From 2645c82ae2e3f4e7a69c16d8efd262e888cebcf9 Mon Sep 17 00:00:00 2001
From: Raj Shah <rajiv.shah@reddit.com>
Date: Mon, 22 Apr 2019 17:35:10 -0700
Subject: [PATCH 1/2] Upgrade urllib3 to >= 1.24.2

urllib3 versions < 1.24.2 have a security vulnerability:

https://nvd.nist.gov/vuln/detail/CVE-2019-11324
---
 requirements-to-freeze.txt | 3 ++-
 requirements.txt           | 2 +-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/requirements-to-freeze.txt b/requirements-to-freeze.txt
index bb5ee1e3..80c64b2e 100644
--- a/requirements-to-freeze.txt
+++ b/requirements-to-freeze.txt
@@ -29,4 +29,5 @@ requests>=2.20.0
 # something else, and there's a security vulnerability in the version that it
 # pulls in.  For more info:
 #   https://nvd.nist.gov/vuln/detail/CVE-2018-20060
-urllib3>=1.23
+#   https://nvd.nist.gov/vuln/detail/CVE-2019-11324
+urllib3>=1.24.2,<1.25
diff --git a/requirements.txt b/requirements.txt
index c5b1af44..c15ae3ee 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -26,5 +26,5 @@ requests-toolbelt==0.8.0
 six==1.10.0
 tqdm==4.22.0
 twine==1.13.0
-urllib3==1.24.1
+urllib3==1.24.2
 webencodings==0.5.1

From 1e8293084b1779e36a999f93c9bec621850204d5 Mon Sep 17 00:00:00 2001
From: Raj Shah <rajiv.shah@reddit.com>
Date: Mon, 22 Apr 2019 17:37:22 -0700
Subject: [PATCH 2/2] Bump version number

---
 pottery/__init__.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pottery/__init__.py b/pottery/__init__.py
index ba70e4f6..c35df164 100644
--- a/pottery/__init__.py
+++ b/pottery/__init__.py
@@ -14,7 +14,7 @@
 
 
 __title__ = 'pottery'
-__version__ = '0.60'
+__version__ = '0.61'
 __description__, __long_description__ = (
     s.strip() for s in __doc__.split(sep='\n\n', maxsplit=1)
 )