From 86180c080ba5f83a5160a8295ebc263709aa4eba Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rapha=C3=ABl=20Vinot?= Date: Mon, 15 Apr 2019 13:20:13 +0200 Subject: [PATCH] fix: Bump dependencies, fix for CVE-2019-10906 --- Pipfile | 1 + Pipfile.lock | 9 +++++---- requirements.txt | 27 ++++++++++++++------------- 3 files changed, 20 insertions(+), 17 deletions(-) diff --git a/Pipfile b/Pipfile index 6f48c8d..50d690b 100644 --- a/Pipfile +++ b/Pipfile @@ -23,6 +23,7 @@ pycountry = "*" pid = {editable = true,git = "https://github.com/trbs/pid.git/"} pytaxonomies = {editable = true,git = "https://github.com/MISP/PyTaxonomies.git"} pymispgalaxies = {editable = true,git = "https://github.com/MISP/PyMISPGalaxies.git"} +Jinja2 = ">=2.10.1" # CVE-2019-10906 [requires] python_version = "3.6" diff --git a/Pipfile.lock b/Pipfile.lock index 1b120fa..44f2bc1 100644 --- a/Pipfile.lock +++ b/Pipfile.lock @@ -1,7 +1,7 @@ { "_meta": { "hash": { - "sha256": "9557fa611b966272dc5c04cd5903157da1ae4746ef6b3a2392e4640df7858ca3" + "sha256": "018045f58b842359bf5cd1f3342839f80ab2a9cb9359f8963e7167a01c15231b" }, "pipfile-spec": 6, "requires": { @@ -238,6 +238,7 @@ "sha256:065c4f02ebe7f7cf559e49ee5a95fb800a9e4528727aec6f24402a5374c65013", "sha256:14dd6caf1527abb21f08f86c784eac40853ba93edb79552aa1e4b8aef1b61c7b" ], + "index": "pypi", "version": "==2.10.1" }, "markupsafe": { @@ -391,10 +392,10 @@ }, "soupsieve": { "hashes": [ - "sha256:3aef141566afd07201b525c17bfaadd07580a8066f82b57f7c9417f26adbd0a3", - "sha256:e41a65e99bd125972d84221022beb1e4b5cfc68fa12c170c39834ce32d1b294c" + "sha256:6898e82ecb03772a0d82bd0d0a10c0d6dcc342f77e0701d0ec4a8271be465ece", + "sha256:b20eff5e564529711544066d7dc0f7661df41232ae263619dede5059799cdfca" ], - "version": "==1.9" + "version": "==1.9.1" }, "typing-extensions": { "hashes": [ diff --git a/requirements.txt b/requirements.txt index 4ae3a52..88bd51a 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,38 +1,39 @@ -i https://pypi.org/simple -e . +-e ./client +-e git+https://github.com/D4-project/IPASN-History.git/@a87c1293a02be638d50b75d98b7ecc5f91e16a4f#egg=pyipasnhistory&subdirectory=client +-e git+https://github.com/MISP/PyMISPGalaxies.git@2c6b999f91594536afff8c131d3074a91bf552ff#egg=pymispgalaxies +-e git+https://github.com/MISP/PyTaxonomies.git@2a1139d4cf1125acdaf9433497aca3c9e634d119#egg=pytaxonomies +-e git+https://github.com/trbs/pid.git/@62e5f4a289ede9e55887e5279ca50a5063034dcd#egg=pid aiohttp==3.5.4 async-timeout==3.0.1 -attrs==18.2.0 +attrs==19.1.0 beautifulsoup4==4.7.1 -certifi==2018.11.29 +certifi==2019.3.9 chardet==3.0.4 click==7.0 dominate==2.3.5 flask-bootstrap==3.3.7.1 flask==1.0.2 gevent==1.4.0 -git+https://github.com/D4-project/IPASN-History.git/@54857344c412a903df2abe67a8855f2fcaeef4a8#egg=pyipasnhistory&subdirectory=client -git+https://github.com/MISP/PyMISPGalaxies.git@0972f986ffa4969163b9d83a7f6b222937e485f5#egg=pymispgalaxies -git+https://github.com/MISP/PyTaxonomies.git@53bd970ec14160380f092e4dc5bcd53a73662419#egg=pytaxonomies -git+https://github.com/trbs/pid.git/@0efff53af4554dfc8e06a2627809baa84d13b732#egg=pid greenlet==0.4.15 ; platform_python_implementation == 'CPython' gunicorn[gevent]==19.9.0 -hiredis==0.3.1 +hiredis==1.0.0 idna-ssl==1.1.0 ; python_version < '3.7' idna==2.8 itsdangerous==1.1.0 -jinja2==2.10 -markupsafe==1.1.0 +jinja2==2.10.1 +markupsafe==1.1.1 multidict==4.5.2 pycountry==18.12.8 -python-dateutil==2.7.5 -redis==3.0.1 +python-dateutil==2.8.0 +redis==3.2.1 requests==2.21.0 simplejson==3.16.0 six==1.12.0 -soupsieve==1.7.1 +soupsieve==1.9.1 typing-extensions==3.7.2 ; python_version < '3.7' urllib3==1.24.1 visitor==0.1.3 -werkzeug==0.14.1 +werkzeug==0.15.2 yarl==1.3.0