You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@flink.apache.org by ma...@apache.org on 2022/06/21 06:41:29 UTC
[flink] branch master updated: [FLINK-28147][Python] Update httplib2 to at least 0.19.0 to address CVE-2021-21240
This is an automated email from the ASF dual-hosted git repository.
martijnvisser pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/flink.git
The following commit(s) were added to refs/heads/master by this push:
new dcb77049d21 [FLINK-28147][Python] Update httplib2 to at least 0.19.0 to address CVE-2021-21240
dcb77049d21 is described below
commit dcb77049d21b586d4669229a8248da72ef6fdcf7
Author: Martijn Visser <ma...@apache.org>
AuthorDate: Mon Jun 20 13:14:41 2022 +0200
[FLINK-28147][Python] Update httplib2 to at least 0.19.0 to address CVE-2021-21240
---
flink-python/dev/dev-requirements.txt | 2 +-
flink-python/setup.py | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/flink-python/dev/dev-requirements.txt b/flink-python/dev/dev-requirements.txt
index c74ae976056..3f247d41837 100755
--- a/flink-python/dev/dev-requirements.txt
+++ b/flink-python/dev/dev-requirements.txt
@@ -32,4 +32,4 @@ fastavro>=1.1.0,<1.4.8
grpcio>=1.29.0,<2
grpcio-tools>=1.3.5,<=1.14.2
pemja==0.1.5; python_version >= '3.7' and platform_system != 'Windows'
-httplib2>=0.8,<0.19.0
+httplib2>=0.19.0,<=0.20.4
diff --git a/flink-python/setup.py b/flink-python/setup.py
index c211b724be9..7bc3009e1e5 100644
--- a/flink-python/setup.py
+++ b/flink-python/setup.py
@@ -303,7 +303,7 @@ try:
'protobuf<3.18',
'pemja==0.1.5;'
'python_full_version >= "3.7" and platform_system != "Windows"',
- 'httplib2>=0.8,<0.19.0', apache_flink_libraries_dependency]
+ 'httplib2>=0.19.0,<=0.20.4', apache_flink_libraries_dependency]
if sys.version_info < (3, 7):
# python 3.6 upper and lower limit