<div dir="ltr"><div>I've created updates for sugar-gcibot and www-sugarlabs, I've alerted Walter about the musicblocks alert</div><div>and I don't have access to sugarlabs-infra but I think we should retire the helios server if it's still running as <br></div><div>we haven't been using it for our elections as we've been using <a href="http://civs.cs.cornell.edu/">civs</a> and I think we only used it for the election last conducted by Dave - I think -.<br></div><div><div><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><div dir="ltr"><pre style="color:rgb(46,52,54);letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;word-spacing:0px"><span style="font-family:monospace,monospace">-- <br></span></pre><div style="color:rgb(46,52,54);font-size:14.6667px;font-style:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;word-spacing:0px;width:71ch"><span style="font-family:monospace,monospace"><span></span><span></span>Ibiam Chihurumnaya <br></span></div><div style="color:rgb(46,52,54);font-size:14.6667px;font-style:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;word-spacing:0px;width:71ch"><span style="font-family:monospace,monospace"><a href="mailto:ibiamchihurumnaya@gmail.com" style="color:rgb(42,118,198)" target="_blank">ibiamchihurumnaya@gmail.com</a></span></div><div style="color:rgb(46,52,54);font-size:14.6667px;font-style:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;word-spacing:0px;width:71ch"><span style="font-family:monospace,monospace"><br></span></div></div></div></div></div></div><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, Dec 22, 2020 at 12:59 PM Bernie Innocenti <<a href="mailto:bernie@codewiz.org">bernie@codewiz.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div bgcolor="#fff">
<p><font size="+1" color="#000000">Who should take care of these?</font><br>
</p>
<div><font color="#000000"><br>
-------- Forwarded Message --------</font>
<table cellspacing="0" cellpadding="0" border="0">
<tbody>
<tr>
<th valign="BASELINE" nowrap align="RIGHT"><font color="#000000">Subject: </font></th>
<td><font color="#000000">Your Dependabot alerts for the
week of Dec 15 - Dec 22</font></td>
</tr>
<tr>
<th valign="BASELINE" nowrap align="RIGHT"><font color="#000000">Date: </font></th>
<td><font color="#000000">Tue, 22 Dec 2020 02:46:37 +0000
(UTC)</font></td>
</tr>
<tr>
<th valign="BASELINE" nowrap align="RIGHT"><font color="#000000">From: </font></th>
<td><font color="#000000">GitHub <a href="mailto:noreply@github.com" target="_blank"><noreply@github.com></a></font></td>
</tr>
<tr>
<th valign="BASELINE" nowrap align="RIGHT"><font color="#000000">To: </font></th>
<td><font color="#000000">Bernie Innocenti
<a href="mailto:bernie@codewiz.org" target="_blank"><bernie@codewiz.org></a></font></td>
</tr>
</tbody>
</table>
<font color="#000000">
<br>
</font><br>
<table style="box-sizing:border-box;border-collapse:separate;width:100%;background-color:rgb(255,255,255)" width="100%" bgcolor="#fff">
<tbody>
<tr>
<td style="box-sizing:border-box;font-family:-apple-system,BlinkMacSystemFont,"Segoe UI",Helvetica,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";font-size:14px;vertical-align:top" valign="top"><br>
</td>
<td width="580" valign="top">
<div style="box-sizing:border-box;display:block;max-width:580px;margin:0px auto">
<span style="color:transparent;display:none;height:0px;max-height:0px;max-width:0px;opacity:0;overflow:hidden;width:0px">Explore
this week on GitHub</span>
<div style="box-sizing:border-box;width:100%;padding-top:16px">
</div>
<div style="box-sizing:border-box;color:rgb(3,102,214);text-decoration:underline;margin-bottom:10px;border:0px none"> <img src="https://github.githubassets.com/images/email/vulnerability/vulnerability-gradient-icon.png" alt="Dependabot alerts" style="max-width: 100%; border: 0px none;" width="72" height="72">
</div>
<h1> <a href="https://github.com" style="box-sizing:border-box;color:rgb(3,102,214);text-decoration:underline;margin:0px 2px 0px 0px;border:0px none" target="_blank"><img src="https://github.githubassets.com/images/email/global/wordmark.png" alt="GitHub" style="max-width: 100%; border: 0px none;" width="92" height="25"></a> security
alert digest</h1>
<p style="font-family:-apple-system,BlinkMacSystemFont,"Segoe UI",Helvetica,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";font-size:21px;font-weight:300;line-height:1.25;color:rgb(106,115,125);margin:0px 0px 15px">
<strong style="color:rgb(36,41,46)">codewiz’s</strong>
repository security updates from <span style="white-space:nowrap">the week of <strong style="color:rgb(51,51,51)">Dec 15 - Dec 22</strong></span>
</p>
<table style="box-sizing:border-box;border-collapse:separate;width:100%;border-bottom:1px solid rgb(234,236,239);padding-bottom:12px" width="100%" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td style="box-sizing:border-box;padding-right:7px;vertical-align:middle;line-height:0" width="32" valign="middle"> <a href="https://github.com/sugarlabs" style="display:inline-block" target="_blank"> <img src="https://github.com/sugarlabs.png" style="border-radius: 3px; border: 0px none;" width="28" height="28"> </a> </td>
<td>
<h3> <a style="box-sizing:border-box;color:rgb(36,41,46);text-decoration:none" href="https://github.com/sugarlabs" target="_blank"> Sugar Labs
organization </a> </h3>
</td>
</tr>
</tbody>
</table>
<table style="box-sizing:border-box;border-collapse:separate;width:100%" width="100%">
<tbody>
<tr>
<td>
<table style="box-sizing:border-box;border-collapse:separate;margin-top:6px;margin-bottom:32px;width:100%" width="100%">
<tbody>
<tr>
<td valign="top">
<table style="box-sizing:border-box;border-collapse:separate;width:100%" width="100%" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td width="30" valign="top" align="right"> <img src="https://github.githubassets.com/images/email/vulnerability/warning-icon.png" alt="Warning!" style="border: 0px none;" width="16" height="14"> </td>
<td valign="middle">
<h3> <a style="box-sizing:border-box;color:rgb(3,102,214);text-decoration:none" href="https://github.com/sugarlabs/sugar-gitbot" target="_blank">sugarlabs
/ <strong style="font-weight:700">sugar-gitbot</strong></a>
</h3>
<p>Known
security vulnerabilities
detected</p>
<table style="border-top:1px solid rgb(234,236,239);box-sizing:border-box;border-collapse:separate;width:100%" width="100%" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td valign="middle">
<table style="box-sizing:border-box;border-collapse:separate;width:100%;border-bottom:1px solid rgb(234,236,239);margin-bottom:9px;margin-top:6px" width="100%" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td valign="top">
<table style="box-sizing:border-box;border-collapse:separate;width:100%" width="100%" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td>
<table style="box-sizing:border-box;border-collapse:separate;width:100%;table-layout:fixed" width="100%" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td valign="top">
<span>Dependency</span>
<span>express</span>
</td>
<td valign="top">
<span>Version</span>
<span><
3.11.0 </span>
</td>
<td valign="top">
<span>Upgrade
to</span> <span>~>
3.11.0</span>
</td>
</tr>
<tr>
<td colspan="3" valign="top">
<span>Defined
in</span> <span>
package.json </span>
</td>
</tr>
<tr>
<td colspan="3" valign="top">
<span>Vulnerabilities</span>
<table style="box-sizing:border-box;border-collapse:separate;width:100%" width="100%" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td valign="top">
CVE-2014-6393
<span style="color:rgb(106,115,125);white-space:nowrap">Moderate
severity</span>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
<tr>
<td><br>
</td>
<td>
<table style="box-sizing:border-box;border-collapse:separate;width:330px;margin-bottom:12px" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td valign="top" bgcolor="#0366d6" align="center"> <a href="https://github.com/sugarlabs/sugar-gitbot/security/dependabot" style="box-sizing:border-box;text-decoration:none;background-color:rgb(3,102,214);border-radius:5px;color:rgb(255,255,255);display:inline-block;font-size:14px;font-weight:bold;margin:0px;padding:10px 20px;border:1px solid rgb(3,102,214)" target="_blank">Review
all vulnerable
dependencies</a>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
<table style="box-sizing:border-box;border-collapse:separate;width:100%" width="100%">
<tbody>
<tr>
<td>
<table style="box-sizing:border-box;border-collapse:separate;margin-top:6px;margin-bottom:32px;width:100%" width="100%">
<tbody>
<tr>
<td valign="top">
<table style="box-sizing:border-box;border-collapse:separate;width:100%" width="100%" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td width="30" valign="top" align="right"> <img src="https://github.githubassets.com/images/email/vulnerability/warning-icon.png" alt="Warning!" style="border: 0px none;" width="16" height="14"> </td>
<td valign="middle">
<h3> <a style="box-sizing:border-box;color:rgb(3,102,214);text-decoration:none" href="https://github.com/sugarlabs/www-sugarlabs" target="_blank">sugarlabs
/ <strong style="font-weight:700">www-sugarlabs</strong></a>
</h3>
<p>Known
security vulnerabilities
detected</p>
<table style="border-top:1px solid rgb(234,236,239);box-sizing:border-box;border-collapse:separate;width:100%" width="100%" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td valign="middle">
<table style="box-sizing:border-box;border-collapse:separate;width:100%;border-bottom:1px solid rgb(234,236,239);margin-bottom:9px;margin-top:6px" width="100%" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td valign="top">
<table style="box-sizing:border-box;border-collapse:separate;width:100%" width="100%" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td>
<table style="box-sizing:border-box;border-collapse:separate;width:100%;table-layout:fixed" width="100%" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td valign="top">
<span>Dependency</span>
<span>kramdown</span>
</td>
<td valign="top">
<span>Version</span>
<span><
2.3.0 </span>
</td>
<td valign="top">
<span>Upgrade
to</span> <span>~>
2.3.0</span> </td>
</tr>
<tr>
<td colspan="3" valign="top">
<span>Defined
in</span> <span>
Gemfile.lock </span>
</td>
</tr>
<tr>
<td colspan="3" valign="top">
<span>Vulnerabilities</span>
<table style="box-sizing:border-box;border-collapse:separate;width:100%" width="100%" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td valign="top">
CVE-2020-14001
<span style="color:rgb(106,115,125);white-space:nowrap">High
severity</span>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
<tr>
<td><br>
</td>
<td>
<table style="box-sizing:border-box;border-collapse:separate;width:330px;margin-bottom:12px" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td valign="top" bgcolor="#0366d6" align="center"> <a href="https://github.com/sugarlabs/www-sugarlabs/security/dependabot" style="box-sizing:border-box;text-decoration:none;background-color:rgb(3,102,214);border-radius:5px;color:rgb(255,255,255);display:inline-block;font-size:14px;font-weight:bold;margin:0px;padding:10px 20px;border:1px solid rgb(3,102,214)" target="_blank">Review
all vulnerable
dependencies</a>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
<table style="box-sizing:border-box;border-collapse:separate;width:100%" width="100%">
<tbody>
<tr>
<td>
<table style="box-sizing:border-box;border-collapse:separate;margin-top:6px;margin-bottom:32px;width:100%" width="100%">
<tbody>
<tr>
<td valign="top">
<table style="box-sizing:border-box;border-collapse:separate;width:100%" width="100%" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td width="30" valign="top" align="right"> <img src="https://github.githubassets.com/images/email/vulnerability/warning-icon.png" alt="Warning!" style="border: 0px none;" width="16" height="14"> </td>
<td valign="middle">
<h3> <a style="box-sizing:border-box;color:rgb(3,102,214);text-decoration:none" href="https://github.com/sugarlabs/musicblocks" target="_blank">sugarlabs
/ <strong style="font-weight:700">musicblocks</strong></a>
</h3>
<p>Known
security vulnerabilities
detected</p>
<table style="border-top:1px solid rgb(234,236,239);box-sizing:border-box;border-collapse:separate;width:100%" width="100%" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td valign="middle">
<table style="box-sizing:border-box;border-collapse:separate;width:100%;border-bottom:1px solid rgb(234,236,239);margin-bottom:9px;margin-top:6px" width="100%" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td valign="top">
<table style="box-sizing:border-box;border-collapse:separate;width:100%" width="100%" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td>
<table style="box-sizing:border-box;border-collapse:separate;width:100%;table-layout:fixed" width="100%" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td valign="top">
<span>Dependency</span>
<span>ecstatic</span>
</td>
<td valign="top">
<span>Version</span>
<span><
4.1.3 </span>
</td>
<td valign="top">
<span>Upgrade
to</span> <span>~>
4.1.3</span> </td>
</tr>
<tr>
<td colspan="3" valign="top">
<span>Defined
in</span> <span>
package-lock.json
</span>
</td>
</tr>
<tr>
<td colspan="3" valign="top">
<span>Vulnerabilities</span>
<table style="box-sizing:border-box;border-collapse:separate;width:100%" width="100%" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td valign="top">
CVE-2019-10775
<span style="color:rgb(106,115,125);white-space:nowrap">Moderate
severity</span>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
<tr>
<td><br>
</td>
<td>
<table style="box-sizing:border-box;border-collapse:separate;width:330px;margin-bottom:12px" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td valign="top" bgcolor="#0366d6" align="center"> <a href="https://github.com/sugarlabs/musicblocks/security/dependabot" style="box-sizing:border-box;text-decoration:none;background-color:rgb(3,102,214);border-radius:5px;color:rgb(255,255,255);display:inline-block;font-size:14px;font-weight:bold;margin:0px;padding:10px 20px;border:1px solid rgb(3,102,214)" target="_blank">Review
all vulnerable
dependencies</a>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
<table style="box-sizing:border-box;border-collapse:separate;width:100%;border-bottom:1px solid rgb(234,236,239);padding-bottom:12px" width="100%" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td style="box-sizing:border-box;padding-right:7px;vertical-align:middle;line-height:0" width="32" valign="middle"> <a href="https://github.com/sugarlabs-infra" style="display:inline-block" target="_blank"> <img src="https://github.com/sugarlabs-infra.png" style="border-radius: 3px; border: 0px none;" width="28" height="28"> </a> </td>
<td>
<h3> <a style="box-sizing:border-box;color:rgb(36,41,46);text-decoration:none" href="https://github.com/sugarlabs-infra" target="_blank"> sugarlabs-infra
organization </a> </h3>
</td>
</tr>
</tbody>
</table>
<table style="box-sizing:border-box;border-collapse:separate;width:100%" width="100%">
<tbody>
<tr>
<td>
<table style="box-sizing:border-box;border-collapse:separate;margin-top:6px;margin-bottom:32px;width:100%" width="100%">
<tbody>
<tr>
<td valign="top">
<table style="box-sizing:border-box;border-collapse:separate;width:100%" width="100%" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td width="30" valign="top" align="right"> <img src="https://github.githubassets.com/images/email/vulnerability/warning-icon.png" alt="Warning!" style="border: 0px none;" width="16" height="14"> </td>
<td valign="middle">
<h3> <a style="box-sizing:border-box;color:rgb(3,102,214);text-decoration:none" href="https://github.com/sugarlabs-infra/helios-server" target="_blank">sugarlabs-infra
/ <strong style="font-weight:700">helios-server</strong></a>
</h3>
<p>Known
security vulnerabilities
detected</p>
<table style="border-top:1px solid rgb(234,236,239);box-sizing:border-box;border-collapse:separate;width:100%" width="100%" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td valign="middle">
<table style="box-sizing:border-box;border-collapse:separate;width:100%;border-bottom:1px solid rgb(234,236,239);margin-bottom:9px;margin-top:6px" width="100%" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td valign="top">
<table style="box-sizing:border-box;border-collapse:separate;width:100%" width="100%" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td>
<table style="box-sizing:border-box;border-collapse:separate;width:100%;table-layout:fixed" width="100%" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td valign="top">
<span>Dependency</span>
<span>gunicorn</span>
</td>
<td valign="top">
<span>Version</span>
<span><
19.5.0 </span>
</td>
<td valign="top">
<span>Upgrade
to</span> <span>~>
19.5.0</span>
</td>
</tr>
<tr>
<td colspan="3" valign="top">
<span>Defined
in</span> <span>
requirements.txt
</span>
</td>
</tr>
<tr>
<td colspan="3" valign="top">
<span>Vulnerabilities</span>
<table style="box-sizing:border-box;border-collapse:separate;width:100%" width="100%" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td valign="top">
CVE-2018-1000164 <span style="color:rgb(106,115,125);white-space:nowrap">Moderate
severity</span>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
<table style="box-sizing:border-box;border-collapse:separate;width:100%;border-bottom:1px solid rgb(234,236,239);margin-bottom:9px;margin-top:6px" width="100%" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td valign="top">
<table style="box-sizing:border-box;border-collapse:separate;width:100%" width="100%" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td>
<table style="box-sizing:border-box;border-collapse:separate;width:100%;table-layout:fixed" width="100%" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td valign="top">
<span>Dependency</span>
<span>requests</span>
</td>
<td valign="top">
<span>Version</span>
<span><=
2.19.1 </span>
</td>
<td valign="top">
<span>Upgrade
to</span> <span>~>
2.20.0</span>
</td>
</tr>
<tr>
<td colspan="3" valign="top">
<span>Defined
in</span> <span>
requirements.txt
</span>
</td>
</tr>
<tr>
<td colspan="3" valign="top">
<span>Vulnerabilities</span>
<table style="box-sizing:border-box;border-collapse:separate;width:100%" width="100%" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td valign="top">
CVE-2018-18074
<span style="color:rgb(106,115,125);white-space:nowrap">Moderate
severity</span>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
<table style="box-sizing:border-box;border-collapse:separate;width:100%;border-bottom:1px solid rgb(234,236,239);margin-bottom:9px;margin-top:6px" width="100%" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td valign="top">
<table style="box-sizing:border-box;border-collapse:separate;width:100%" width="100%" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td>
<table style="box-sizing:border-box;border-collapse:separate;width:100%;table-layout:fixed" width="100%" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td valign="top">
<span>Dependency</span>
<span>django</span>
</td>
<td valign="top">
<span>Version</span>
<span><
1.11.18 </span>
</td>
<td valign="top">
<span>Upgrade
to</span> <span>~>
1.11.18</span>
</td>
</tr>
<tr>
<td colspan="3" valign="top">
<span>Defined
in</span> <span>
requirements.txt
</span>
</td>
</tr>
<tr>
<td colspan="3" valign="top">
<span>Vulnerabilities</span>
<table style="box-sizing:border-box;border-collapse:separate;width:100%" width="100%" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td valign="top">
CVE-2020-9402
<span style="color:rgb(106,115,125);white-space:nowrap">High
severity</span>
</td>
</tr>
<tr>
<td valign="top">
CVE-2019-3498
<span style="color:rgb(106,115,125);white-space:nowrap">Low
severity</span>
</td>
</tr>
<tr>
<td valign="top">
CVE-2019-6975
<span style="color:rgb(106,115,125);white-space:nowrap">Moderate
severity</span>
</td>
</tr>
<tr>
<td valign="top">
CVE-2019-19844
<span style="color:rgb(106,115,125);white-space:nowrap">Moderate
severity</span>
</td>
</tr>
<tr>
<td valign="top">
CVE-2020-7471
<span style="color:rgb(106,115,125);white-space:nowrap">Moderate
severity</span>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
<table style="box-sizing:border-box;border-collapse:separate;width:100%;border-bottom:1px solid rgb(234,236,239);margin-bottom:9px;margin-top:6px" width="100%" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td valign="top">
<table style="box-sizing:border-box;border-collapse:separate;width:100%" width="100%" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td>
<table style="box-sizing:border-box;border-collapse:separate;width:100%;table-layout:fixed" width="100%" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td valign="top">
<span>Dependency</span>
<span>bleach</span>
</td>
<td valign="top">
<span>Version</span>
<span><
3.1.1 </span>
</td>
<td valign="top">
<span>Upgrade
to</span> <span>~>
3.1.1</span> </td>
</tr>
<tr>
<td colspan="3" valign="top">
<span>Defined
in</span> <span>
requirements.txt
</span>
</td>
</tr>
<tr>
<td colspan="3" valign="top">
<span>Vulnerabilities</span>
<table style="box-sizing:border-box;border-collapse:separate;width:100%" width="100%" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td valign="top">
CVE-2020-6802
<span style="color:rgb(106,115,125);white-space:nowrap">Moderate
severity</span>
</td>
</tr>
<tr>
<td valign="top">
CVE-2020-6816
<span style="color:rgb(106,115,125);white-space:nowrap">Moderate
severity</span>
</td>
</tr>
<tr>
<td valign="top">
CVE-2020-6817
<span style="color:rgb(106,115,125);white-space:nowrap">Moderate
severity</span>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
<tr>
<td><br>
</td>
<td>
<table style="box-sizing:border-box;border-collapse:separate;width:330px;margin-bottom:12px" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td valign="top" bgcolor="#0366d6" align="center"> <a href="https://github.com/sugarlabs-infra/helios-server/security/dependabot" style="box-sizing:border-box;text-decoration:none;background-color:rgb(3,102,214);border-radius:5px;color:rgb(255,255,255);display:inline-block;font-size:14px;font-weight:bold;margin:0px;padding:10px 20px;border:1px solid rgb(3,102,214)" target="_blank">Review
all vulnerable
dependencies</a>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
<p valign="top"> Always verify the
validity and compatibility of suggestions with your
codebase. </p>
<div style="box-sizing:border-box;clear:both;width:100%">
<hr style="height:0px;overflow:visible;margin-top:24px;border-top:1px solid rgb(225,228,232);color:rgb(106,115,125);font-size:12px;line-height:18px;margin-bottom:30px;border-width:1px 0px 0px">
<div style="box-sizing:border-box;color:rgb(106,115,125);font-size:12px;line-height:18px">
<p style="font-family:-apple-system,BlinkMacSystemFont,"Segoe UI",Helvetica,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";font-weight:normal;color:rgb(106,115,125);font-size:12px;line-height:18px;margin:0px 0px 15px"> Change how
you receive security alert emails in your <a href="https://github.com/settings/notifications#vulnerability-alerts-heading" style="box-sizing:border-box;font-size:12px;line-height:18px;text-decoration:none" target="_blank">notification preferences</a>.
</p>
<p style="font-family:-apple-system,BlinkMacSystemFont,"Segoe UI",Helvetica,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";font-weight:normal;color:rgb(106,115,125);font-size:12px;line-height:18px;margin:0px 0px 15px"> <a href="https://github.com/email/unsubscribe?token=AAJBF3AB43YMTNZOSETMY53BYKIYZANENZQW2ZNNOZ2WY3TFOJQWE2LMNF2HS" style="box-sizing:border-box;color:rgb(106,115,125);font-size:12px;line-height:18px;text-decoration:none" target="_blank"><u></u>Unsubscribe<u></u></a>
· <a href="https://github.com/settings/emails" style="box-sizing:border-box;color:rgb(106,115,125);font-size:12px;line-height:18px;text-decoration:none" target="_blank">Email
preferences</a> · <a href="https://docs.github.com/articles/github-terms-of-service" style="box-sizing:border-box;color:rgb(106,115,125);font-size:12px;line-height:18px;text-decoration:none" target="_blank">Terms</a>
· <a href="https://docs.github.com/articles/github-privacy-policy" style="box-sizing:border-box;color:rgb(106,115,125);font-size:12px;line-height:18px;text-decoration:none" target="_blank">Privacy</a>
· <a href="https://github.com/login" style="box-sizing:border-box;color:rgb(106,115,125);font-size:12px;line-height:18px;text-decoration:none" target="_blank">Sign
into GitHub</a> </p>
</div>
<p style="font-family:-apple-system,BlinkMacSystemFont,"Segoe UI",Helvetica,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";font-weight:normal;color:rgb(106,115,125);font-size:12px;line-height:18px;margin:0px 0px 15px">GitHub, Inc.<br style="color:rgb(153,153,153);font-size:12px;line-height:18px">
88 Colin P Kelly Jr St.<br style="color:rgb(153,153,153);font-size:12px;line-height:18px">
San Francisco, CA 94107</p>
</div>
</div>
</td>
</tr>
</tbody>
</table>
</div>
</div>
_______________________________________________<br>
Systems mailing list<br>
<a href="mailto:Systems@lists.sugarlabs.org" target="_blank">Systems@lists.sugarlabs.org</a><br>
<a href="http://lists.sugarlabs.org/listinfo/systems" rel="noreferrer" target="_blank">http://lists.sugarlabs.org/listinfo/systems</a><br>
</blockquote></div>