Skip to content

Commit

Permalink
Update Python dependency - urllib3 from v1.25.8 to v1.25.9
Browse files Browse the repository at this point in the history 
https://www.cve.org/CVERecord?id=CVE-2020-26137

> urllib3 before 1.25.9 allows CRLF injection if the attacker controls
> the HTTP request method, as demonstrated by inserting CR and LF
> control characters in the first argument of putrequest(). NOTE: this
> is similar to CVE-2020-26116.
  • Loading branch information
@PeterDaveHello
PeterDaveHello committed Jun 30, 2022
1 parent 4399f41 commit 7d52158
Show file tree
Hide file tree
Showing 3 changed files with 9 additions and 10 deletions.
2 changes: 1 addition & 1 deletion Pipfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ testinfra = "==3.3.0"
texttable = "==1.6.2"
toml = "==0.10.0"
tox = "==3.14.3"
urllib3 = "==1.25.8"
urllib3 = "==1.25.9"
virtualenv = "==16.7.9"
wcwidth = "==0.1.7"
zipp = "==0.6.0"
Expand Down
15 changes: 7 additions & 8 deletions Pipfile.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion requirements.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,7 @@ testinfra==3.3.0
texttable==1.6.2
toml==0.10.0
tox==3.14.3
urllib3==1.25.8
urllib3==1.25.9
virtualenv==16.7.9
wcwidth==0.1.7
websocket-client==0.57.0
Expand Down

0 comments on commit 7d52158

Please sign in to comment.