Safety CI > LookAtMe-Genius-Cameraman/T

pyup/scheduled-update-2024-12-08

9 months, 1 week ago

623621f7

Update dropbox from 11.0.0 to 12.0.2

No dependencies with known security vulnerabilities.

pyup/scheduled-update-2024-12-08

9 months, 1 week ago

27da9655

Update cloudpickle from 1.6.0 to 3.1.0

No dependencies with known security vulnerabilities.

pyup/scheduled-update-2024-12-08

9 months, 1 week ago

47dc58b4

Update tabulate from 0.8.7 to 0.9.0

No dependencies with known security vulnerabilities.

pyup/scheduled-update-2024-12-08

9 months, 1 week ago

aaf21de2

Update adafruit-circuitpython-servokit from 1.3.0 to 1.3.18

No dependencies with known security vulnerabilities.

pyup/scheduled-update-2024-12-08

9 months, 1 week ago

553ed7d4

Update adafruit-blinka from 5.9.1 to 8.50.0

No dependencies with known security vulnerabilities.

pyup/scheduled-update-2024-12-08

9 months, 1 week ago

101eec98

Update dlib from 19.21.1 to 19.24.6

No dependencies with known security vulnerabilities.

pyup/scheduled-update-2024-12-08

9 months, 1 week ago

11473e3d

Update opencv-contrib-python from 4.4.0.46 to 4.10.0.84

No dependencies with known security vulnerabilities.

pyup/scheduled-update-2024-12-08

9 months, 1 week ago

4dfb7bc3

Update opencv-python from 4.4.0.46 to 4.10.0.84

opencv-contrib-python 4.4.0.46 has known security vulnerabilities.

Package	Installed	Affected	Info
opencv-contrib-python	4.4.0.46	>=3.4.9.31,<4.8.1.78	show Opencv-contrib-python 4.8.1.78 updates its bundled dependency 'libwebp' to include a fix for a high risk vulnerability. Only mac OS X wheels on PyPI were affected. https://github.com/opencv/opencv-python/releases/tag/78

Package

Installed

Affected

Info

opencv-contrib-python

4.4.0.46

>=3.4.9.31,<4.8.1.78

show

Opencv-contrib-python 4.8.1.78 updates its bundled dependency 'libwebp' to include a fix for a high risk vulnerability. Only mac OS X wheels on PyPI were affected.
https://github.com/opencv/opencv-python/releases/tag/78

pyup/scheduled-update-2024-12-08

9 months, 1 week ago

af8ba5b7

Update pexpect from 4.8.0 to 4.9.0

opencv-python 4.4.0.46 and opencv-contrib-python 4.4.0.46 have known security vulnerabilities.

Package	Installed	Affected	Info
opencv-python	4.4.0.46	<4.7.0	show Opencv-python 4.7.0 updates its C dependency 'zlib' to v1.2.13 to include a security fix.
opencv-python	4.4.0.46	<3.4.18 , >=4.0.0,<4.6.0	show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'libpng' to v1.6.37 to include a security fix.
opencv-python	4.4.0.46	<3.4.18 , >=4.0.0,<4.6.0	show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes.
opencv-python	4.4.0.46	<3.4.18 , >=4.0.0,<4.6.0	show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'freetype' to v2.12.1 to include a security fix.
opencv-python	4.4.0.46	<4.7.0	show OpenCV's wechat_qrcode module, specifically versions up to 4.7.0, has a significant vulnerability affecting the DecodedBitStreamParser::decodeHanziSegment function within the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability can cause a memory leak. The potential attack can be executed remotely. To rectify this issue, it's advisable to apply a patch named 2b62ff6181163eea029ed1cab11363b4996e9cd6.
opencv-python	4.4.0.46	<4.7.0	show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes.
opencv-python	4.4.0.46	<3.4.18 , >=4.0.0,<4.6.0	show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes.
opencv-python	4.4.0.46	>=3.4.9.31,<4.8.1.78	show Opencv-python 4.8.1.78 updates its bundled dependency 'libwebp' to include a fix for a high risk vulnerability. Only mac OS X wheels on PyPI were affected. https://github.com/opencv/opencv-python/releases/tag/78
opencv-python	4.4.0.46	<4.7.0	show Opencv-python 4.7.0 updates its C dependency 'FFmpeg' to v5.1.2 to include a security fix.
opencv-python	4.4.0.46	<4.7.0	show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes.
opencv-contrib-python	4.4.0.46	>=3.4.9.31,<4.8.1.78	show Opencv-contrib-python 4.8.1.78 updates its bundled dependency 'libwebp' to include a fix for a high risk vulnerability. Only mac OS X wheels on PyPI were affected. https://github.com/opencv/opencv-python/releases/tag/78

pyup/scheduled-update-2024-12-08

9 months, 1 week ago

a0f07b56

Pin adafruit-circuitpython-pca9685 to latest version 3.4.16

No dependencies with known security vulnerabilities.

pyup/scheduled-update-2024-12-08

9 months, 1 week ago

3a063b16

Update pyroute2 from 0.5.14 to 0.7.12

opencv-python 4.4.0.46 and opencv-contrib-python 4.4.0.46 have known security vulnerabilities.

Package	Installed	Affected	Info
opencv-python	4.4.0.46	<4.7.0	show Opencv-python 4.7.0 updates its C dependency 'zlib' to v1.2.13 to include a security fix.
opencv-python	4.4.0.46	<3.4.18 , >=4.0.0,<4.6.0	show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'libpng' to v1.6.37 to include a security fix.
opencv-python	4.4.0.46	<3.4.18 , >=4.0.0,<4.6.0	show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes.
opencv-python	4.4.0.46	<3.4.18 , >=4.0.0,<4.6.0	show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'freetype' to v2.12.1 to include a security fix.
opencv-python	4.4.0.46	<4.7.0	show OpenCV's wechat_qrcode module, specifically versions up to 4.7.0, has a significant vulnerability affecting the DecodedBitStreamParser::decodeHanziSegment function within the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability can cause a memory leak. The potential attack can be executed remotely. To rectify this issue, it's advisable to apply a patch named 2b62ff6181163eea029ed1cab11363b4996e9cd6.
opencv-python	4.4.0.46	<4.7.0	show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes.
opencv-python	4.4.0.46	<3.4.18 , >=4.0.0,<4.6.0	show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes.
opencv-python	4.4.0.46	>=3.4.9.31,<4.8.1.78	show Opencv-python 4.8.1.78 updates its bundled dependency 'libwebp' to include a fix for a high risk vulnerability. Only mac OS X wheels on PyPI were affected. https://github.com/opencv/opencv-python/releases/tag/78
opencv-python	4.4.0.46	<4.7.0	show Opencv-python 4.7.0 updates its C dependency 'FFmpeg' to v5.1.2 to include a security fix.
opencv-python	4.4.0.46	<4.7.0	show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes.
opencv-contrib-python	4.4.0.46	>=3.4.9.31,<4.8.1.78	show Opencv-contrib-python 4.8.1.78 updates its bundled dependency 'libwebp' to include a fix for a high risk vulnerability. Only mac OS X wheels on PyPI were affected. https://github.com/opencv/opencv-python/releases/tag/78

pyup/scheduled-update-2024-12-08

9 months, 1 week ago

71e23eaa

Update requests from 2.25.0 to 2.32.3

opencv-python 4.4.0.46 and opencv-contrib-python 4.4.0.46 have known security vulnerabilities.

Package	Installed	Affected	Info
opencv-python	4.4.0.46	<4.7.0	show Opencv-python 4.7.0 updates its C dependency 'zlib' to v1.2.13 to include a security fix.
opencv-python	4.4.0.46	<3.4.18 , >=4.0.0,<4.6.0	show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'libpng' to v1.6.37 to include a security fix.
opencv-python	4.4.0.46	<3.4.18 , >=4.0.0,<4.6.0	show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes.
opencv-python	4.4.0.46	<3.4.18 , >=4.0.0,<4.6.0	show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'freetype' to v2.12.1 to include a security fix.
opencv-python	4.4.0.46	<4.7.0	show OpenCV's wechat_qrcode module, specifically versions up to 4.7.0, has a significant vulnerability affecting the DecodedBitStreamParser::decodeHanziSegment function within the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability can cause a memory leak. The potential attack can be executed remotely. To rectify this issue, it's advisable to apply a patch named 2b62ff6181163eea029ed1cab11363b4996e9cd6.
opencv-python	4.4.0.46	<4.7.0	show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes.
opencv-python	4.4.0.46	<3.4.18 , >=4.0.0,<4.6.0	show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes.
opencv-python	4.4.0.46	>=3.4.9.31,<4.8.1.78	show Opencv-python 4.8.1.78 updates its bundled dependency 'libwebp' to include a fix for a high risk vulnerability. Only mac OS X wheels on PyPI were affected. https://github.com/opencv/opencv-python/releases/tag/78
opencv-python	4.4.0.46	<4.7.0	show Opencv-python 4.7.0 updates its C dependency 'FFmpeg' to v5.1.2 to include a security fix.
opencv-python	4.4.0.46	<4.7.0	show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes.
opencv-contrib-python	4.4.0.46	>=3.4.9.31,<4.8.1.78	show Opencv-contrib-python 4.8.1.78 updates its bundled dependency 'libwebp' to include a fix for a high risk vulnerability. Only mac OS X wheels on PyPI were affected. https://github.com/opencv/opencv-python/releases/tag/78

pyup/scheduled-update-2024-12-08

9 months, 1 week ago

1592448d

Update gpiozero from 1.5.1 to 2.0.1

requests 2.25.0 and 2 other dependencies have known security vulnerabilities.

Package	Installed	Affected	Info
requests	2.25.0	<2.32.2	show Affected versions of Requests, when making requests through a Requests `Session`, if the first request is made with `verify=False` to disable cert verification, all subsequent requests to the same host will continue to ignore cert verification regardless of changes to the value of `verify`. This behavior will continue for the lifecycle of the connection in the connection pool. Requests 2.32.0 fixes the issue, but versions 2.32.0 and 2.32.1 were yanked due to conflicts with CVE-2024-35195 mitigation.
requests	2.25.0	<2.32.4	show Requests is an HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc file can be disabled with `trust_env=False` on one's Requests Session.
requests	2.25.0	>=2.3.0,<2.31.0	show Affected versions of Requests are vulnerable to proxy credential leakage. When redirected to an HTTPS endpoint, the Proxy-Authorization header is forwarded to the destination server due to the use of rebuild_proxies to reattach the header. This may allow a malicious actor to exfiltrate sensitive information.
opencv-python	4.4.0.46	<4.7.0	show Opencv-python 4.7.0 updates its C dependency 'zlib' to v1.2.13 to include a security fix.
opencv-python	4.4.0.46	<3.4.18 , >=4.0.0,<4.6.0	show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'libpng' to v1.6.37 to include a security fix.
opencv-python	4.4.0.46	<3.4.18 , >=4.0.0,<4.6.0	show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes.
opencv-python	4.4.0.46	<3.4.18 , >=4.0.0,<4.6.0	show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'freetype' to v2.12.1 to include a security fix.
opencv-python	4.4.0.46	<4.7.0	show OpenCV's wechat_qrcode module, specifically versions up to 4.7.0, has a significant vulnerability affecting the DecodedBitStreamParser::decodeHanziSegment function within the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability can cause a memory leak. The potential attack can be executed remotely. To rectify this issue, it's advisable to apply a patch named 2b62ff6181163eea029ed1cab11363b4996e9cd6.
opencv-python	4.4.0.46	<4.7.0	show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes.
opencv-python	4.4.0.46	<3.4.18 , >=4.0.0,<4.6.0	show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes.
opencv-python	4.4.0.46	>=3.4.9.31,<4.8.1.78	show Opencv-python 4.8.1.78 updates its bundled dependency 'libwebp' to include a fix for a high risk vulnerability. Only mac OS X wheels on PyPI were affected. https://github.com/opencv/opencv-python/releases/tag/78
opencv-python	4.4.0.46	<4.7.0	show Opencv-python 4.7.0 updates its C dependency 'FFmpeg' to v5.1.2 to include a security fix.
opencv-python	4.4.0.46	<4.7.0	show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes.
opencv-contrib-python	4.4.0.46	>=3.4.9.31,<4.8.1.78	show Opencv-contrib-python 4.8.1.78 updates its bundled dependency 'libwebp' to include a fix for a high risk vulnerability. Only mac OS X wheels on PyPI were affected. https://github.com/opencv/opencv-python/releases/tag/78

pyup/scheduled-update-2024-12-08

9 months, 1 week ago

f15a5ee8

Update pyaudio from 0.2.11 to 0.2.14

requests 2.25.0 and 2 other dependencies have known security vulnerabilities.

Package	Installed	Affected	Info
requests	2.25.0	<2.32.2	show Affected versions of Requests, when making requests through a Requests `Session`, if the first request is made with `verify=False` to disable cert verification, all subsequent requests to the same host will continue to ignore cert verification regardless of changes to the value of `verify`. This behavior will continue for the lifecycle of the connection in the connection pool. Requests 2.32.0 fixes the issue, but versions 2.32.0 and 2.32.1 were yanked due to conflicts with CVE-2024-35195 mitigation.
requests	2.25.0	<2.32.4	show Requests is an HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc file can be disabled with `trust_env=False` on one's Requests Session.
requests	2.25.0	>=2.3.0,<2.31.0	show Affected versions of Requests are vulnerable to proxy credential leakage. When redirected to an HTTPS endpoint, the Proxy-Authorization header is forwarded to the destination server due to the use of rebuild_proxies to reattach the header. This may allow a malicious actor to exfiltrate sensitive information.
opencv-python	4.4.0.46	<4.7.0	show Opencv-python 4.7.0 updates its C dependency 'zlib' to v1.2.13 to include a security fix.
opencv-python	4.4.0.46	<3.4.18 , >=4.0.0,<4.6.0	show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'libpng' to v1.6.37 to include a security fix.
opencv-python	4.4.0.46	<3.4.18 , >=4.0.0,<4.6.0	show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes.
opencv-python	4.4.0.46	<3.4.18 , >=4.0.0,<4.6.0	show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'freetype' to v2.12.1 to include a security fix.
opencv-python	4.4.0.46	<4.7.0	show OpenCV's wechat_qrcode module, specifically versions up to 4.7.0, has a significant vulnerability affecting the DecodedBitStreamParser::decodeHanziSegment function within the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability can cause a memory leak. The potential attack can be executed remotely. To rectify this issue, it's advisable to apply a patch named 2b62ff6181163eea029ed1cab11363b4996e9cd6.
opencv-python	4.4.0.46	<4.7.0	show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes.
opencv-python	4.4.0.46	<3.4.18 , >=4.0.0,<4.6.0	show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes.
opencv-python	4.4.0.46	>=3.4.9.31,<4.8.1.78	show Opencv-python 4.8.1.78 updates its bundled dependency 'libwebp' to include a fix for a high risk vulnerability. Only mac OS X wheels on PyPI were affected. https://github.com/opencv/opencv-python/releases/tag/78
opencv-python	4.4.0.46	<4.7.0	show Opencv-python 4.7.0 updates its C dependency 'FFmpeg' to v5.1.2 to include a security fix.
opencv-python	4.4.0.46	<4.7.0	show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes.
opencv-contrib-python	4.4.0.46	>=3.4.9.31,<4.8.1.78	show Opencv-contrib-python 4.8.1.78 updates its bundled dependency 'libwebp' to include a fix for a high risk vulnerability. Only mac OS X wheels on PyPI were affected. https://github.com/opencv/opencv-python/releases/tag/78

pyup/scheduled-update-2024-12-08

9 months, 1 week ago

89829eff

Update imutils from 0.5.3 to 0.5.4

requests 2.25.0 and 2 other dependencies have known security vulnerabilities.

Package	Installed	Affected	Info
requests	2.25.0	<2.32.2	show Affected versions of Requests, when making requests through a Requests `Session`, if the first request is made with `verify=False` to disable cert verification, all subsequent requests to the same host will continue to ignore cert verification regardless of changes to the value of `verify`. This behavior will continue for the lifecycle of the connection in the connection pool. Requests 2.32.0 fixes the issue, but versions 2.32.0 and 2.32.1 were yanked due to conflicts with CVE-2024-35195 mitigation.
requests	2.25.0	<2.32.4	show Requests is an HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc file can be disabled with `trust_env=False` on one's Requests Session.
requests	2.25.0	>=2.3.0,<2.31.0	show Affected versions of Requests are vulnerable to proxy credential leakage. When redirected to an HTTPS endpoint, the Proxy-Authorization header is forwarded to the destination server due to the use of rebuild_proxies to reattach the header. This may allow a malicious actor to exfiltrate sensitive information.
opencv-python	4.4.0.46	<4.7.0	show Opencv-python 4.7.0 updates its C dependency 'zlib' to v1.2.13 to include a security fix.
opencv-python	4.4.0.46	<3.4.18 , >=4.0.0,<4.6.0	show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'libpng' to v1.6.37 to include a security fix.
opencv-python	4.4.0.46	<3.4.18 , >=4.0.0,<4.6.0	show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes.
opencv-python	4.4.0.46	<3.4.18 , >=4.0.0,<4.6.0	show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'freetype' to v2.12.1 to include a security fix.
opencv-python	4.4.0.46	<4.7.0	show OpenCV's wechat_qrcode module, specifically versions up to 4.7.0, has a significant vulnerability affecting the DecodedBitStreamParser::decodeHanziSegment function within the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability can cause a memory leak. The potential attack can be executed remotely. To rectify this issue, it's advisable to apply a patch named 2b62ff6181163eea029ed1cab11363b4996e9cd6.
opencv-python	4.4.0.46	<4.7.0	show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes.
opencv-python	4.4.0.46	<3.4.18 , >=4.0.0,<4.6.0	show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes.
opencv-python	4.4.0.46	>=3.4.9.31,<4.8.1.78	show Opencv-python 4.8.1.78 updates its bundled dependency 'libwebp' to include a fix for a high risk vulnerability. Only mac OS X wheels on PyPI were affected. https://github.com/opencv/opencv-python/releases/tag/78
opencv-python	4.4.0.46	<4.7.0	show Opencv-python 4.7.0 updates its C dependency 'FFmpeg' to v5.1.2 to include a security fix.
opencv-python	4.4.0.46	<4.7.0	show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes.
opencv-contrib-python	4.4.0.46	>=3.4.9.31,<4.8.1.78	show Opencv-contrib-python 4.8.1.78 updates its bundled dependency 'libwebp' to include a fix for a high risk vulnerability. Only mac OS X wheels on PyPI were affected. https://github.com/opencv/opencv-python/releases/tag/78

LookAtMe-Genius-Cameraman/T_System