On 10/6/23 03:41, Simon Glass wrote:
On Thu, 5 Oct 2023 at 10:27, Tom Rini <tr...@konsulko.com> wrote:
While not a direct issue for us, urllib3 before 1.26.17 is vulnerable to
CVE-2023-43804 to bump our version up.
The same bug is also fixed in 2.0.6. Why should we stick with the old
series? I could not see any issues building the documentation locally
and on Github with 2.0.6.
Best regards
Heinrich
Reported-by: GitHub dependabot
Signed-off-by: Tom Rini <tr...@konsulko.com>
---
Cc: Heinrich Schuchardt <xypron.g...@gmx.de>
---
doc/sphinx/requirements.txt | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Reviewed-by: Simon Glass <s...@chromium.org>
