SharonKoch / skf-labs

Repo for all the OWASP-SKF Docker lab examples
Apache License 2.0
0 stars 1 forks source link

Update dependency pyyaml to v5 #85

Open mend-for-github-com[bot] opened 10 months ago

mend-for-github-com[bot] commented 10 months ago

This PR contains the following updates:

Package Update Change
pyyaml (source) major ==3.13 -> ==5.4

By merging this PR, the issue #5 will be automatically resolved and closed:

Severity CVSS Score CVE
Critical Critical 9.8 CVE-2017-18342
Critical Critical 9.8 CVE-2020-14343
Critical Critical 9.8 CVE-2020-1747

Release Notes

yaml/pyyaml (pyyaml) ### [`v5.4`](https://redirect.github.com/yaml/pyyaml/compare/5.3.1...5.4) [Compare Source](https://redirect.github.com/yaml/pyyaml/compare/5.3.1...5.4) ### [`v5.3.1`](https://redirect.github.com/yaml/pyyaml/compare/5.3...5.3.1) [Compare Source](https://redirect.github.com/yaml/pyyaml/compare/5.3...5.3.1) ### [`v5.3`](https://redirect.github.com/yaml/pyyaml/compare/5.2...5.3) [Compare Source](https://redirect.github.com/yaml/pyyaml/compare/5.2...5.3) ### [`v5.2`](https://redirect.github.com/yaml/pyyaml/blob/HEAD/CHANGES#52-2019-12-02) [Compare Source](https://redirect.github.com/yaml/pyyaml/compare/5.1.2...5.2) - Repair incompatibilities introduced with 5.1. The default Loader was changed, but several methods like add_constructor still used the old defa[https://github.com/yaml/pyyaml/pull/279](https://redirect.github.com/yaml/pyyaml/pull/279)pull/279 -- A more flexible fix for custom tag const[https://github.com/yaml/pyyaml/pull/287](https://redirect.github.com/yaml/pyyaml/pull/287)aml/pull/287 -- Change default loader for yaml.add_[https://github.com/yaml/pyyaml/pull/305](https://redirect.github.com/yaml/pyyaml/pull/305)/pyyaml/pull/305 -- Change default loader for add_implicit_resolver, add_path_resolver - Make FullLoader safer by removing python/object/apply from the default FullLoader [https://github.com/yaml/pyyaml/pull/347](https://redirect.github.com/yaml/pyyaml/pull/347)/347 -- Move constructor for object/apply to UnsafeConstructor - Fix bug introduced in 5.1 where quoting went wrong on systems with sys.maxunicode <= 0xffff [https://github.com/yaml/pyyaml/pull/276](https://redirect.github.com/yaml/pyyaml/pull/276)/276 -- Fix logic for quoting special characters - Other PRs: [https://github.com/yaml/pyyaml/pull/280](https://redirect.github.com/yaml/pyyaml/pull/280)/280 -- Update CHANGES for 5.1 ### [`v5.1.2`](https://redirect.github.com/yaml/pyyaml/blob/HEAD/CHANGES#512-2019-07-30) [Compare Source](https://redirect.github.com/yaml/pyyaml/compare/5.1.1...5.1.2) - Re-release of 5.1 with regenerated Cython sources to build properly for Python 3.8b2+ ### [`v5.1.1`](https://redirect.github.com/yaml/pyyaml/blob/HEAD/CHANGES#511-2019-06-05) [Compare Source](https://redirect.github.com/yaml/pyyaml/compare/5.1...5.1.1) - Re-release of 5.1 with regenerated Cython sources to build properly for Python 3.8b1 ### [`v5.1`](https://redirect.github.com/yaml/pyyaml/blob/HEAD/CHANGES#512-2019-07-30) [Compare Source](https://redirect.github.com/yaml/pyyaml/compare/3.13...5.1) - Re-release of 5.1 with regenerated Cython sources to build properly for Python 3.8b2+