Aws-cli: Please port to a newer version of PyYAML

The PR for this is already approved and waiting for merge.
https://github.com/aws/aws-cli/pull/4015#issuecomment-480319733

It is taking quite some time though :)

Thanks. I'll look into cherry-picking the patch for openSUSE later today then.

@glaubitz - Thanks for your post. I have updated our internal collaboration on this issue. We are tracking this work under #3660 and #2290. To avoid duplicate efforts I'm closing this issue.

@justnance neither of those issues are relevant to allowing a newer pyyaml, could you please reopen this and/or review the patch in #4015?

The currently used [email protected] contains a Arbitrary Code Execution issue. Check https://app.snyk.io/vuln/SNYK-PYTHON-PYYAML-42159 and https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18342 for more information. (Just as reference for the duplicate issue I added here: #4193).

UP, UP, UP. please!!!

@asottile - Thanks for referencing #4015 and commenting in merged PR #4231. I'm looking into confirming this issue is resolve before closing. thanks.

For 5.1 this is done, but now there's a 5.1.1

After the last snub in my previous PR I'm not really inclined to try and fix this one

@asottile - Thanks again for the feedback. I've confirmed the behavior with PyYAML 5.1.1 under #4350 and labeled this issue as enhancement. We are working on getting fixed under PR #4355.

related to: #4350 #4243

The version range has been updated, closing this out.