From 3e94038aba128af81fe55df3cf93d1e5f5195c1d Mon Sep 17 00:00:00 2001
From: James Gu <jgu@suse.com>
Date: Wed, 7 Mar 2018 13:53:02 -0800
Subject: [PATCH] Update supervisor version lower bound

Supervisor has XML-RPC security vulenalbility. Upgrade to 3.3.3.
Refer to https://nvd.nist.gov/vuln/detail/CVE-2017-11610.

Story: 2001648
Task: 6667

Change-Id: I1f0e2c3436a0bbeeaf8beebcf15b066de5df7c90
---
 requirements.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/requirements.txt b/requirements.txt
index a1a0726a..979584c3 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -20,7 +20,7 @@ python-keystoneclient>=3.8.0 # Apache-2.0
 redis>=2.10.0 # MIT
 six>=1.10.0 # MIT
 stevedore>=1.20.0 # Apache-2.0
-supervisor>=3.1.3,<3.4 # BSD-derived
+supervisor>=3.3.3,<3.4 # BSD-derived
 tornado>=4.5.3 # Apache-2.0
 futures>=3.0.0;python_version=='2.7' or python_version=='2.6' # BSD
 # NOTE(sdague): before allowing in >= 0.21 please be sure