From bfd811f408be26d49c3e8e5063545cb4f93a8f95 Mon Sep 17 00:00:00 2001
From: Jake Jackson <jljacks93@gmail.com>
Date: Wed, 12 Jun 2024 15:20:40 -0400
Subject: [PATCH] Upgrade aiohttp for cve 2024-23829 (#15257)

---
 requirements/requirements.in  | 2 +-
 requirements/requirements.txt | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/requirements/requirements.in b/requirements/requirements.in
index 0911f59c40..3dc2bb6a46 100644
--- a/requirements/requirements.in
+++ b/requirements/requirements.in
@@ -1,4 +1,4 @@
-aiohttp>=3.8.6  # CVE-2023-47627
+aiohttp>=3.9.4 # CVE-2024-30251
 ansiconv==1.0.0  # UPGRADE BLOCKER: from 2013, consider replacing instead of upgrading
 asciichartpy
 asn1
diff --git a/requirements/requirements.txt b/requirements/requirements.txt
index 447dd5ec36..59241c34fd 100644
--- a/requirements/requirements.txt
+++ b/requirements/requirements.txt
@@ -1,6 +1,6 @@
 adal==1.2.7
     # via msrestazure
-aiohttp==3.9.3
+aiohttp==3.9.5
     # via
     #   -r /awx_devel/requirements/requirements.in
     #   aiohttp-retry