From 80c82d8957ad08b52cd7312adc5b0ab64c141e8c Mon Sep 17 00:00:00 2001
From: Alexander Hughes <Alexander.Hughes@pm.me>
Date: Tue, 3 Mar 2020 09:15:13 -0500
Subject: [PATCH] Uplift pyyaml and requests

Automatic security alerts were created for pyyaml==3.12 and
requests==2.19.1 suggesting these packages be upgraded to 2.20.0 and
5.1 respectively.

Vulnerabilities addressed:
CVE-2018-18074 on requests package
CVE-2017-18342 on PyYAML package

Change-Id: Iff5bc11d60c2724fef0bb8b2552e17573c79dc9f
Signed-off-by: Alexander Hughes <Alexander.Hughes@pm.me>
---
 python/requirements-direct.txt | 2 +-
 python/requirements-lock.txt   | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/python/requirements-direct.txt b/python/requirements-direct.txt
index 53375244..521957e2 100644
--- a/python/requirements-direct.txt
+++ b/python/requirements-direct.txt
@@ -1,4 +1,4 @@
-PyYAML==3.12
+PyYAML==5.1
 pyghmi==1.0.18
 netaddr
 falcon
diff --git a/python/requirements-lock.txt b/python/requirements-lock.txt
index 6cd34615..e5d45b5c 100644
--- a/python/requirements-lock.txt
+++ b/python/requirements-lock.txt
@@ -60,10 +60,10 @@ python-editor==1.0.3
 python-keystoneclient==3.17.0
 python-mimeparse==1.6.0
 pytz==2018.5
-PyYAML==3.12
+PyYAML==5.1
 redfish==2.0.1
 repoze.lru==0.7
-requests==2.19.1
+requests==2.20.0
 rfc3986==1.1.0
 Routes==2.4.1
 setuptools==40.4.3