Skip to content

Commit

Permalink
Update request to 2.20.0 (elastic#8808) (elastic#8821)
Browse files Browse the repository at this point in the history 
The Requests package through 2.19.1 before 2018-09-14 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network.

https://nvd.nist.gov/vuln/detail/CVE-2018-18074
(cherry picked from commit 34248d9)
  • Loading branch information
@ph
ph authored Nov 7, 2018
1 parent e00b42d commit 3c22393
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion libbeat/tests/system/requirements.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ nose-timer==0.7.1
pycodestyle==2.4.0
PyYAML==3.12
redis==2.10.6
requests==2.18.4
requests==2.20.0
six==1.11.0
termcolor==1.1.0
texttable==0.9.1
Expand Down

0 comments on commit 3c22393

Please sign in to comment.