update Django and channels_redis

see: https://github.com/ansible/tower/issues/4439 also, addresses CVE-2020-24583 and CVE-2020-24584
2024-10-27 17:55:10 +03:00 · 2020-09-08 10:39:26 -04:00 · 2020-09-08 10:39:26 -04:00 · f81560b12c
commit f81560b12c
parent 6e6aa1fdab
2 changed files with 5 additions and 5 deletions
--- a/requirements/requirements.in
+++ b/requirements/requirements.in
@ -4,9 +4,9 @@ ansiconv==1.0.0  # UPGRADE BLOCKER: from 2013, consider replacing instead of upg
 azure-keyvault==1.1.0  # see UPGRADE BLOCKERs
 boto  # replacement candidate https://github.com/ansible/awx/issues/2115
 channels
-channels-redis
+channels-redis>=3.1.0  # https://github.com/django/channels_redis/issues/212
 daphne
-django==2.2.11  # see UPGRADE BLOCKERs
+django==2.2.16  # see UPGRADE BLOCKERs
 django-auth-ldap
 django-cors-headers
 django-crum
--- a/requirements/requirements.txt
+++ b/requirements/requirements.txt
@ -15,7 +15,7 @@ boto==2.49.0              # via -r /awx_devel/requirements/requirements.in
 cachetools==4.0.0         # via google-auth
 certifi==2019.11.28       # via kubernetes, msrest, requests
 cffi==1.14.0              # via cryptography
-channels-redis==2.4.2     # via -r /awx_devel/requirements/requirements.in
+channels-redis==3.1.0     # via -r /awx_devel/requirements/requirements.in
 channels==2.4.0           # via -r /awx_devel/requirements/requirements.in, channels-redis
 chardet==3.0.4            # via aiohttp, requests
 constantly==15.1.0        # via twisted
@ -37,7 +37,7 @@ django-redis==4.5.0       # via -r /awx_devel/requirements/requirements.in
 django-solo==1.1.3        # via -r /awx_devel/requirements/requirements.in
 django-split-settings==1.0.0  # via -r /awx_devel/requirements/requirements.in
 django-taggit==1.2.0      # via -r /awx_devel/requirements/requirements.in
-django==2.2.11            # via -r /awx_devel/requirements/requirements.in, channels, django-auth-ldap, django-cors-headers, django-crum, django-jsonfield, django-oauth-toolkit, django-polymorphic, django-taggit, djangorestframework
+django==2.2.16            # via -r /awx_devel/requirements/requirements.in, channels, django-auth-ldap, django-cors-headers, django-crum, django-jsonfield, django-oauth-toolkit, django-polymorphic, django-taggit, djangorestframework
 djangorestframework-yaml==1.0.3  # via -r /awx_devel/requirements/requirements.in
 djangorestframework==3.11.0  # via -r /awx_devel/requirements/requirements.in
 docutils==0.16            # via python-daemon
@ -68,7 +68,7 @@ lxml==4.5.0               # via xmlsec
 markdown==3.2.1           # via -r /awx_devel/requirements/requirements.in
 markupsafe==1.1.1         # via jinja2
 more-itertools==8.2.0     # via irc, jaraco.classes, jaraco.functools
-msgpack==0.6.2            # via channels-redis
+msgpack==1.0.0            # via channels-redis
 msrest==0.6.11            # via azure-keyvault, msrestazure
 msrestazure==0.6.3        # via azure-keyvault
 multidict==4.7.5          # via aiohttp, yarl