fix: Bump dependencies, fix for CVE-2019-10906

2019-04-15 13:20:13 +02:00 · 2019-04-15 13:20:13 +02:00 · 86180c080b
parent 28013297ef
commit 86180c080b
3 changed files with 20 additions and 17 deletions
--- a/1
+++ b/1
@ -23,6 +23,7 @@ pycountry = "*"
 pid = {editable = true,git = "https://github.com/trbs/pid.git/"}
 pytaxonomies = {editable = true,git = "https://github.com/MISP/PyTaxonomies.git"}
 pymispgalaxies = {editable = true,git = "https://github.com/MISP/PyMISPGalaxies.git"}
+Jinja2 = ">=2.10.1"  # CVE-2019-10906

 [requires]
 python_version = "3.6"
--- a/Pipfile.lock
+++ b/Pipfile.lock
@ -1,7 +1,7 @@
 {
    "_meta": {
        "hash": {
-            "sha256": "9557fa611b966272dc5c04cd5903157da1ae4746ef6b3a2392e4640df7858ca3"
+            "sha256": "018045f58b842359bf5cd1f3342839f80ab2a9cb9359f8963e7167a01c15231b"
        },
        "pipfile-spec": 6,
        "requires": {
@ -238,6 +238,7 @@
                "sha256:065c4f02ebe7f7cf559e49ee5a95fb800a9e4528727aec6f24402a5374c65013",
                "sha256:14dd6caf1527abb21f08f86c784eac40853ba93edb79552aa1e4b8aef1b61c7b"
            ],
+            "index": "pypi",
            "version": "==2.10.1"
        },
        "markupsafe": {
@ -391,10 +392,10 @@
        },
        "soupsieve": {
            "hashes": [
-                "sha256:3aef141566afd07201b525c17bfaadd07580a8066f82b57f7c9417f26adbd0a3",
-                "sha256:e41a65e99bd125972d84221022beb1e4b5cfc68fa12c170c39834ce32d1b294c"
+                "sha256:6898e82ecb03772a0d82bd0d0a10c0d6dcc342f77e0701d0ec4a8271be465ece",
+                "sha256:b20eff5e564529711544066d7dc0f7661df41232ae263619dede5059799cdfca"
            ],
-            "version": "==1.9"
+            "version": "==1.9.1"
        },
        "typing-extensions": {
            "hashes": [
--- a/requirements.txt
+++ b/requirements.txt
@ -1,38 +1,39 @@
 -i https://pypi.org/simple
 -e .
+-e ./client
+-e git+https://github.com/D4-project/IPASN-History.git/@a87c1293a02be638d50b75d98b7ecc5f91e16a4f#egg=pyipasnhistory&subdirectory=client
+-e git+https://github.com/MISP/PyMISPGalaxies.git@2c6b999f91594536afff8c131d3074a91bf552ff#egg=pymispgalaxies
+-e git+https://github.com/MISP/PyTaxonomies.git@2a1139d4cf1125acdaf9433497aca3c9e634d119#egg=pytaxonomies
+-e git+https://github.com/trbs/pid.git/@62e5f4a289ede9e55887e5279ca50a5063034dcd#egg=pid
 aiohttp==3.5.4
 async-timeout==3.0.1
-attrs==18.2.0
+attrs==19.1.0
 beautifulsoup4==4.7.1
-certifi==2018.11.29
+certifi==2019.3.9
 chardet==3.0.4
 click==7.0
 dominate==2.3.5
 flask-bootstrap==3.3.7.1
 flask==1.0.2
 gevent==1.4.0
-git+https://github.com/D4-project/IPASN-History.git/@54857344c412a903df2abe67a8855f2fcaeef4a8#egg=pyipasnhistory&subdirectory=client
-git+https://github.com/MISP/PyMISPGalaxies.git@0972f986ffa4969163b9d83a7f6b222937e485f5#egg=pymispgalaxies
-git+https://github.com/MISP/PyTaxonomies.git@53bd970ec14160380f092e4dc5bcd53a73662419#egg=pytaxonomies
-git+https://github.com/trbs/pid.git/@0efff53af4554dfc8e06a2627809baa84d13b732#egg=pid
 greenlet==0.4.15 ; platform_python_implementation == 'CPython'
 gunicorn[gevent]==19.9.0
-hiredis==0.3.1
+hiredis==1.0.0
 idna-ssl==1.1.0 ; python_version < '3.7'
 idna==2.8
 itsdangerous==1.1.0
-jinja2==2.10
-markupsafe==1.1.0
+jinja2==2.10.1
+markupsafe==1.1.1
 multidict==4.5.2
 pycountry==18.12.8
-python-dateutil==2.7.5
-redis==3.0.1
+python-dateutil==2.8.0
+redis==3.2.1
 requests==2.21.0
 simplejson==3.16.0
 six==1.12.0
-soupsieve==1.7.1
+soupsieve==1.9.1
 typing-extensions==3.7.2 ; python_version < '3.7'
 urllib3==1.24.1
 visitor==0.1.3
-werkzeug==0.14.1
+werkzeug==0.15.2
 yarl==1.3.0