Issue:
Currently the lxml version 4.6.5 is used for e2e tests.
This version is part of the CVE-2022-2309 for all versions below 4.9.1, which could lead to a denial of service attack.
Solution:
Update lxml to 4.9.2
Designs
Child items
...
Show closed items
Linked items
0
Link issues together to show that they're related or that one is blocking others.
Learn more.
There is currently no security issue with pytest<7.
I just wanted to update both, because Jan has tested it, but then decided to just create a merge request for lmxl.
From my point of view, there is no need to update pytest right now.