From 76caef47e2e7f2ba7e24bcda044c94833a1c1f0c Mon Sep 17 00:00:00 2001
From: George Pollard <gpollard@microsoft.com>
Date: Tue, 11 Oct 2022 13:43:19 +1300
Subject: [PATCH] Python: Upgrade `rsa` dependency (#2470)

* Upgrade `rsa` dependency

* Adjust version to match Github advisory
---
 src/cli/requirements.txt | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/cli/requirements.txt b/src/cli/requirements.txt
index f3c29d1cf..fb07295dd 100644
--- a/src/cli/requirements.txt
+++ b/src/cli/requirements.txt
@@ -23,5 +23,7 @@ idna<3,>=2.10
 cryptography<3.4,>=3.3.2
 # PyJWT needs to be pinned to the version used by azure-cli-core
 PyJWT>=2.4.0
+# install rsa version >=4.7 to fix CVE-2020-25658
+rsa>=4.7
 # onefuzztypes version is set during build
-onefuzztypes==0.0.0
\ No newline at end of file
+onefuzztypes==0.0.0