Upgrade aiohttp for cve 2024-23829 (#15257)

2026-02-24 14:36:00 -03:30 · 2024-06-12 15:20:40 -04:00
parent 030704a9e1
commit bfd811f408
2 changed files with 2 additions and 2 deletions
--- a/requirements/requirements.in
+++ b/requirements/requirements.in
@@ -1,4 +1,4 @@
-aiohttp>=3.8.6  # CVE-2023-47627
+aiohttp>=3.9.4 # CVE-2024-30251
 ansiconv==1.0.0  # UPGRADE BLOCKER: from 2013, consider replacing instead of upgrading
 asciichartpy
 asn1
--- a/requirements/requirements.txt
+++ b/requirements/requirements.txt
@@ -1,6 +1,6 @@
 adal==1.2.7
    # via msrestazure
-aiohttp==3.9.3
+aiohttp==3.9.5
    # via
    #   -r /awx_devel/requirements/requirements.in
    #   aiohttp-retry