security: 升级 langchain-core 到 0.3.81 修复 CVE-2025-68664 (#403)

CodeCasterX · claude · web-flow · commit 8dae1bf23645 · 2026-01-09T17:21:29.000+08:00
- 修复序列化注入漏洞 (GHSA-c67j-w6g6-q2cm) - 从 0.3.68 升级到 0.3.81 (小版本升级) - 影响评估: 无破坏性变更,向后兼容 - 安全加固: 默认禁用环境变量加载,限制反序列化类 Fixes Dependabot Alert #23 Resolves CVE-2025-68664 Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
diff --git a/framework/fel/python/requirements.txt b/framework/fel/python/requirements.txt
@@ -1,4 +1,4 @@
 llama-index==0.12.46
-langchain-core==0.3.68
+langchain-core==0.3.81
 langchain_community==0.3.27
-langchain-openai==0.3.28
+langchain-openai==0.3.28
