github/OpenHands
1
0
Fork 0
mirror of https://github.com/OpenHands/OpenHands.git synced 2026-03-22 05:37:20 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix CVE-2026-28802: Update authlib to 1.6.7 (#13229)

Browse Source 
Co-authored-by: OpenHands CVE Fix Bot <openhands@all-hands.dev>
This commit is contained in:
aivong-openhands
2026-03-05 08:56:47 -06:00
committed by GitHub
parent e78d7de0c0
commit 42b0a89366
4 changed files with 15 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
uv.lock generated
View File

@@ -336,14 +336,14 @@ wheels = [
[[package]]
name = "authlib"
version = "1.6.6"
version = "1.6.7"
source = { registry = "https://pypi.org/simple" }
dependencies = [
{ name = "cryptography" },
]
sdist = { url = "https://files.pythonhosted.org/packages/bb/9b/b1661026ff24bc641b76b78c5222d614776b0c085bcfdac9bd15a1cb4b35/authlib-1.6.6.tar.gz", hash = "sha256:45770e8e056d0f283451d9996fbb59b70d45722b45d854d58f32878d0a40c38e", size = 164894, upload-time = "2025-12-12T08:01:41.464Z" }
sdist = { url = "https://files.pythonhosted.org/packages/49/dc/ed1681bf1339dd6ea1ce56136bad4baabc6f7ad466e375810702b0237047/authlib-1.6.7.tar.gz", hash = "sha256:dbf10100011d1e1b34048c9d120e83f13b35d69a826ae762b93d2fb5aafc337b", size = 164950, upload-time = "2026-02-06T14:04:14.171Z" }
wheels = [
{ url = "https://files.pythonhosted.org/packages/54/51/321e821856452f7386c4e9df866f196720b1ad0c5ea1623ea7399969ae3b/authlib-1.6.6-py2.py3-none-any.whl", hash = "sha256:7d9e9bc535c13974313a87f53e8430eb6ea3d1cf6ae4f6efcd793f2e949143fd", size = 244005, upload-time = "2025-12-12T08:01:40.209Z" },
{ url = "https://files.pythonhosted.org/packages/f8/00/3ed12264094ec91f534fae429945efbaa9f8c666f3aa7061cc3b2a26a0cd/authlib-1.6.7-py2.py3-none-any.whl", hash = "sha256:c637340d9a02789d2efa1d003a7437d10d3e565237bcb5fcbc6c134c7b95bab0", size = 244115, upload-time = "2026-02-06T14:04:12.141Z" },
]
[[package]]
@@ -3635,6 +3635,7 @@ dependencies = [
{ name = "anthropic", extra = ["vertex"] },
{ name = "anyio" },
{ name = "asyncpg" },
{ name = "authlib" },
{ name = "bashlex" },
{ name = "boto3" },
{ name = "browsergym-core" },
@@ -3755,6 +3756,7 @@ requires-dist = [
{ name = "anthropic", extras = ["vertex"] },
{ name = "anyio", specifier = "==4.9" },
{ name = "asyncpg", specifier = ">=0.30" },
{ name = "authlib", specifier = ">=1.6.7" },
{ name = "bashlex", specifier = ">=0.18" },
{ name = "boto3" },
{ name = "browsergym-core", specifier = "==0.13.3" },