oeqa/maturin/guessing-game: Bump dependencies to avoid security warning

The Cargo.toml lock for guessing-game, used to test maturin has a minor security
advisory which keeps tripping up github's automated security analysis, "PyO3
Risk of buffer overflow in `PyString::from_object`".

Bump the minimum version requirement for pyo3 to avoid this warning even if it
isn't anything critical and just automated tests.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

diff --git a/meta/lib/oeqa/files/maturin/guessing-game/Cargo.toml b/meta/lib/oeqa/files/maturin/guessing-game/Cargo.toml
index de95025e8631554b4371a28070e4e920ab156ca6..a78ada2593dd98d8156adf8373fedcb7a91035b4 100644 (file)
--- a/meta/lib/oeqa/files/maturin/guessing-game/Cargo.toml
+++ b/meta/lib/oeqa/files/maturin/guessing-game/Cargo.toml
@@ -14,7 +14,7 @@ crate-type = ["cdylib"]
 rand = "0.8.4"
 
 [dependencies.pyo3]
-version = "0.19.0"
+version = "0.24.1"
 # "abi3-py38" tells pyo3 (and maturin) to build using the stable ABI with minimum Python version 3.8
 features = ["abi3-py38"]