Bump orjson for CVE-2024-27454 (!747) · Merge requests · Crafty Controller / Crafty 4

Iain Powrie requested to merge sec/bump-orjson into dev Apr 06, 2024

What does this MR do and why?

Resolves:

CVE-2024-27454

Notes:

Found some exception classes not being called correctly these have been fixed
Only notable things that I've seen and the changelog since our previous version was they dropped support for Python 3.7, But that is outside of our minimum supported python version so poses is no issue.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Have you checked this doesn't interfere/conflict/duplicate someone elses work?
Have you fully tested your changes?
Have you resolved any lint issues?
Have you assigned a reviewer?
Have you applied correct labels?

Edited Apr 06, 2024 by Iain Powrie

Bump orjson for CVE-2024-27454

What does this MR do and why?

MR acceptance checklist

Merge request reports