From 0b889196bb314a0803c4089fe102eacacabb118b Mon Sep 17 00:00:00 2001
From: Erick Daniszewski <edaniszewski@gmail.com>
Date: Mon, 14 Jan 2019 10:06:58 -0500
Subject: [PATCH] update dependency for vulnerability CVE-2017-18342

---
 requirements.txt | 2 +-
 setup.py         | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/requirements.txt b/requirements.txt
index ae82f54..c53e0a0 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -4,4 +4,4 @@
 #
 #    pip-compile --output-file requirements.txt setup.py
 #
-pyyaml==3.13
+pyyaml==4.2b4
diff --git a/setup.py b/setup.py
index 6f905cd..227e3fc 100644
--- a/setup.py
+++ b/setup.py
@@ -32,7 +32,7 @@ setup(
     include_package_data=True,
     python_requires=">=3.4",
     install_requires=[
-        'pyyaml'
+        'pyyaml>=4.2b1'
     ],
     zip_safe=False,
     classifiers=[