Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update dependency PyYAML to v5 - abandoned #9

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

mend-for-github-com[bot]
Copy link

@mend-for-github-com mend-for-github-com bot commented Nov 10, 2020

This PR contains the following updates:

Package Update Change
PyYAML (source) major ==3.12 -> ==5.3.1

By merging this PR, the below issues will be automatically resolved and closed:

Severity CVSS Score CVE GitHub Issue
High 9.8 CVE-2020-1747 #3
High 9.8 CVE-2017-18342 #2

Release Notes

yaml/pyyaml

v5.3.1

Compare Source

v5.3

Compare Source

v5.2

Compare Source

v5.1.2

Compare Source

  • Re-release of 5.1 with regenerated Cython sources to build properly for Python 3.8b2+

v5.1.1

Compare Source

  • Re-release of 5.1 with regenerated Cython sources to build properly for Python 3.8b1

v5.1

Compare Source

  • Re-release of 5.1 with regenerated Cython sources to build properly for Python 3.8b2+

v3.13

Compare Source

  • Resolved issues around PyYAML working in Python 3.7.

  • If you want to rebase/retry this PR, click this checkbox.

@mend-for-github-com mend-for-github-com bot added the security fix Security fix generated by WhiteSource label Nov 10, 2020
@mend-for-github-com mend-for-github-com bot changed the title Update dependency PyYAML to v5 Update dependency PyYAML to v5 - abandoned Mar 23, 2023
@mend-for-github-com
Copy link
Author

Autoclosing Skipped

This PR has been flagged for autoclosing. However, it is being skipped due to the branch being already modified. Please close/delete it manually or report a bug if you think this is in error.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
security fix Security fix generated by WhiteSource
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants