[Qgis-community-team] Security msg from github
Richard Duivenvoorde
rdmailings at duif.net
Sun Nov 11 22:58:26 PST 2018
Hi,
On the QGIS-Documentation repository I got a message from github,
telling us we use a component with a security issue ("moderate
severity")in it, pointing to:
https://github.com/qgis/QGIS-Documentation/network/alert/REQUIREMENTS.txt/requests/open
Pointing to
https://nvd.nist.gov/vuln/detail/CVE-2018-18074
It's about the used python requests-module, and tells us:
Upgrade requests to version 2.20.0 or later.
Apparently we use an older version-nr in our REQUIREMENTS.txt.
Please remind me to do this, or can somebody else try/test.
Regards,
Richard Duivenvoorde
More information about the Qgis-community-team
mailing list