Merge pull request #3110 from SeldonIO/revert-3082-dependabot/pip/pyt…

…hon/urllib3-1.26.4 Revert "Bump urllib3 from 1.25.9 to 1.26.4 in /python"
SeldonIO · Apr 7, 2021 · b7c89cd · b7c89cd
2 parents 228b417 + e93fa87
commit b7c89cd
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/python/setup.py b/python/setup.py
@@ -45,7 +45,7 @@
         # Addresses CVE PRISMA-2021-0020
         "click >= 8.0.0a1, < 8.1",
         # Addresses CVE CVE-2019-11236 and CVE-2020-26137
-        "urllib3 == 1.26.4",
+        "urllib3 == 1.25.9",
     ],
     extras_require=extras,
     entry_points={