mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-08-04 02:48:35 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Bumped minimum Pillow version to 6.2.0 in test requirements.

Browse source 
Pillow < 6.2.0 is vulnerable to CVE-2019-16865.
This commit is contained in:
Mariusz Felisiak 2019-10-23 15:07:06 +02:00 committed by GitHub
parent 6e9189c080
commit e10ebf43e1
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 2 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

2
docs/internals/contributing/writing-code/unit-tests.txt
View file

@ -277,7 +277,7 @@ dependencies:
* geoip2_
* jinja2_ 2.7+
* numpy_
* Pillow_
* Pillow_ 6.2.0+
* PyYAML_
* pytz_ (required)
* pywatchman_