Skip to content

Commit

Permalink
Update pipfile dependency versions
Browse files Browse the repository at this point in the history 
Includes this vulnerability fix for urllib3:

The urllib3 library 1.26.x before 1.26.4 for Python omits SSL
certificate validation in some cases involving HTTPS to HTTPS
proxies. The initial connection to the HTTPS proxy (if an SSLContext
isn't given via proxy_config) doesn't verify the hostname of the
certificate. This means certificates for different servers that still
validate properly with the default urllib3 SSLContext will be silently
accepted. See CVE-2021-28363.
  • Loading branch information
@chigby
chigby committed Apr 5, 2021
1 parent 2bf7532 commit 7e14f50
Showing 1 changed file with 73 additions and 63 deletions.
136 changes: 73 additions & 63 deletions Pipfile.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

0 comments on commit 7e14f50

Please sign in to comment.