Bump orjson to 3.9.15 for addressing CVE-2024-27454

Signed-off-by: Vivekanand Ilango <vivekanand.ilango@datadoghq.com>
DataDog · Mar 7, 2024 · 5c7f3b6 · 5c7f3b6
1 parent 3441e55
commit 5c7f3b6
Show file tree

Hide file tree

Showing 3 changed files with 3 additions and 2 deletions.
diff --git a/datadog_checks_base/changelog.d/17022.security b/datadog_checks_base/changelog.d/17022.security
@@ -0,0 +1 @@
+Bump orjson to 3.9.15 for addressing CVE-2024-27454
diff --git a/datadog_checks_base/datadog_checks/base/data/agent_requirements.in b/datadog_checks_base/datadog_checks/base/data/agent_requirements.in
@@ -48,7 +48,7 @@ oauthlib==3.1.0; python_version < '3.0'
 oauthlib==3.2.2; python_version > '3.0'
 openstacksdk==3.0.0; python_version > '3.0'
 oracledb==1.3.2; python_version >= '3.0'
-orjson==3.9.7; python_version > '3.0'
+orjson==3.9.15; python_version > '3.0'
 packaging==23.2; python_version > '3.0'
 paramiko==2.12.0; python_version < '3.0'
 paramiko==3.4.0; python_version > '3.0'

diff --git a/datadog_checks_base/pyproject.toml b/datadog_checks_base/pyproject.toml
@@ -89,7 +89,7 @@ http = [
     "win-inet-pton==1.1.0; sys_platform == 'win32' and python_version < '3.0'",
 ]
 json = [
-    "orjson==3.9.7; python_version > '3.0'",
+    "orjson==3.9.15; python_version > '3.0'",
 ]
 kube = [
     "kubernetes==18.20.0; python_version < '3.0'",
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		Bump orjson to 3.9.15 for addressing CVE-2024-27454