diff --git a/CHANGELOG.md b/CHANGELOG.md index 1a646dc41791..adc25267b522 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -29,7 +29,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ### Security -- TDB +- Security upgrade Pillow from 9.3.0 to 10.0.1 + () ## \[2.7.2\] - 2023-09-25 diff --git a/cvat/requirements/base.in b/cvat/requirements/base.in index b66c308984a1..3e58ce5d2226 100644 --- a/cvat/requirements/base.in +++ b/cvat/requirements/base.in @@ -41,7 +41,7 @@ opencv-python-headless==4.5.5.62 patool==1.12 pdf2image==1.14.0 -Pillow==9.3.0 +Pillow>=10.0.1 psutil==5.9.4 psycopg2-binary==2.9.5 python-ldap==3.4.3 diff --git a/cvat/requirements/base.txt b/cvat/requirements/base.txt index 908eae7fd79c..72e09fbe4e65 100644 --- a/cvat/requirements/base.txt +++ b/cvat/requirements/base.txt @@ -1,4 +1,4 @@ -# SHA1:2d160f9f528eea85db9d4a918b2f6eeac55237b5 +# SHA1:a0efa2c9321894eb42efb7d7d1338b0749034f97 # # This file is autogenerated by pip-compile-multi # To update, run: @@ -349,6 +349,7 @@ six==1.16.0 # astunparse # azure-core # furl + # google-auth # google-pasta # isodate # orderedmultidict diff --git a/utils/dataset_manifest/requirements.in b/utils/dataset_manifest/requirements.in index a5a7b3bae83c..6bbaaa92eeed 100644 --- a/utils/dataset_manifest/requirements.in +++ b/utils/dataset_manifest/requirements.in @@ -1,5 +1,5 @@ av==9.2.0 # Pinned for the whole CVAT natsort>=8.0.0 opencv-python-headless>=4.4.0.42 -Pillow==9.3.0 +Pillow>=10.0.1 tqdm>=4.58.0 diff --git a/utils/dataset_manifest/requirements.txt b/utils/dataset_manifest/requirements.txt index ef831ebd6f39..986a4a640636 100644 --- a/utils/dataset_manifest/requirements.txt +++ b/utils/dataset_manifest/requirements.txt @@ -1,4 +1,4 @@ -# SHA1:28d323bec97cee6586d917faf4c7f58199475771 +# SHA1:2c4fe23872675e963864abe27e1644f42865f712 # # This file is autogenerated by pip-compile-multi # To update, run: @@ -13,7 +13,7 @@ numpy==1.22.4 # via opencv-python-headless opencv-python-headless==4.5.5.62 # via -r utils/dataset_manifest/requirements.in -pillow==9.3.0 +pillow==10.0.1 # via -r utils/dataset_manifest/requirements.in tqdm==4.66.1 # via -r utils/dataset_manifest/requirements.in