mirror of
https://github.com/searxng/searxng.git
synced 2026-07-17 21:41:24 +00:00
[upd] pypi: Bump lxml from 6.0.4 to 6.1.0 (#6036)
Release 6.1.0 fixes a possible external entity injection (XXE) vulnerability in
``iterparse()`` and the ``ETCompatXMLParser``.
64ed06c1a0/CHANGES.txt (L42-L66)
- Closes https://github.com/searxng/searxng/issues/6025
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
This commit is contained in:
@@ -3,7 +3,7 @@ babel==2.18.0
|
||||
flask-babel==4.0.0
|
||||
flask==3.1.3
|
||||
jinja2==3.1.6
|
||||
lxml==6.0.4
|
||||
lxml==6.1.0
|
||||
pygments==2.20.0
|
||||
python-dateutil==2.9.0.post0
|
||||
pyyaml==6.0.3
|
||||
|
||||
Reference in New Issue
Block a user