[PATCH] sphinx: Bump urllib3 version
Heinrich Schuchardt
heinrich.schuchardt at canonical.com
Wed Oct 18 14:43:26 CEST 2023
On 10/18/23 14:33, Tom Rini wrote:
> While unlikely to be a direct issue for us, urllib3 before 2.0.7 is
> vulnerable to CVE-2023-45803, so bump our version up.
>
> Reported-by: GitHub dependabot
> Signed-off-by: Tom Rini <trini at konsulko.com>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt at canonical.com>
> ---
> Cc: Heinrich Schuchardt <xypron.glpk at gmx.de>
> ---
> doc/sphinx/requirements.txt | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/doc/sphinx/requirements.txt b/doc/sphinx/requirements.txt
> index 6d45a3fefffe..39ececb96c2b 100644
> --- a/doc/sphinx/requirements.txt
> +++ b/doc/sphinx/requirements.txt
> @@ -23,4 +23,4 @@ sphinxcontrib-htmlhelp==2.0.0
> sphinxcontrib-jsmath==1.0.1
> sphinxcontrib-qthelp==1.0.3
> sphinxcontrib-serializinghtml==1.1.5
> -urllib3==2.0.6
> +urllib3==2.0.7
More information about the U-Boot
mailing list