vassili/seitime-frappe
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

build: Upgrade Pillow dependency

Browse source 
This upgrade handles multiple high severity vulnerabilities. I've not
checked the affected code in great depth but the APIs we use may be
affected. If they could actually be exploited is another matter which
would take a whole lotta effort which I'd rather not test xD

Fixes: CWE-74, CWE-125, CWE-120, CWE-125, CWE-400
CVE IDs: CVE-2022-22817, CVE-2022-22816, CVE-2021-34552, CVE-2021-23437
This commit is contained in:
Gavin D'souza 2022-02-09 12:19:43 +05:30
parent 5798cfaf4c
commit adc69cb3ec
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
requirements.txt
View file

@ -32,7 +32,7 @@ openpyxl~=3.0.7
passlib~=1.7.4
paytmchecksum~=1.7.0
pdfkit~=0.6.1
Pillow~=8.2.0
Pillow~=9.0.0
premailer~=3.8.0
psutil~=5.8.0
psycopg2-binary~=2.9.1