[PATCH] doc/sphinx: Bump idna to 3.7

Heinrich Schuchardt xypron.glpk at gmx.de
Sat Apr 13 03:08:30 CEST 2024


On 4/12/24 16:23, Tom Rini wrote:
> While we unlikely to have an issue with CVE-2024-3651, it is simple
> enough to bump our version of idna to receive the fix, do so.
>
> Cc: Heinrich Schuchardt <xypron.glpk at gmx.de>
> Reported-by: GitHub dependabot
> Signed-off-by: Tom Rini <trini at konsulko.com>

Tested-by: Heinrich Schuchardt <xypron.glpk at gmx.de>

> ---
>   doc/sphinx/requirements.txt | 2 +-
>   1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/doc/sphinx/requirements.txt b/doc/sphinx/requirements.txt
> index 840c6cedfde4..5b4df36804b5 100644
> --- a/doc/sphinx/requirements.txt
> +++ b/doc/sphinx/requirements.txt
> @@ -3,7 +3,7 @@ Babel==2.14.0
>   certifi==2023.11.17
>   charset-normalizer==3.3.2
>   docutils==0.20.1
> -idna==3.6
> +idna==3.7
>   imagesize==1.4.1
>   Jinja2==3.1.3
>   MarkupSafe==2.1.3



More information about the U-Boot mailing list