From ad9d5543c067770ec9ccbdd8721641df96269748 Mon Sep 17 00:00:00 2001 From: Martin Zurowietz Date: Wed, 4 Oct 2023 08:56:48 +0200 Subject: [PATCH] Update vulnerable Pillow version --- .docker/worker.dockerfile | 2 +- requirements.txt | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.docker/worker.dockerfile b/.docker/worker.dockerfile index e3c457a9d..3f22309f5 100644 --- a/.docker/worker.dockerfile +++ b/.docker/worker.dockerfile @@ -114,7 +114,7 @@ RUN apk add --no-cache --virtual .build-deps \ libpng-dev \ && pip3 install --no-cache-dir \ PyExcelerate==0.6.7 \ - Pillow==9.3.* \ + Pillow==10.0.1 \ && apk del --purge .build-deps \ && rm -rf /var/cache/apk/* diff --git a/requirements.txt b/requirements.txt index 033f6b30a..5f46be82d 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,10 +1,10 @@ # This file is just used to get security alerts from GitHub. Make sure the versions match -# in .docker/app.dockerfile and .docker/worker.dockerfile. +# in .docker/worker.dockerfile. numpy==1.22.* opencv-contrib-python-headless==4.6.0 scipy==1.10.0 scikit-learn matplotlib==3.5.2 PyExcelerate==0.6.7 -Pillow==9.3.* +Pillow==10.0.1 Shapely==1.8.1