Update Pillow version to incorporate a fix for a denial-of-service vulnerability (which should not affect this application however, as it does not use Pillow to process external images):
https://nvd.nist.gov/vuln/detail/CVE-2019-16865 Signed-off-by: Paul Eggleton <paul.eggle...@linux.intel.com> --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 855b7344..84f2ea54 100644 --- a/requirements.txt +++ b/requirements.txt @@ -19,7 +19,7 @@ gitdb2==2.0.6 GitPython==2.1.13 kombu==4.6.3 mysqlclient==1.4.4 -Pillow==6.1.0 +Pillow==6.2.1 pytz==2019.2 six==1.12.0 smmap2==2.0.5 -- 2.20.1 -- _______________________________________________ yocto mailing list yocto@yoctoproject.org https://lists.yoctoproject.org/listinfo/yocto
