open requirements to address CVEs

SeldonIO · Oct 3, 2024 · 8695267 · 8695267
1 parent 1d7b346
commit 8695267
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/python/setup.py b/python/setup.py
@@ -33,12 +33,12 @@
         "jaeger-client >= 4.1.0, < 4.5.0",
         "grpcio-opentracing >= 1.1.4, < 1.2.0",
         "grpcio-reflection < 2.0.0",
-        "gunicorn >= 19.9.0, < 20.2.0",
+        "gunicorn >= 19.9.0",
         "setuptools >= 65.5.1",
         "prometheus_client >= 0.7.1, < 0.9.0",
-        "werkzeug >= 2.1.1, < 2.3",
+        "werkzeug==3.0.4",
         # Addresses CVE SNYK-PYTHON-CRYPTOGRAPHY-3315328
-        "cryptography >= 39.0.1, < 41.1",
+        "cryptography==43.0.1",
         # Addresses CVE SNYK-PYTHON-PYYAML-590151
         "PyYAML >= 5.4, <= 6.0.1",
         # Addresses CVE PRISMA-2021-0020