From 72d73656abd1fae17fb0f2532b503873f203d6b3 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sat, 4 Nov 2023 05:12:00 +0000 Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-6041515 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6043904 --- requirements.txt | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/requirements.txt b/requirements.txt index afde4698..75c8ddfd 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,10 +1,10 @@ -Django<1.5 +Django<3.2.23 South psycopg2==2.4.1 wsgiref==0.1.2 scielo-django-extensions==0.4 ordereddict==1.1 -pillow==2.3.0 +pillow==10.0.0 django-widget-tweaks==1.1.1 lxml pyyaml