anoopmb
/
frappe
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

build: Upgrade Pillow dependency 

This upgrade handles multiple high severity vulnerabilities. I've not
checked the affected code in great depth but the APIs we use may be
affected. If they could actually be exploited is another matter which
would take a whole lotta effort which I'd rather not test xD

Fixes: CWE-74, CWE-125, CWE-120, CWE-125, CWE-400
CVE IDs: CVE-2022-22817, CVE-2022-22816, CVE-2021-34552, CVE-2021-23437
version-14
Gavin D'souza 3 years ago
parent
5798cfaf4c
commit
adc69cb3ec
1 changed files with 1 additions and 1 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +1
    -1
      requirements.txt

+ 1
- 1
requirements.txt View File

@@ -32,7 +32,7 @@ openpyxl~=3.0.7
passlib~=1.7.4
paytmchecksum~=1.7.0
pdfkit~=0.6.1
Pillow~=8.2.0
Pillow~=9.0.0
premailer~=3.8.0
psutil~=5.8.0
psycopg2-binary~=2.9.1


Write Preview
Loading…
Cancel
Save