Security Vulnerability in xhtml2pdf Dependency "future" #657
Comments
|
@luisza Do you think you could release a new version with the updated dependency? Thanks a lot in advance! 🙏 |
|
Yes, I am working on right now, maybe today or tomorrow i will release a new release. |
|
@luisza If you would accept help with releasing regular package updates, you can add me (https://pypi.org/user/timoludwig/) or my organization (https://pypi.org/user/digitalfabrik/) as mainatiners of the PyPI package, we'd be happy to invest some working hours 😃 |
This was referenced Feb 26, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
There is a security vulnerability in the future package that does not seem likely to be resolved. Can xhtml2pdf be released to not require this package?
CVE:
GHSA-v3c5-jqr6-7qm8
Discussions:
PythonCharmers/python-future#612
PythonCharmers/python-future#610
The text was updated successfully, but these errors were encountered: