search

secynic / ipwhois

Retrieve and parse whois data for IPv4 and IPv6 addresses
https://ipwhois.readthedocs.io/en/latest
BSD 2-Clause "Simplified" License
554 stars 121 forks source link

Upgrade dnspython vulnerable dependendency #326

Closed ivellios closed 15 hours ago

ivellios commented 1 week ago

@secynic - I do hope you can look into this, because the repository seems to be dead for a while. I even tried to create a PR, but looks like it is disabled for non-collaborators.

dnspython < 2.6.1 is prone to CVE-2023-29483. Remedy for that is to update the requirement and align with a new version of dnspython.

It got sorted out in the @putsi fork. How about pulling these changes into the main branch here?

secynic commented 3 days ago

Updated in dev branch. Working on some other issues before pushing to pypi.

secynic commented 15 hours ago

Released 1.3.0