From 054c15a45622a62e7b3b3f84c1ff2eb16e358719 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Mon, 5 Apr 2021 02:55:42 +0000
Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-DJANGORESTFRAMEWORK-1090569
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1090584
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1090586
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1090587
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1090588
---
 requirements.txt | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/requirements.txt b/requirements.txt
index 89601ee6..455f7c4b 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -16,7 +16,7 @@ django-secure==1.0.1
 django-dynamic-preferences==1.5
 webstack-django-sorting==1.0.1
 django-storages==1.5.1
-djangorestframework==3.4.0
+djangorestframework==3.11.2
 feedparser==5.2.1
 github3.py==0.9.6
 uwsgi==2.0.18
@@ -33,7 +33,7 @@ requests==2.11.1
 shortuuid==0.4.3
 six==1.10.0
 whitenoise==3.2.2
-Pillow==4.2.1
+Pillow==8.2.0
 rocketchat-API==0.6.3
 markdown==2.6.11
 python-dotenv==0.8.0