From 424da0da64be48d907e54000d5a6ac7c31baf74b Mon Sep 17 00:00:00 2001 From: Kurt Garloff Date: Wed, 24 Dec 2025 08:51:07 +0100 Subject: [PATCH 1/3] Update dependency to urllib-2.6.0 (sec) CVE-2025-66418 with CVSS 8.9 Signed-off-by: Kurt Garloff --- Tests/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Tests/requirements.txt b/Tests/requirements.txt index 83c274cd0..15c112ee2 100644 --- a/Tests/requirements.txt +++ b/Tests/requirements.txt @@ -69,7 +69,7 @@ typing-extensions==4.13.2 # typing-inspection typing-inspection==0.4.0 # via pydantic -urllib3==2.4.0 +urllib3==2.6.0 # via requests yarl==1.20.0 # via aiohttp From 86051a27b35d742b92d78d52c48a7a5b56751e42 Mon Sep 17 00:00:00 2001 From: Kurt Garloff Date: Wed, 24 Dec 2025 08:56:17 +0100 Subject: [PATCH 2/3] iaas subdirectory has urllib requirement as well Update to 2.6.0 also Signed-off-by: Kurt Garloff --- Tests/iaas/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Tests/iaas/requirements.txt b/Tests/iaas/requirements.txt index 6706e8b2e..b43107ef1 100644 --- a/Tests/iaas/requirements.txt +++ b/Tests/iaas/requirements.txt @@ -100,7 +100,7 @@ typing-extensions==4.13.2 # -c iaas/../requirements.txt # keystoneauth1 # openstacksdk -urllib3==2.4.0 +urllib3==2.6.0 # via # -c iaas/../requirements.txt # botocore From 5241e7ea28c01bf0da8c028e4d2a6347cb85819f Mon Sep 17 00:00:00 2001 From: Kurt Garloff Date: Wed, 24 Dec 2025 08:57:31 +0100 Subject: [PATCH 3/3] urllib 2.6.0 in kaas subdir Signed-off-by: Kurt Garloff --- Tests/kaas/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Tests/kaas/requirements.txt b/Tests/kaas/requirements.txt index f63b982ab..f0d40213b 100644 --- a/Tests/kaas/requirements.txt +++ b/Tests/kaas/requirements.txt @@ -105,7 +105,7 @@ six==1.17.0 # kubernetes # kubernetes-asyncio # python-dateutil -urllib3==2.4.0 +urllib3==2.6.0 # via # -c kaas/../requirements.txt # kubernetes