From ae4ef3b267ffbe7b4b59b95c3149d12eab0e9fd1 Mon Sep 17 00:00:00 2001
From: Glenn Jocher <glenn.jocher@ultralytics.com>
Date: Sun, 7 Apr 2024 00:46:25 +0200
Subject: [PATCH] [Snyk] Security upgrade pillow from 9.5.0 to 10.3.0 (#12868)

* fix: requirements.txt to reduce vulnerabilities


The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6514866

* Update requirements.txt

Signed-off-by: Glenn Jocher <glenn.jocher@ultralytics.com>

---------

Signed-off-by: Glenn Jocher <glenn.jocher@ultralytics.com>
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
---
 requirements.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/requirements.txt b/requirements.txt
index 7e25a9a4914c..3892abe07308 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -6,7 +6,7 @@ gitpython>=3.1.30
 matplotlib>=3.3
 numpy>=1.23.5
 opencv-python>=4.1.1
-Pillow>=9.4.0
+pillow>=10.3.0
 psutil  # system resources
 PyYAML>=5.3.1
 requests>=2.23.0