From 31f69a846c96bda5fa021c797f05981aac2d6be3 Mon Sep 17 00:00:00 2001
From: Trey Valenta <t@trey.net>
Date: Thu, 24 Aug 2023 16:02:03 -0700
Subject: [PATCH] Avoid GitPython CVE-2023-40267 The previous fix for
 CVE-2022-24439 was incomplete.

https://github.com/advisories/GHSA-pr76-5cm5-w9cj
---
 requirements.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/requirements.txt b/requirements.txt
index 3db71252d..361366cae 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,7 +1,7 @@
 # The order of packages is significant, because pip processes them in the order
 # of appearance. Changing the order has an impact on the overall integration
 # process, which may cause wedges in the gate later.
-GitPython>=3.1.30 # BSD License (3 clause)
+GitPython>=3.1.32 # BSD License (3 clause)
 PyYAML>=5.3.1 # MIT
 stevedore>=1.20.0 # Apache-2.0
 colorama>=0.3.9;platform_system=="Windows" # BSD License (3 clause)