python: Update requirements.txt for security issues

Per GitHub Dependabot:
- Use setuptools 65.5.1 to avoid some DoS issue
- Use requests 2.31.0 to avoid leaking some proxy information

Signed-off-by: Tom Rini <trini@konsulko.com>
Tested-by: Heinrich Schuchardt <xypron.glpk@gmx.de>

diff --git a/doc/sphinx/requirements.txt b/doc/sphinx/requirements.txt
index f9f6cc6e928b811e6600da480f020d2a81534043..aed449211711f05d9d2c4a1ffba22d2aca5d1db4 100644 (file)
--- a/doc/sphinx/requirements.txt
+++ b/doc/sphinx/requirements.txt
@@ -11,7 +11,7 @@ packaging==21.3
 Pygments==2.11.2
 pyparsing==3.0.7
 pytz==2022.1
-requests==2.27.1
+requests==2.31.0
 six==1.16.0
 snowballstemmer==2.2.0
 Sphinx==3.4.3

diff --git a/test/py/requirements.txt b/test/py/requirements.txt
index 86d6266053fdccf68d6802fcd8dda46db33afa3a..f7e76bdb918111229323e4196f6f59b89cb58859 100644 (file)
--- a/test/py/requirements.txt
+++ b/test/py/requirements.txt
@@ -20,8 +20,8 @@ pytest==6.2.5
 pytest-xdist==2.5.0
 python-mimeparse==1.6.0
 python-subunit==1.3.0
-requests==2.27.1
-setuptools==58.3.0
+requests==2.31.0
+setuptools==65.5.1
 six==1.16.0
 testtools==2.3.0
 traceback2==1.4.0