Bump minimum version for PyYAML to 5.1

This addresses CVE-2017-18342. I doubt anyone is actually using an old version of PyYAML with oslo.config at this point, but that means it shouldn't hurt to bump the minimum either. Change-Id: I4f440eb9511333ce70db4184857dcbcdd0ed1b97 Closes-Bug: 1839398
2021-02-18 15:44:40 +00:00 · 2021-02-18 15:44:40 +00:00 · cfa256464e
commit cfa256464e
parent 50723fa870
1 changed files with 1 additions and 1 deletions
--- a/requirements.txt
+++ b/requirements.txt
@ -7,6 +7,6 @@ netaddr>=0.7.18 # BSD
 stevedore>=1.20.0 # Apache-2.0
 oslo.i18n>=3.15.3 # Apache-2.0
 rfc3986>=1.2.0 # Apache-2.0
-PyYAML>=3.12 # MIT
+PyYAML>=5.1 # MIT
 requests>=2.18.0 # Apache-2.0
 importlib_metadata>=1.7.0;python_version<'3.8' # Apache-2.0