From 9cd874c3def42a7142b78697cdc2032bc43bf906 Mon Sep 17 00:00:00 2001
From: Dan King <daniel.zidan.king@gmail.com>
Date: Thu, 7 Sep 2023 01:20:57 -0400
Subject: [PATCH] [security] update scipy pin to 1.11.1 (#13571)

Supersedes https://github.com/hail-is/hail/pull/13228 . Resolves
[CVE-2023-25399](https://nvd.nist.gov/vuln/detail/CVE-2023-25399).
---
 hail/python/pinned-requirements.txt | 2 +-
 hail/python/requirements.txt        | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/hail/python/pinned-requirements.txt b/hail/python/pinned-requirements.txt
index de9bed19adf..c2da73a402f 100644
--- a/hail/python/pinned-requirements.txt
+++ b/hail/python/pinned-requirements.txt
@@ -322,7 +322,7 @@ s3transfer==0.6.2
     # via
     #   -c hail/hail/python/hailtop/pinned-requirements.txt
     #   boto3
-scipy==1.9.3
+scipy==1.11.2
     # via -r hail/hail/python/requirements.txt
 six==1.16.0
     # via
diff --git a/hail/python/requirements.txt b/hail/python/requirements.txt
index 71be0275ec4..35f4a3edfcf 100644
--- a/hail/python/requirements.txt
+++ b/hail/python/requirements.txt
@@ -14,4 +14,4 @@ plotly>=5.5.0,<6
 protobuf==3.20.2
 pyspark>=3.3.0,<3.4
 requests>=2.25.1,<3
-scipy>1.2,<1.10
+scipy>1.2,<1.12