Upgrade setuptools to resolve CVE-2024-6345

ctrliq · Oct 29, 2024 · d3f8574 · d3f8574
1 parent ae4ad96
commit d3f8574
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/requirements/requirements.in b/requirements/requirements.in
@@ -60,7 +60,7 @@ uWSGI>=2.0.22 # CVE-2023-27522
 uwsgitop
 wheel>=0.38.1  # CVE-2022-40898
 pip==21.2.4  # see UPGRADE BLOCKERs
-setuptools  # see UPGRADE BLOCKERs
+setuptools==70.0.0  # see UPGRADE BLOCKERs
 setuptools_scm[toml]  # see UPGRADE BLOCKERs, xmlsec build dep
 setuptools-rust>=0.11.4  # cryptography build dep
 pkgconfig>=1.5.1  # xmlsec build dep - needed for offline build

diff --git a/requirements/requirements.txt b/requirements/requirements.txt
@@ -469,7 +469,7 @@ zope-interface==7.0.3
 # The following packages are considered to be unsafe in a requirements file:
 pip==21.2.4
     # via -r /awx_devel/requirements/requirements.in
-setuptools==65.6.3
+setuptools==70.0.0
     # via
     #   -r /awx_devel/requirements/requirements.in
     #   asciichartpy