[lxc-devel] [pylxd/master] Update requests to minimum version 2.20.0
ajkavanagh on Github
lxc-bot at linuxcontainers.org
Thu Jan 17 14:32:49 UTC 2019
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 406 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20190117/38097fd5/attachment.bin>
-------------- next part --------------
From a3b551fe8a511e41329f99d4ed35376d11f72815 Mon Sep 17 00:00:00 2001
From: Alex Kavanagh <alex.kavanagh at canonical.com>
Date: Thu, 17 Jan 2019 14:29:57 +0000
Subject: [PATCH] Update requests to minimum version 2.20.0
This is due to a medium security alert: CVE-2018-18074.
https://nvd.nist.gov/vuln/detail/CVE-2018-18074
---
requirements.txt | 2 +-
setup.py | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/requirements.txt b/requirements.txt
index 1098cc90..bb3c981b 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -2,7 +2,7 @@ pbr>=1.6
python-dateutil>=2.4.2
six>=1.9.0
ws4py!=0.3.5,>=0.3.4 # 0.3.5 is broken for websocket support
-requests!=2.8.0,!=2.12.0,!=2.12.1,>=2.5.2
+requests>=2.20.0
requests-unixsocket>=0.1.5
requests-toolbelt>=0.8.0
cryptography!=1.3.0,>=1.0
diff --git a/setup.py b/setup.py
index e770088b..ddfcb924 100644
--- a/setup.py
+++ b/setup.py
@@ -29,7 +29,7 @@
'pbr>=1.8',
],
install_requires=[
- 'requests!=2.8.0,>=2.5.2',
+ 'requests>=2.20.0',
# >= 0.1.5 needed for HTTP_PROXY support
'requests-unixsocket>=0.1.5',
],
More information about the lxc-devel
mailing list