Upgrade aiohttp for cve 2024-23829 (#15257)

author: Jake Jackson <jljacks93@gmail.com> 2024-06-12 21:20:40 +0200
committer: GitHub <noreply@github.com> 2024-06-12 21:20:40 +0200
commit: bfd811f408be26d49c3e8e5063545cb4f93a8f95 (patch)
tree: bd1c7f6f4d056c29dc8951aab4fe560545aef41b /requirements
parent: Change all uses of ImplicitRoleField to do on_delete=SET_NULL (diff)
download: awx-bfd811f408be26d49c3e8e5063545cb4f93a8f95.tar.xz
awx-bfd811f408be26d49c3e8e5063545cb4f93a8f95.zip
2 files changed, 2 insertions, 2 deletions
diff --git a/requirements/requirements.in b/requirements/requirements.in
index 0911f59c40..3dc2bb6a46 100644
--- a/requirements/requirements.in
+++ b/requirements/requirements.in
@@ -1,4 +1,4 @@
-aiohttp>=3.8.6  # CVE-2023-47627
+aiohttp>=3.9.4 # CVE-2024-30251
 ansiconv==1.0.0  # UPGRADE BLOCKER: from 2013, consider replacing instead of upgrading
 asciichartpy
 asn1
diff --git a/requirements/requirements.txt b/requirements/requirements.txt
index 447dd5ec36..59241c34fd 100644
--- a/requirements/requirements.txt
+++ b/requirements/requirements.txt
@@ -1,6 +1,6 @@
 adal==1.2.7
     # via msrestazure
-aiohttp==3.9.3
+aiohttp==3.9.5
     # via
     #   -r /awx_devel/requirements/requirements.in
     #   aiohttp-retry
author	Jake Jackson <jljacks93@gmail.com>	2024-06-12 21:20:40 +0200
committer	GitHub <noreply@github.com>	2024-06-12 21:20:40 +0200
commit	bfd811f408be26d49c3e8e5063545cb4f93a8f95 (patch)
tree	bd1c7f6f4d056c29dc8951aab4fe560545aef41b /requirements
parent	Change all uses of ImplicitRoleField to do on_delete=SET_NULL (diff)
download	awx-bfd811f408be26d49c3e8e5063545cb4f93a8f95.tar.xz awx-bfd811f408be26d49c3e8e5063545cb4f93a8f95.zip