Re: [PATCH] sphinx: Bump urllib3 version

Heinrich Schuchardt Wed, 18 Oct 2023 05:43:43 -0700

On 10/18/23 14:33, Tom Rini wrote:

While unlikely to be a direct issue for us, urllib3 before 2.0.7 is
vulnerable to CVE-2023-45803, so bump our version up.


Reported-by: GitHub dependabot
Signed-off-by: Tom Rini <tr...@konsulko.com>


Reviewed-by: Heinrich Schuchardt <heinrich.schucha...@canonical.com>

---
Cc: Heinrich Schuchardt <xypron.g...@gmx.de>
---
  doc/sphinx/requirements.txt | 2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/sphinx/requirements.txt b/doc/sphinx/requirements.txt
index 6d45a3fefffe..39ececb96c2b 100644
--- a/doc/sphinx/requirements.txt
+++ b/doc/sphinx/requirements.txt
@@ -23,4 +23,4 @@ sphinxcontrib-htmlhelp==2.0.0
  sphinxcontrib-jsmath==1.0.1
  sphinxcontrib-qthelp==1.0.3
  sphinxcontrib-serializinghtml==1.1.5
-urllib3==2.0.6
+urllib3==2.0.7

Re: [PATCH] sphinx: Bump urllib3 version

Reply via email to