update to the latest twisted to address two open CVEs

2026-01-14 19:30:39 -03:30 · 2020-03-31 13:47:56 -04:00 · 2020-03-31 13:47:56 -04:00 · 4423e6edae
commit 4423e6edae
parent 39460fb3d3
2 changed files with 2 additions and 1 deletions
--- a/requirements/requirements.in
+++ b/requirements/requirements.in
@ -46,6 +46,7 @@ requests-futures  # see library notes
 slackclient==1.1.2  # see UPGRADE BLOCKERs
 tacacs_plus==1.0  # UPGRADE BLOCKER: auth does not work with later versions
 twilio
+twisted[tls]>=20.3.0  # CVE-2020-10108, CVE-2020-10109
 uWSGI
 uwsgitop
 pip==19.3.1  # see UPGRADE BLOCKERs
--- a/requirements/requirements.txt
+++ b/requirements/requirements.txt
@ -118,7 +118,7 @@ sqlparse==0.3.1           # via django
 tacacs_plus==1.0          # via -r /awx_devel/requirements/requirements.in
 tempora==2.1.0            # via irc, jaraco.logging
 twilio==6.37.0            # via -r /awx_devel/requirements/requirements.in
-twisted[tls]==19.10.0     # via daphne
+twisted[tls]==20.3.0      # via -r /awx_devel/requirements/requirements.in, daphne
 txaio==20.1.1             # via autobahn
 typing-extensions==3.7.4.1  # via aiohttp
 urllib3==1.25.8           # via kubernetes, requests