[Qgis-community-team] Security msg from github
Alexandre Neto
senhor.neto at gmail.com
Mon Nov 12 08:25:47 PST 2018
I have created a ticket for that:
https://github.com/qgis/QGIS-Documentation/issues/3145
So that we don't forget.
Cheers,
Alex Neto
On Mon, Nov 12, 2018 at 6:58 AM Richard Duivenvoorde <rdmailings at duif.net>
wrote:
> Hi,
>
> On the QGIS-Documentation repository I got a message from github,
> telling us we use a component with a security issue ("moderate
> severity")in it, pointing to:
>
>
> https://github.com/qgis/QGIS-Documentation/network/alert/REQUIREMENTS.txt/requests/open
> Pointing to
> https://nvd.nist.gov/vuln/detail/CVE-2018-18074
>
> It's about the used python requests-module, and tells us:
> Upgrade requests to version 2.20.0 or later.
> Apparently we use an older version-nr in our REQUIREMENTS.txt.
>
> Please remind me to do this, or can somebody else try/test.
>
> Regards,
>
> Richard Duivenvoorde
> _______________________________________________
> Qgis-community-team mailing list for organizing community resources such
> as documentation, translation etc..
> Qgis-community-team at lists.osgeo.org
> https://lists.osgeo.org/mailman/listinfo/qgis-community-team
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osgeo.org/pipermail/qgis-community-team/attachments/20181112/e4f9b642/attachment.html>
More information about the Qgis-community-team
mailing list