public/pysim
1
0
Fork 1
mirror of https://gitea.osmocom.org/sim-card/pysim.git synced 2026-05-03 06:58:53 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
c8ea5eead7d55214e5028a3557ccf4953375c5ed
pysim/requirements.txt
Philipp Maier c50f4b4a02 requirements: ensure safe version of PyYAML >= 5.4 (CVE-2020-1747) 
PyYAML versions 5.1–5.3.1 are vulnerable to CVE-2020-1747, which allows
arbitrary code execution through yaml.FullLoader. While PyYAML 5.4+
patches this, the dependency specification (pyyaml >= 5.1) doesn't
guarantee a safe version. Let's increase the requirement to version
5.4 to ensure a safe version of is used.

This patch is based on suggestions from:
"YanTong C <chyeyantong03@gmail.com>"

Change-Id: I901c76c59e9c1bab030eab81038e04a475b32510
2026-04-16 11:01:19 +00:00

19 lines
317 B
Plaintext
Raw Blame History

pyscard
pyserial
pytlv
cmd2>=2.6.2,<3.0
jsonpath-ng
construct>=2.10.70
bidict
pyosmocom>=0.0.12
pyyaml>=5.4
termcolor
colorlog
pycryptodomex
cryptography
git+https://github.com/osmocom/asn1tools
packaging
git+https://github.com/hologram-io/smpp.pdu
smpp.twisted3 @ git+https://github.com/jookies/smpp.twisted
smpplib
Reference in New Issue View Git Blame Copy Permalink