[PATCH] test/py/requirements.txt: Bump zipp to current release
A security issue exists with zipp before v3.19.1, and the current release is now v3.19.2. While the change in versions numbers is large, a manual inspection of the changelog shows that it's not as big as might be implied.
Reported-by: GitHub dependabot Signed-off-by: Tom Rini trini@konsulko.com --- test/py/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/test/py/requirements.txt b/test/py/requirements.txt index c1dd636931f7..6d3030cf90cd 100644 --- a/test/py/requirements.txt +++ b/test/py/requirements.txt @@ -27,4 +27,4 @@ testtools==2.3.0 traceback2==1.4.0 unittest2==1.1.0 wcwidth==0.1.7 -zipp==0.6.0 +zipp==3.19.2
On Wed, 10 Jul 2024 at 00:07, Tom Rini trini@konsulko.com wrote:
A security issue exists with zipp before v3.19.1, and the current release is now v3.19.2. While the change in versions numbers is large, a manual inspection of the changelog shows that it's not as big as might be implied.
Reported-by: GitHub dependabot Signed-off-by: Tom Rini trini@konsulko.com
test/py/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
Reviewed-by: Simon Glass sjg@chromium.org
diff --git a/test/py/requirements.txt b/test/py/requirements.txt index c1dd636931f7..6d3030cf90cd 100644 --- a/test/py/requirements.txt +++ b/test/py/requirements.txt @@ -27,4 +27,4 @@ testtools==2.3.0 traceback2==1.4.0 unittest2==1.1.0 wcwidth==0.1.7 -zipp==0.6.0
+zipp==3.19.2
2.34.1
On Tue, 09 Jul 2024 17:07:09 -0600, Tom Rini wrote:
A security issue exists with zipp before v3.19.1, and the current release is now v3.19.2. While the change in versions numbers is large, a manual inspection of the changelog shows that it's not as big as might be implied.
Applied to u-boot/master, thanks!
participants (2)
-
Simon Glass -
Tom Rini