Fix CVE

-> Vulnerability found in lxml version 4.8.0 Vulnerability ID: 50748 Affected spec: <4.9.1 ADVISORY: Lxml 4.9.1 include a fix for CVE-2022-2309: NULL Pointer Dereference allows attackers to cause a denial of service (or application... CVE-2022-2309 For more information, please visit https://pyup.io/vulnerabilities/CVE-2022-2309/50748/ -> Vulnerability found in mako version 1.2.0 Vulnerability ID: 50870 Affected spec: <1.2.2 ADVISORY: Mako 1.2.2 includes a fix for a REDoS vulnerability.sqlalchemy/mako#366 PVE-2022-50870 For more information, please visit https://pyup.io/vulnerabilities/PVE-2022-50870/50870/ -> Vulnerability found in ujson version 5.2.0 Vulnerability ID: 49755 Affected spec: <5.4.0 ADVISORY: Ujson 5.4.0 includes a fix for CVE-2022-31117: In versions prior to 5.4.0 an error occurring while reallocating a buffer for string... CVE-2022-31117 For more information, please visit https://pyup.io/vulnerabilities/CVE-2022-31117/49755/ -> Vulnerability found in ujson version 5.2.0 Vulnerability ID: 49754 Affected spec: <5.4.0 ADVISORY: Ujson 5.4.0 includes a fix for CVE-2022-31116: Incorrect handling of invalid surrogate pair... CVE-2022-31116 For more information, please visit https://pyup.io/vulnerabilities/CVE-2022-31116/49754/
camptocamp · Sep 30, 2022 · c3130a2 · c3130a2
1 parent dfdbb17
commit c3130a2
Show file tree

Hide file tree

Showing 4 changed files with 297 additions and 266 deletions.
diff --git a/Pipfile b/Pipfile
@@ -18,7 +18,7 @@ GeoAlchemy2 = "==0.11.1"  # commons, geoportal
 geojson = "==2.5.0"  # geoportal
 getitfixed = "==1.0.29"  # geoportal
 isodate = "==0.6.1"  # geoportal
-Mako = "==1.2.0"  # geoportal
+Mako = "==1.2.2"  # geoportal
 OWSLib = "==0.25.0"  # geoportal
 papyrus = "==2.4"  # commons, geoportal
 passwordgenerator = "==1.5.1"  # geoportal
@@ -89,7 +89,7 @@ jinja2-time = "==0.2.0"
 jmespath = "==0.10.0"
 linesman = "==0.3.2"
 lingua = "==4.15.0"
-lxml = "==4.8.0"
+lxml = "==4.9.1"
 markupsafe = "==2.1.1"
 msal = "==1.17.0"
 msal-extensions = "==0.3.1"
@@ -137,12 +137,12 @@ stevedore = "==3.5.0"
 text-unidecode = "==1.3"
 toml = "==0.10.2"
 typing-extensions = "==4.1.1"
-ujson = "==5.2.0"
+ujson = "==5.4.0"
 urllib3 = "==1.26.8"
 venusian = "==3.0.0"
 waitress = "==2.1.2"
 webob = "==1.8.7"
-wrapt = "==1.14.0"
+wrapt = "==1.13.3"
 zipp = "==3.7.0"
 "zope.deprecation" = "==4.4.0"
 "zope.interface" = "==5.4.0"
@@ -154,9 +154,9 @@ Babel = "==2.9.1"  # i18n
 beautifulsoup4 = "==4.10.0"  # admin tests
 coverage = "==6.3.2"  # Build coverage XML for Codacy
 Jinja2 = "==3.0.3"  # c2c.template
-lingua = "==4.14"  # i18n
+lingua = "==4.15"  # i18n
 PasteScript = "==3.2.1"  # geoportal pcreate
-polib = "==1.1.0"  # i18n
+polib = "==1.1.1"  # i18n
 pykwalify = "==1.7.0"  # Validate config
 pytest-cov = "==3.0.0"  # tests
 transifex-client = "==0.14.4"  # Makefile