From df79fa4ae1a654d01e1ab5d26eb1dd626b18c944 Mon Sep 17 00:00:00 2001
From: Seth Foster <fosterseth@users.noreply.github.com>
Date: Mon, 16 Dec 2024 13:23:24 -0500
Subject: [PATCH] bump grpcio CVE-2024-11407 (#6766)

Signed-off-by: Seth Foster <fosterbseth@gmail.com>
---
 requirements/requirements.in  | 2 +-
 requirements/requirements.txt | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/requirements/requirements.in b/requirements/requirements.in
index 054feb2776..bbcf1a385d 100644
--- a/requirements/requirements.in
+++ b/requirements/requirements.in
@@ -29,7 +29,7 @@ djangorestframework>=3.15.2
 djangorestframework-yaml
 filelock
 GitPython>=3.1.37  # CVE-2023-41040
-grpcio<1.63.0 # 1.63.0+ requires cython>=3
+grpcio>=1.68.0  # CVE-2024-11407
 irc
 jinja2>=3.1.3  # CVE-2024-22195
 JSON-log-formatter
diff --git a/requirements/requirements.txt b/requirements/requirements.txt
index 0d26f0e59e..836ce00726 100644
--- a/requirements/requirements.txt
+++ b/requirements/requirements.txt
@@ -198,7 +198,7 @@ googleapis-common-protos==1.63.0
     # via
     #   opentelemetry-exporter-otlp-proto-grpc
     #   opentelemetry-exporter-otlp-proto-http
-grpcio==1.62.2
+grpcio==1.68.1
     # via
     #   -r /awx_devel/requirements/requirements.in
     #   opentelemetry-exporter-otlp-proto-grpc