From deaae867a6d68fbfc4ba8b88f3b1e13205765a3a Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Mon, 1 Apr 2024 17:32:14 +0000
Subject: [PATCH 1/2] fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6514866
---
 requirements.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/requirements.txt b/requirements.txt
index 7e25a9a4914c..2923188c7806 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -6,7 +6,7 @@ gitpython>=3.1.30
 matplotlib>=3.3
 numpy>=1.23.5
 opencv-python>=4.1.1
-Pillow>=9.4.0
+Pillow>=10.3.0
 psutil  # system resources
 PyYAML>=5.3.1
 requests>=2.23.0

From 99f0a941b27d56cd7a22c971ac8d0790edde4eed Mon Sep 17 00:00:00 2001
From: Glenn Jocher <glenn.jocher@ultralytics.com>
Date: Sun, 7 Apr 2024 00:44:58 +0200
Subject: [PATCH 2/2] Update requirements.txt

Signed-off-by: Glenn Jocher <glenn.jocher@ultralytics.com>
---
 requirements.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/requirements.txt b/requirements.txt
index 2923188c7806..3892abe07308 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -6,7 +6,7 @@ gitpython>=3.1.30
 matplotlib>=3.3
 numpy>=1.23.5
 opencv-python>=4.1.1
-Pillow>=10.3.0
+pillow>=10.3.0
 psutil  # system resources
 PyYAML>=5.3.1
 requests>=2.23.0