From 4e65d77aac6e1ac068526b650980916499ae907b Mon Sep 17 00:00:00 2001
From: Snyk bot <snyk-bot@snyk.io>
Date: Mon, 10 Jan 2022 08:17:02 +0000
Subject: [PATCH] fix: cvat/requirements/base.txt to reduce vulnerabilities
 (#4131)

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-2331901
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-2331905
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-2331907
---
 cvat/requirements/base.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cvat/requirements/base.txt b/cvat/requirements/base.txt
index 7bd5c0dd..0d24bd74 100644
--- a/cvat/requirements/base.txt
+++ b/cvat/requirements/base.txt
@@ -7,7 +7,7 @@ django-cacheops==5.0.1
 django-compressor==2.4
 django-rq==2.3.2
 EasyProcess==0.3
-Pillow==8.3.2
+Pillow==9.0.0
 numpy==1.19.5
 python-ldap==3.4.0
 pytz==2020.1