From 358e85be8abb529303293630af0193799f2d02cf Mon Sep 17 00:00:00 2001
From: Kefu Chai <kchai@redhat.com>
Date: Sun, 20 Jan 2019 14:51:11 +0800
Subject: [PATCH] doc: bump up sphinx and pyyaml versions

* bump up pyyaml version to address CVE-2017-18342, see
  https://nvd.nist.gov/vuln/detail/CVE-2017-18342
* bump up sphinx to the latest stable

Signed-off-by: Kefu Chai <kchai@redhat.com>
---
 admin/doc-requirements.txt | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/admin/doc-requirements.txt b/admin/doc-requirements.txt
index 25c628aed98dc..9c16068fc0e89 100644
--- a/admin/doc-requirements.txt
+++ b/admin/doc-requirements.txt
@@ -1,4 +1,6 @@
-Sphinx == 1.6.3
+Sphinx == 1.8.3
 git+https://github.com/ceph/sphinx-ditaa.git@py3#egg=sphinx-ditaa
 git+https://github.com/michaeljones/breathe#egg=breathe
-pyyaml==3.13
+# 4.2 is not yet release at the time of writing, to address CVE-2017-18342,
+# we have to use its beta release.
+pyyaml>=4.2b1