search

sabuhish / fastapi-mail

Fastapi mail system sending mails(individual, bulk) attachments(individual, bulk)
https://sabuhish.github.io/fastapi-mail/
MIT License
680 stars 82 forks source link

Can't upgrade to httpx 0.23.0 because "fastapi-mail 1.0.8 depends on httpx<0.23.0 and >=0.22.0 #124

Closed ramiswailem closed 2 years ago

ramiswailem commented 2 years ago

There seems to be a vulnerability in the httpx 0.22.0 ref:

Discuss: https://github.com/encode/httpx/discussions/183

CVE ID: CVE-2021-41945

https://nvd.nist.gov/vuln/detail/CVE-2021-41945

Fixed in version 0.23.0

https://github.com/encode/httpx/issues/2184

so-rose commented 2 years ago

I also cannot install httpx 0.23 while fastapi-mail 1.0.8 is installed.

sabuhish commented 2 years ago

Hi, sorry for the late reply the issue should be resolved in the 1.0.9 version please install the latest version, closing the issue.