From 7363edb05f2d7734589958cc01bb358b9d09f401 Mon Sep 17 00:00:00 2001
From: Randy Forbes <randy.forbes@gmail.com>
Date: Sat, 7 Oct 2023 19:59:59 +0000
Subject: [PATCH] Resolved CVE-2023-32681

---
 CHANGELOG.MD   | 6 ++++++
 poetry.lock    | 2 +-
 pyproject.toml | 2 +-
 3 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG.MD b/CHANGELOG.MD
index 83ea7c3f..c7c67e3e 100644
--- a/CHANGELOG.MD
+++ b/CHANGELOG.MD
@@ -15,6 +15,12 @@
 - `Security` in case of vulnerabilities.
 
 # Version History
+## v1.3.1 (Draft)
+
+Date: TBD
+
+### Security
+Set minimum requirement for [requests](https://pypi.org/project/requests/) to 2.31 per [CVE-2023-32681](https://www.cve.org/CVERecord?id=CVE-2023-32681) / [CWE-200](https://cwe.mitre.org/data/definitions/200.html) 
 
 ## v1.3.0
 
diff --git a/poetry.lock b/poetry.lock
index 10bb7009..ab8e4970 100644
--- a/poetry.lock
+++ b/poetry.lock
@@ -430,4 +430,4 @@ socks = ["PySocks (>=1.5.6,!=1.5.7,<2.0)"]
 [metadata]
 lock-version = "2.0"
 python-versions = "^3.8"
-content-hash = "b4badcb5d51ac7ca00704fbdd6345e6a5096c0301ac851a2eba21a490d56c868"
+content-hash = "62dd3d4d0c381c975d08b3bface5903c21af8811a7bdfdf5b4f370d1ac0b5d52"
diff --git a/pyproject.toml b/pyproject.toml
index e332efef..9c9bcde2 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -28,7 +28,7 @@ classifiers = [
 
 [tool.poetry.dependencies]
 python = "^3.8"
-requests = "*"
+requests = "^2.31"
 numpy = "^1.22.2"
 
 [tool.poetry.urls]