Skip to content
This repository was archived by the owner on Jan 17, 2025. It is now read-only.

Commit ca89aca

Browse files
falkzollfalkzoll
authored
Vulnerability fixes for the action loop, tornado, requests and flask. (#250)
- Bump to newer parent image (vulnerability fixes). - Bump tornado from 6.2 to 6.3.2 (vulnerability fixes). - Bump requests from 2.28.2 to 2.31.0 (vulnerability fixes). - Bump flask from 2.2.3 to 2.3.2 (vulnerability fixes).
1 parent 6ad3f2d commit ca89aca

File tree

3 files changed

+25
-10
lines changed

3 files changed

+25
-10
lines changed

python3.11/CHANGELOG.md

+15
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,21 @@
99
- [pypi ibm-watson](https://pypi.org/project/ibm-watson/)
1010
- [github ibm-watson](https://github.com/watson-developer-cloud/python-sdk)
1111

12+
## 1.1.0
13+
Changes:
14+
- Bump to newer parent image (vulnerability fixes).
15+
- Bump tornado from 6.2 to 6.3.2 (vulnerability fixes).
16+
- Bump requests from 2.28.2 to 2.31.0 (vulnerability fixes).
17+
- Bump flask from 2.2.3 to 2.3.2 (vulnerability fixes).
18+
19+
Python version:
20+
- [3.11.3](https://www.python.org/downloads/release/python-3113/)
21+
22+
Python packages:
23+
- The file [requirements.txt](requirements.txt) lists the packages we guarantee to be included in this runtime.<br/>
24+
Ensure that you only use packages mentioned there.<br/>
25+
Other python packages might be part of this runtime, but only due to indirect dependencies of the above listed packages. These indirectly included packages are candidates to be removed at any time in case they are not required by the referring package anymore.
26+
1227
## 1.0.0
1328
Changes:
1429
- actionloop proxy version [email protected]

python3.11/Dockerfile

+1-1
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
FROM openwhisk/action-python-v3.11:48b8a60
1+
FROM openwhisk/action-python-v3.11:3ed072d
22

33
COPY requirements.txt requirements.txt
44

python3.11/requirements.txt

+9-9
Original file line numberDiff line numberDiff line change
@@ -8,20 +8,20 @@
88

99
# Setup modules
1010
gevent == 22.10.2
11-
flask == 2.2.3
11+
flask == 2.3.2
1212

1313
# default available packages for python3action
1414
beautifulsoup4 == 4.11.2
1515
httplib2 == 0.21.0
1616
kafka_python == 2.0.2
1717
lxml == 4.9.2
18-
python-dateutil == 2.8.2
19-
requests == 2.28.2
20-
scrapy == 2.8.0
21-
simplejson == 3.18.3
22-
virtualenv == 20.20.0
23-
twisted == 22.10.0
24-
PyJWT == 2.6.0
18+
python-dateutil == 2.8.2
19+
requests == 2.31.0
20+
scrapy == 2.8.0
21+
simplejson == 3.18.3
22+
virtualenv == 20.20.0
23+
twisted == 22.10.0
24+
PyJWT == 2.6.0
2525

2626
# packages for numerics
2727
numpy == 1.24.2
@@ -50,7 +50,7 @@ etcd3 == 0.12.0
5050

5151
# Other required modules
5252
botocore == 1.29.86
53-
tornado == 6.2
53+
tornado == 6.3.2
5454

5555
# required for etcd3 to work correctly can be removed at any time do not use in your own actions
5656
protobuf==4.22.1

0 commit comments

Comments
 (0)