diff --git a/.safety-policy.yml b/.safety-policy.yml
index a3f6786..4923a01 100644
--- a/.safety-policy.yml
+++ b/.safety-policy.yml
@@ -20,8 +20,6 @@ security:
     #     reason: {text}    # optional: Reason for ignoring it. Will be reported in the Safety reports
     #     expires: {date}   # optional: Date when this ignore will expire
     ignore-vulnerabilities:
-        37504:
-            reason: Fixed twine version 2.0.0 requires Python>=3.6 and is used there
         39611:
             reason: PyYAML full_load method or FullLoader is not used
         51457:
@@ -30,8 +28,6 @@ security:
             reason: Fixed wheel version 0.38.1 requires Python>=3.7 and is used there; Risk is on Pypi side
         52322:
             reason: Fixed GitPython version 3.1.30 requires Python>=3.7 and is used there
-        52365:
-            reason: Fixed certifi version 2022.12.07 requires Python>=3.6 and is used there
         52495:
             reason: Fixed setuptools version 65.5.1 requires Python>=3.7 and is used there; Risk is on Pypi side
         52518:
@@ -40,14 +36,14 @@ security:
             reason: Fixed requests version 2.31.0 requires Python>=3.7 and is used there
         58910:
             reason: Fixed Pygments version 2.15.0 requires Python>=3.7 and is used there
-        59956:
-            reason: Fixed certifi version 2023.07.22 requires Python>=3.6 and is used there
         60350:
             reason: Fixed gitpython version 3.1.32 requires Python>=3.7 and is used there
         60789:
             reason: Fixed gitpython version 3.1.33 requires Python>=3.7 and is used there
         60841:
             reason: Fixed gitpython version 3.1.34 requires Python>=3.7 and is used there
+        62044:
+            reason: Fixed pip version 23.3 requires Python>=3.7 and is used there
 
     # Continue with exit code 0 when vulnerabilities are found.
     continue-on-vulnerability-error: False
diff --git a/docs/changes.rst b/docs/changes.rst
index 7c5d398..711a664 100644
--- a/docs/changes.rst
+++ b/docs/changes.rst
@@ -21,7 +21,7 @@ Released: not yet
 
 * Fixed flake8 issue about comparing types in test code.
 
-* Fixed safety issues up to 2023-11-12.
+* Fixed safety issues up to 2023-11-26.
 
 * Test: Removed setup.py based installs from "make installtest", since one
   of them started installing a pre-release of a package on an unsupported Python
diff --git a/minimum-constraints.txt b/minimum-constraints.txt
index 7264e97..3b40304 100644
--- a/minimum-constraints.txt
+++ b/minimum-constraints.txt
@@ -14,12 +14,14 @@
 # Pip 20.2 introduced a new resolver whose backtracking had issues that were resolved only in 21.2.2.
 # pip>=21.0 is needed for the cryptography package on Windows on GitHub Actions.
 # pip 21.1 fixes safety issues 42559,40291
-pip==21.2.4; python_version >= '3.6' and python_version <= '3.9'
-pip==23.0.1; python_version >= '3.10'
+pip==21.3.1; python_version == '3.6'
+pip==23.3; python_version >= '3.7'
+
 # setuptools 59.7.0 removed support for py36
 # setuptools 65.5.1 fixes safety issue 52495
 setuptools==59.6.0; python_version == '3.6'
 setuptools==65.5.1; python_version >= '3.7'
+
 # wheel 0.38.1 fixes safety issue 51499
 wheel==0.33.5; python_version == '3.6'
 wheel==0.38.1; python_version >= '3.7'