.txt b/doc/sphinx/requirements.txt index 426f41e1a028..7d1e8a02018b 100644 --- a/doc/sphinx/requirements.txt +++ b/doc/sphinx/requirements.txt @@ -9,7 +9,7 @@ Jinja2==3.1.4 MarkupSafe==2.1.3 packaging==23.2 Pygments==2.17.2 -requests==2.31.0 +requests==2.32.0 six==1.16.0 snowballstemmer==2.2.0 Sphinx==7.2.6 diff --git a/test/py/requirements.txt b/test/py/requirements.txt index 0f67c3c61949..20b6504454c4 100644 --- a/test/py/requirements.txt +++ b/test/py/requirements.txt @@ -20,7 +20,7 @@ pytest==6.2.5 pytest-xdist==2.5.0 python-mimeparse==1.6.0 python-subunit==1.3.0 -requests==2.31.0 +requests==2.32.0 setuptools==65.5.1 six==1.16.0 testtools==2.3.0
On Tue, May 21, 2024 at 04:32:53PM -0600, Tom Rini wrote:
The issue described in https://github.com/psf/requests/pull/6655 has been assigned as a security issue. While unlikely to be exploited in our usage, update to the current release to fix it.
Reported-by: GitHub dependabot Signed-off-by: Tom Rini trini@konsulko.com
I'm NAK'ing this version of the patch as upstream has now "yanked" 2.23.0 and 2.23.1, and 2.23.2 was released on May 21st and 2.23.3 today. I'll revisit this issue later once things seem to have settled down.
participants (1)
-
Tom Rini