exclude vulnerable scapy 2.6.1?

andgineer · andgineer · commit d289388a8b7a · 2025-11-27T06:19:29.000+01:00
diff --git a/requirements.dev.txt b/requirements.dev.txt
@@ -172,7 +172,7 @@ pycparser==2.23
     # via
     #   -r requirements.txt
     #   cffi
-pydantic==2.12.4
+pydantic==2.12.5
     # via -r requirements.txt
 pydantic-core==2.41.5
     # via
@@ -228,7 +228,7 @@ rsa==4.9.1
     #   -r requirements.txt
     #   google-auth
     #   oauth2client
-scapy==2.6.1
+scapy==2.6.0
     # via -r requirements.txt
 shellingham==1.5.4
     # via typer
diff --git a/requirements.in b/requirements.in
@@ -1,6 +1,7 @@
 # dependencies list to build requirements.txt with pip-compile (from pip-tools package)
 python-dateutil
-scapy
+# in scapy 2.6.1 found Arbitrary Code Execution via Untrusted Pickle Deserialization #32
+scapy!=2.6.1
 oauth2client
 google-api-python-client
 requests
diff --git a/requirements.txt b/requirements.txt
@@ -55,7 +55,7 @@ pyasn1-modules==0.4.2
     #   oauth2client
 pycparser==2.23
     # via cffi
-pydantic==2.12.4
+pydantic==2.12.5
     # via -r requirements.in
 pydantic-core==2.41.5
     # via pydantic
@@ -71,7 +71,7 @@ rsa==4.9.1
     # via
     #   google-auth
     #   oauth2client
-scapy==2.6.1
+scapy==2.6.0
     # via -r requirements.in
 six==1.17.0
     # via
