mirror of
https://github.com/django/django.git
synced 2024-12-22 17:16:24 +00:00
Bumped minimum Pillow version to 6.2.0 in test requirements.
Pillow < 6.2.0 is vulnerable to CVE-2019-16865.
This commit is contained in:
parent
6e9189c080
commit
e10ebf43e1
@ -277,7 +277,7 @@ dependencies:
|
||||
* geoip2_
|
||||
* jinja2_ 2.7+
|
||||
* numpy_
|
||||
* Pillow_
|
||||
* Pillow_ 6.2.0+
|
||||
* PyYAML_
|
||||
* pytz_ (required)
|
||||
* pywatchman_
|
||||
|
@ -5,7 +5,7 @@ docutils
|
||||
geoip2
|
||||
jinja2 >= 2.9.2
|
||||
numpy
|
||||
Pillow != 5.4.0
|
||||
Pillow >= 6.2.0
|
||||
# pylibmc/libmemcached can't be built on Windows.
|
||||
pylibmc; sys.platform != 'win32'
|
||||
python-memcached >= 1.59
|
||||
|
Loading…
Reference in New Issue
Block a user