Bump minimum version for PyYAML to 5.18.5.0

This addresses CVE-2017-18342. I doubt anyone is actually using an old version of PyYAML with oslo.config at this point, but that means it shouldn't hurt to bump the minimum either. Change-Id: I4f440eb9511333ce70db4184857dcbcdd0ed1b97 Closes-Bug: 1839398
author: Ben Nemec <bnemec@redhat.com> 2021-02-18 15:44:40 +0000
committer: Ben Nemec <bnemec@redhat.com> 2021-02-18 18:23:54 +0000
commit: cfa256464e519468f227e676e2ca0829bf5c7e02 (patch)
tree: ea1a462983604cb6bc7ec038ed6561f4bc1bb756
parent: 50723fa8709b7d33e633fc3bdc59ae56adedba9c (diff)
download: oslo-config-cfa256464e519468f227e676e2ca0829bf5c7e02.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/requirements.txt b/requirements.txt
index 9c1d5c3..58bd439 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -7,6 +7,6 @@ netaddr>=0.7.18 # BSD
 stevedore>=1.20.0 # Apache-2.0
 oslo.i18n>=3.15.3 # Apache-2.0
 rfc3986>=1.2.0 # Apache-2.0
-PyYAML>=3.12 # MIT
+PyYAML>=5.1 # MIT
 requests>=2.18.0 # Apache-2.0
 importlib_metadata>=1.7.0;python_version<'3.8' # Apache-2.0
author	Ben Nemec <bnemec@redhat.com>	2021-02-18 15:44:40 +0000
committer	Ben Nemec <bnemec@redhat.com>	2021-02-18 18:23:54 +0000
commit	cfa256464e519468f227e676e2ca0829bf5c7e02 (patch)
tree	ea1a462983604cb6bc7ec038ed6561f4bc1bb756
parent	50723fa8709b7d33e633fc3bdc59ae56adedba9c (diff)
download	oslo-config-cfa256464e519468f227e676e2ca0829bf5c7e02.tar.gz