diff --git a/CHANGELOG.md b/CHANGELOG.md index 1d1a98afa47e..97f00bb188fc 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -23,7 +23,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 - Incorrect task progress report for 3rdparty users (<https://github.com/opencv/cvat/pull/6834>) ### Security -- TDB +- Security upgrade gitpython from 3.1.33 to 3.1.35 (<https://github.com/opencv/cvat/pull/6843>) +- Security upgrade numpy from 1.22.0 to 1.22.4 (<https://github.com/opencv/cvat/pull/6843>) ## \[2.6.2\] - 2023-09-06 diff --git a/cvat/requirements/base.in b/cvat/requirements/base.in index 16cd4c3bc6c6..19d8451095b3 100644 --- a/cvat/requirements/base.in +++ b/cvat/requirements/base.in @@ -33,7 +33,7 @@ furl==2.1.0 GitPython~=3.1 google-cloud-storage==1.42.0 natsort==8.0.0 -numpy==1.22.0 +numpy~=1.22.2 opencv-python-headless==4.5.5.62 # The package is used by pyunpack as a command line tool to support multiple diff --git a/cvat/requirements/base.txt b/cvat/requirements/base.txt index f3e82c34ebf2..9be146276e65 100644 --- a/cvat/requirements/base.txt +++ b/cvat/requirements/base.txt @@ -1,4 +1,4 @@ -# SHA1:b4a177c55f0172c771a0139f2b9708842a312a65 +# SHA1:7ab16f5d78e7e4021ac2afdd00ad118500dcbdad # # This file is autogenerated by pip-compile-multi # To update, run: @@ -134,7 +134,7 @@ gast==0.4.0 # via tensorflow gitdb==4.0.10 # via gitpython -gitpython==3.1.33 +gitpython==3.1.35 # via -r cvat/requirements/base.in google-api-core==2.11.1 # via diff --git a/utils/dataset_manifest/requirements.txt b/utils/dataset_manifest/requirements.txt index 8b062ddf20c6..ef831ebd6f39 100644 --- a/utils/dataset_manifest/requirements.txt +++ b/utils/dataset_manifest/requirements.txt @@ -9,7 +9,7 @@ av==9.2.0 # via -r utils/dataset_manifest/requirements.in natsort==8.0.0 # via -r utils/dataset_manifest/requirements.in -numpy==1.22.0 +numpy==1.22.4 # via opencv-python-headless opencv-python-headless==4.5.5.62 # via -r utils/dataset_manifest/requirements.in