osdir.com


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[requirements][requests] security update for requests in stable branches


On 2/15/19, 6:20 PM, "Jeremy Stanley" <fungi at yuggoth.org> wrote:

    On 2019-02-15 13:06:21 -0500 (-0500), Jim Rollenhagen wrote:
    [...]
    > I know openstack-ansible and kolla both (optionally?) deploy from source,
    > so maybe it's time to start talking about it. Or should those projects
    > handle security fixes themselves when deploying from source?

If I read the situation correctly, requests posted a CVE. Given that requests is a non-OpenStack python library , while it is part of our ecosystem, it is not directly curated by the OpenStack community.