Could you help upgrade the vulnerble dependency in mapchete ?

[JoeGardner000]

Hi, @ungarj , I'd like to report a vulnerability issue in mapchete_2022.4.0.

Issue Description

I noticed that mapchete_2022.4.0 directly depends on rasterio_1.2.10.
However, rasterio_1.2.10 sufferes from the vulnerabilites which the C libraries exposed as following dependency graph shows.

Dependency Graph between Python and Shared Libraries

Suggested Vulnerability Patch Versions

rasterio has upgraded these vulnerable C libraries to patch versions refer to issue url.

Python build tools cannot report vulnerable C libraries, which may induce potential security issues to many downstream Python projects.
As a popular python package (mapchete has 7,993 downloads per month), could you please upgrade this vulnerable dependency?

Thanks for your help~
Best regards,
Joe Gardner

[ungarj]

Thanks @JoeGardner000, I'll update the rasterio dependency once version 1.3.0 is out!