Home Explore Help
Sign In
SMusatov
/
sentry
mirror of https://github.com/getsentry/sentry
1
0
Fork 0
Files
Browse Source

fix: Upgrade requests (#10383)

Scan report:

╞════════════════════════════╤═══════════╤══════════════════════════╤══════════╡
│ package                    │ installed │ affected                 │ ID       │
╞════════════════════════════╧═══════════╧══════════════════════════╧══════════╡
│ requests                   │ 2.18.4    │ <2.19.1                  │ 36546    │
╞══════════════════════════════════════════════════════════════════════════════╡
│ The Requests package before 2.19.1 sends an HTTP Authorization header to an  │
│ http URI upon receiving a same-hostname https-to-http redirect, which makes  │
│ it easier for remote attackers to discover credentials by sniffing the netwo │
│ rk.                                                                          │
╘══════════════════════════════════════════════════════════════════════════════╛
Brett Hoerner 6 years ago
parent
bc56832416
commit
edbcc57d87
1 changed files with 1 additions and 1 deletions
Unified View Show Diff Stats
  1. 1 1
      requirements-base.txt

+ 1 - 1
requirements-base.txt
View File 

@@ -51,7 +51,7 @@ querystring_parser>=1.2.3,<2.0.0
 
 rb>=1.7.0,<2.0.0
 
 rb>=1.7.0,<2.0.0
 
 redis-py-cluster==1.3.4
 
 redis-py-cluster==1.3.4
 
 redis>=2.10.3,<2.10.6
 
 redis>=2.10.3,<2.10.6
 
-requests[security]>=2.18.4,<2.19.0
 
+requests[security]>=2.20.0,<2.21.0
 
 selenium==3.11.0
 
 selenium==3.11.0
 
 semaphore>=0.2.0,<0.3.0
 
 semaphore>=0.2.0,<0.3.0
 
 sentry-sdk>=0.5.0,<0.6
 
 sentry-sdk>=0.5.0,<0.6