releaseintermediate
[Release] langchain-ai/langchain langchain-openai==1.1.14: langchain-openai==1.1.14
By github-actions[bot]github
View original on githublangchain-openai version 1.1.14 was released with a critical security fix for SSRF (Server-Side Request Forgery) vulnerabilities in image token counting. The release includes dependency updates for pytest, langsmith, and pillow libraries. This patch addresses potential security risks when processing images through the OpenAI integration.
Key Points
- •Security fix: Implemented SSRF-safe transport for image token counting to prevent Server-Side Request Forgery attacks
- •Upgraded pytest to version 9.0.3 for improved testing capabilities
- •Updated langsmith dependency from 0.6.3 to 0.7.31 in the OpenAI partner library
- •Bumped pillow image processing library from 12.1.1 to 12.2.0 for enhanced image handling
- •Patch release (1.1.14) indicates backward compatibility maintained with previous 1.1.x versions
- •Focus on security and dependency maintenance without breaking API changes
Found this useful? Add it to a playbook for a step-by-step implementation guide.
Workflow Diagram
Start Process
Step A
Step B
Step C
Complete