Fix CVE

-> Vulnerability found in lxml version 4.6.5 Vulnerability ID: 50748 Affected spec: <4.9.1 ADVISORY: Lxml 4.9.1 include a fix for CVE-2022-2309: NULL Pointer Dereference allows attackers to cause a denial of service (or application... CVE-2022-2309 For more information, please visit https://pyup.io/vulnerabilities/CVE-2022-2309/50748/ -> Vulnerability found in mako version 1.1.3 Vulnerability ID: 50870 Affected spec: <1.2.2 ADVISORY: Mako 1.2.2 includes a fix for a REDoS vulnerability.sqlalchemy/mako#366 PVE-2022-50870 For more information, please visit https://pyup.io/vulnerabilities/PVE-2022-50870/50870/
camptocamp · Sep 30, 2022 · 466c306 · 466c306
1 parent f44029d
commit 466c306
Show file tree

Hide file tree

Showing 4 changed files with 179 additions and 138 deletions.
diff --git a/acceptance_tests/Pipfile b/acceptance_tests/Pipfile
@@ -25,8 +25,8 @@ importlib-metadata = "==4.10.1"
 importlib-resources = "==5.4.0"
 iniconfig = "==1.1.1"
 jinja2 = "==3.0.3"
-lxml = "==4.7.1"
-mako = "==1.1.6"
+lxml = "==4.9.1"
+mako = "==1.2.2"
 markupsafe = "==2.0.1"
 netifaces = "==0.11.0"
 oauthlib = "==3.2.0"

diff --git a/acceptance_tests/Pipfile.lock b/acceptance_tests/Pipfile.lock
diff --git a/api/Pipfile b/api/Pipfile
@@ -26,8 +26,8 @@ hupper = "==1.10.3"
 idna = "==3.3"
 importlib-metadata = "==4.10.1"
 importlib-resources = "==5.4.0"
-lxml = "==4.7.1"
-mako = "==1.1.6"
+lxml = "==4.9.1"
+mako = "==1.2.2"
 markupsafe = "==2.0.1"
 netifaces = "==0.11.0"
 oauthlib = "==3.2.0"