From 218b94c948b12db1f529a28d929d49cb8d7d488f Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Fri, 2 Feb 2024 01:03:16 +0000
Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-CELERY-6219991
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6219984
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6219986
---
 requirements.txt | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/requirements.txt b/requirements.txt
index afde4698..cf8e2f70 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -4,7 +4,7 @@ psycopg2==2.4.1
 wsgiref==0.1.2
 scielo-django-extensions==0.4
 ordereddict==1.1
-pillow==2.3.0
+pillow==10.2.0
 django-widget-tweaks==1.1.1
 lxml
 pyyaml
@@ -14,7 +14,7 @@ jsonfield
 django-tastypie==0.9.16
 django-htmlmin==0.7.0
 packtools==2.1
-celery==3.1.25
+celery==4.4.0rc5
 django-celery==3.1.16
 defusedxml==0.4.1
 cython