From fe78b9ab5333e517e64c95ebfabe4db08ab7658e Mon Sep 17 00:00:00 2001 From: Mark Burnett Date: Tue, 11 Sep 2018 12:23:26 -0500 Subject: [PATCH] Security update: Update pyghmi to avoid pycrypto The version of pyghmi being used depends on a vulnerable pycrypto version. Updating to the latest, which depends on cryptography. This also updates the `freeze` tox job to recreate to ensure proper updating of the lockfile. Change-Id: I4a7d82dc8bfad1609a5d5b4e663cf74266b7f6f0 --- python/requirements-direct.txt | 2 +- python/requirements-lock.txt | 19 +++++++++++-------- requirements-host.txt | 1 + tox.ini | 1 + 4 files changed, 14 insertions(+), 9 deletions(-) diff --git a/python/requirements-direct.txt b/python/requirements-direct.txt index 974097c4..d50b4e77 100644 --- a/python/requirements-direct.txt +++ b/python/requirements-direct.txt @@ -1,5 +1,5 @@ PyYAML==3.12 -pyghmi==1.0.18 +pyghmi==1.2.14 netaddr falcon oslo.versionedobjects==1.23.0 diff --git a/python/requirements-lock.txt b/python/requirements-lock.txt index 9d448237..bc6eca30 100644 --- a/python/requirements-lock.txt +++ b/python/requirements-lock.txt @@ -1,12 +1,15 @@ alembic==0.8.2 amqp==2.3.2 +asn1crypto==0.24.0 Babel==2.6.0 Beaker==1.9.1 cachetools==2.1.0 -certifi==2018.8.13 +certifi==2018.8.24 +cffi==1.11.5 chardet==3.0.4 click==6.7 contextlib2==0.5.5 +cryptography==2.3.1 debtcollector==1.20.0 defusedxml==0.5.0 dnspython==1.15.0 @@ -14,7 +17,7 @@ eventlet==0.24.1 falcon==1.4.1 fasteners==0.14.1 futurist==1.7.0 -greenlet==0.4.14 +greenlet==0.4.15 idna==2.7 iso8601==0.1.11 Jinja2==2.9.6 @@ -39,8 +42,8 @@ oslo.messaging==8.1.0 oslo.middleware==3.36.0 oslo.policy==1.22.1 oslo.serialization==2.27.0 -oslo.service==1.31.3 -oslo.utils==3.36.4 +oslo.service==1.32.0 +oslo.utils==3.37.0 oslo.versionedobjects==1.23.0 Paste==2.0.3 PasteDeploy==1.5.2 @@ -51,8 +54,8 @@ prettytable==0.7.2 psycopg2==2.7.3.1 PTable==0.9.2 pycadf==2.8.0 -pycrypto==2.6.1 -pyghmi==1.0.18 +pycparser==2.18 +pyghmi==1.2.14 pymongo==3.6.1 pyparsing==2.2.0 python-dateutil==2.7.3 @@ -68,9 +71,9 @@ Routes==2.4.1 setuptools==40.2.0 six==1.11.0 SQLAlchemy==1.2.8 -statsd==3.2.2 +statsd==3.3.0 stevedore==1.29.0 -tenacity==5.0.1 +tenacity==5.0.2 ulid2==0.1.1 urllib3==1.23 uWSGI==2.0.15 diff --git a/requirements-host.txt b/requirements-host.txt index 23b8a681..ee59c621 100644 --- a/requirements-host.txt +++ b/requirements-host.txt @@ -5,6 +5,7 @@ pkg-config python3-dev gcc netbase +libssl-dev python3-pip python3-setuptools ssh diff --git a/tox.ini b/tox.ini index 226e1024..c54775a7 100644 --- a/tox.ini +++ b/tox.ini @@ -15,6 +15,7 @@ commands = {posargs} [testenv:freeze] basepython=python3 +recreate = True whitelist_externals= rm sh