![[ChimeraX Issue Tracking System]](/trac/ChimeraX/chrome/site/ChimeraX-icon.svg){kind=icon}
Opened 16 months ago
Closed 16 months ago
#15491 closed defect (fixed)
The version of 'requests' we depend on has been yanked due to a CVE
| Reported by: | Zach Pearson | Owned by: | Greg Couch |
|---|---|---|---|
| Priority: | high | Milestone: | 1.9 |
| Component: | Build System | Version: | |
| Keywords: | Cc: | chimerax-programmers | |
| Blocked By: | Blocking: | ||
| Notify when closed: | Platform: | all | |
| Project: | ChimeraX |
Description
In the build output
WARNING: The candidate selected for download or install is a yanked version: 'requests' candidate (version 2.32.0 at https://files.pythonhosted.org/packages/24/e8/09e8d662a9675a4e4f5dd7a8e6127b463a091d2703ed931a64aa66d00065/requests-2.32.0-py3-none-any.whl (from https://pypi.org/simple/requests/) (requires-python:>=3.8))
Reason for being yanked: Yanked due to conflicts with CVE-2024-35195 mitigation
Change History (2)
comment:1 by , 16 months ago
| Component: | Unassigned → Build System |
|---|---|
| Owner: | set to |
| Status: | new → assigned |
comment:2 by , 16 months ago
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
Note:
See TracTickets
for help on using tickets.
I updated requests to 2.32.3 since Greg said to just go ahead with it at our meeting.