Upgrade PyYAML

CVE-2017-18342
Vulnerable versions: < 4.2b1
Patched version: 4.2b1
In PyYAML before 4.1, the yaml.load() API could execute arbitrary code. In other words, yaml.safe_load is not used.
master
Tim Möhlmann 6 years ago committed by GitHub
parent d515353f34
commit 3c7bf58211
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

@ -34,7 +34,7 @@ pyOpenSSL==18.0.0
python-dateutil==2.7.5 python-dateutil==2.7.5
python-editor==1.0.3 python-editor==1.0.3
pytz==2018.7 pytz==2018.7
PyYAML==3.13 PyYAML==4.2b1
redis==3.0.1 redis==3.0.1
six==1.11.0 six==1.11.0
SQLAlchemy==1.2.13 SQLAlchemy==1.2.13

Loading…
Cancel
Save