Skip to content

Commit 43d81fe

Browse files
mfleadermfleader
committed
fix: bump urllib3 to >=2.7.0 (CVE-2026-44432, CVE-2026-44431)
GHSA-mf9v-mfxr-j63j GHSA-qccp-gfcp-xxvc Only applies to release-0.4.x; urllib3 already >=2.7.0 on main. Signed-off-by: Matthew F Leader <mleader@redhat.com>
1 parent 19c07be commit 43d81fe

2 files changed

Lines changed: 10 additions & 10 deletions

File tree

pyproject.toml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -59,7 +59,7 @@ dependencies = [
5959
"starlette>=0.49.1",
6060
"psycopg2-binary",
6161
"tornado>=6.5.3",
62-
"urllib3>=2.6.3",
62+
"urllib3>=2.7.0",
6363
]
6464

6565
[project.optional-dependencies]

uv.lock

Lines changed: 9 additions & 9 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)