Bump PyYAML version to 5.4.1 from 5.3.1

anchore / anchore-cli

Simple command-line client to the Anchore Engine service

Apache License 2.0

114 stars 54 forks source link

Bump PyYAML version to 5.4.1 from 5.3.1 #156

Closed Toure closed 3 years ago

Toure commented 3 years ago

Change requirements.txt to include 5.4.1 which will address the current CVE against PyYAML. CVE-2020-14343 closes: #155 Signed-off-by: Toure Dunnon toure.dunnon@anchore.com