From 2def5a7ff15b56fd3303553b7e832561c37d6b8f Mon Sep 17 00:00:00 2001
From: Yunchu Lee <yunchu.lee@intel.com>
Date: Thu, 24 Oct 2024 10:48:30 +0900
Subject: [PATCH] bump onnx to 1.17.0 to omit CVE-2024-5187

---
 pyproject.toml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pyproject.toml b/pyproject.toml
index 5e921cbe01..cd34deb8fb 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -84,7 +84,7 @@ xpu = [
     "openvino==2024.3",
     "openvino-dev==2024.3",
     "openvino-model-api==0.2.5",
-    "onnx==1.16.2",
+    "onnx==1.17.0",
     "onnxconverter-common==1.14.0",
     "nncf==2.12.0",
     "anomalib[core]==1.1.0",
@@ -98,7 +98,7 @@ base = [
     "openvino==2024.3",
     "openvino-dev==2024.3",
     "openvino-model-api==0.2.5",
-    "onnx==1.16.2",
+    "onnx==1.17.0",
     "onnxconverter-common==1.14.0",
     "nncf==2.12.0",
     "anomalib[core]==1.1.0",