Address security risk in futures<0.18.2

VirginiaDooley · VirginiaDooley · commit 9b7a28d8c049 · 2024-09-10T15:26:07.000+01:00
Future 0.18.2 and earlier allows remote attackers to cause a denial of service via crafted Set-Cookie header from malicious web server. https://github.com/PythonCharmers/python-future/blob/master/src/future/backports/http/cookiejar.py#L215 python/cpython#17157
diff --git a/Pipfile b/Pipfile
@@ -28,6 +28,7 @@ fixtures = "==3.0.0"
 flake8 = "==3.8.3"
 funcsigs = "==1.0.2"
 futures = "==3.1.1"
+future = "==0.18.2"
 dj_pagination = "==2.4.0"
 linecache2 = "==1.0.0"
 lxml = "==4.8.0"
