diff --git a/requirements/edx-sandbox/base.txt b/requirements/edx-sandbox/base.txt
index cacabc1577..92bc1375fc 100644
--- a/requirements/edx-sandbox/base.txt
+++ b/requirements/edx-sandbox/base.txt
@@ -6,7 +6,7 @@
 #
 common/lib/sandbox-packages
 common/lib/symmath
-asn1crypto==1.0.0
+asn1crypto==1.0.1
 backports.functools-lru-cache==1.5  # via matplotlib
 git+https://github.com/edx/openedx-calc.git@e9b698c85ad1152002bc0868f475f153dce88952#egg=calc==0.4
 cffi==1.12.3
@@ -25,7 +25,7 @@ numpy==1.7.2
 pycparser==2.19
 pyparsing==2.2.0
 python-dateutil==2.8.0    # via matplotlib
-pytz==2019.2              # via matplotlib
+pytz==2019.3              # via matplotlib
 scipy==0.14.0
 singledispatch==3.4.0.3
 six==1.12.0
@@ -33,4 +33,4 @@ subprocess32==3.5.4       # via matplotlib
 sympy==0.7.1
 
 # The following packages are considered to be unsafe in a requirements file:
-# setuptools==41.2.0        # via kiwisolver
+# setuptools==41.4.0        # via kiwisolver
diff --git a/requirements/edx-sandbox/shared.txt b/requirements/edx-sandbox/shared.txt
index 333911124d..5e238e97a9 100644
--- a/requirements/edx-sandbox/shared.txt
+++ b/requirements/edx-sandbox/shared.txt
@@ -4,7 +4,7 @@
 #
 #    make upgrade
 #
-asn1crypto==1.0.0         # via cryptography
+asn1crypto==1.0.1         # via cryptography
 cffi==1.12.3              # via cryptography
 cryptography==2.7
 enum34==1.1.6             # via cryptography
diff --git a/requirements/edx/base.txt b/requirements/edx/base.txt
index 90ecca9ef6..45deff910e 100644
--- a/requirements/edx/base.txt
+++ b/requirements/edx/base.txt
@@ -25,11 +25,11 @@ aniso8601==8.0.0          # via tincan
 anyjson==0.3.3            # via kombu
 appdirs==1.4.3            # via fs
 argh==0.26.2
-asn1crypto==1.0.0
+asn1crypto==1.0.1
 attrs==17.4.0
 babel==1.3
 backports.functools-lru-cache==1.5  # via soupsieve
-beautifulsoup4==4.8.0     # via pynliner
+beautifulsoup4==4.8.1     # via pynliner
 billiard==3.3.0.23        # via celery
 bleach==2.1.4
 boto3==1.4.8
@@ -105,7 +105,7 @@ edx-django-oauth2-provider==1.3.5
 edx-django-release-util==0.3.1
 edx-django-sites-extensions==2.3.1
 edx-django-utils==2.0.0
-edx-drf-extensions==2.4.0
+edx-drf-extensions==2.4.1
 edx-enterprise==2.0.0
 edx-i18n-tools==0.4.8
 edx-milestones==0.2.3
@@ -142,7 +142,7 @@ inflection==0.3.1         # via drf-yasg
 ipaddress==1.0.22
 isodate==0.6.0            # via python3-saml
 itypes==1.1.0             # via coreapi
-jinja2==2.10.1            # via code-annotations, coreschema
+jinja2==2.10.3            # via code-annotations, coreschema
 jmespath==0.9.4           # via boto3, botocore
 jsondiff==1.1.1           # via edx-enterprise
 jsonfield==2.0.2
@@ -204,7 +204,7 @@ python-openid==2.2.5 ; python_version == "2.7"  # via social-auth-core
 python-slugify==3.0.4     # via code-annotations
 python-swiftclient==3.8.1
 python3-saml==1.5.0
-pytz==2019.2
+pytz==2019.3
 pyuca==1.1
 pyyaml==5.1.2
 recommender-xblock==1.4.4
@@ -258,4 +258,4 @@ xmlsec==1.3.3             # via python3-saml
 xss-utils==0.1.1
 
 # The following packages are considered to be unsafe in a requirements file:
-# setuptools==41.2.0        # via fs, lazy, python-levenshtein
+# setuptools==41.4.0        # via fs, lazy, python-levenshtein
diff --git a/requirements/edx/coverage.txt b/requirements/edx/coverage.txt
index 14337c8ebf..1520bc9911 100644
--- a/requirements/edx/coverage.txt
+++ b/requirements/edx/coverage.txt
@@ -8,7 +8,7 @@ coverage==5.0a6
 diff-cover==0.9.8
 inflect==2.1.0            # via jinja2-pluralize
 jinja2-pluralize==0.3.0   # via diff-cover
-jinja2==2.10.1            # via diff-cover, jinja2-pluralize
+jinja2==2.10.3            # via diff-cover, jinja2-pluralize
 markupsafe==1.1.1         # via jinja2
 pygments==2.4.2           # via diff-cover
 six==1.12.0               # via diff-cover
diff --git a/requirements/edx/development.txt b/requirements/edx/development.txt
index 339396305b..c8b20a77e7 100644
--- a/requirements/edx/development.txt
+++ b/requirements/edx/development.txt
@@ -28,7 +28,7 @@ apipkg==1.5
 appdirs==1.4.3
 argh==0.26.2
 argparse==1.4.0
-asn1crypto==1.0.0
+asn1crypto==1.0.1
 astroid==1.5.3
 atomicwrites==1.3.0
 attrs==17.4.0
@@ -38,7 +38,7 @@ backports.functools-lru-cache==1.5
 backports.ssl-match-hostname==3.7.0.1
 backports.tempfile==1.0
 backports.weakref==1.0.post1
-beautifulsoup4==4.8.0
+beautifulsoup4==4.8.1
 billiard==3.3.0.23
 bleach==2.1.4
 bok-choy==1.0.0
@@ -57,7 +57,7 @@ click-log==0.3.2
 click==7.0
 code-annotations==0.3.2
 colorama==0.4.1
-commonmark==0.9.0         # via recommonmark
+commonmark==0.9.1         # via recommonmark
 configparser==4.0.2
 contextlib2==0.6.0
 cookies==2.2.1
@@ -128,7 +128,7 @@ edx-django-oauth2-provider==1.3.5
 edx-django-release-util==0.3.1
 edx-django-sites-extensions==2.3.1
 edx-django-utils==2.0.0
-edx-drf-extensions==2.4.0
+edx-drf-extensions==2.4.1
 edx-enterprise==2.0.0
 edx-i18n-tools==0.4.8
 edx-lint==1.3.0
@@ -183,7 +183,7 @@ isodate==0.6.0
 isort==4.3.21
 itypes==1.1.0
 jinja2-pluralize==0.3.0
-jinja2==2.10.1
+jinja2==2.10.3
 jmespath==0.9.4
 jsondiff==1.1.1
 jsonfield==2.0.2
@@ -275,7 +275,7 @@ python-openid==2.2.5 ; python_version == "2.7"
 python-slugify==3.0.4
 python-swiftclient==3.8.1
 python3-saml==1.5.0
-pytz==2019.2
+pytz==2019.3
 pyuca==1.1
 pyyaml==5.1.2
 radon==4.0.0
@@ -349,4 +349,4 @@ xss-utils==0.1.1
 zipp==0.6.0
 
 # The following packages are considered to be unsafe in a requirements file:
-# setuptools==41.2.0        # via caniusepython3, fs, lazy, pytest, python-levenshtein, sphinx
+# setuptools==41.4.0        # via caniusepython3, fs, lazy, pytest, python-levenshtein, sphinx
diff --git a/requirements/edx/paver.txt b/requirements/edx/paver.txt
index cd993d3150..62ab2d9775 100644
--- a/requirements/edx/paver.txt
+++ b/requirements/edx/paver.txt
@@ -30,4 +30,4 @@ watchdog==0.9.0
 wrapt==1.10.5
 
 # The following packages are considered to be unsafe in a requirements file:
-# setuptools==41.2.0        # via lazy
+# setuptools==41.4.0        # via lazy
diff --git a/requirements/edx/testing.txt b/requirements/edx/testing.txt
index bfe1c1ee5d..1672a291c5 100644
--- a/requirements/edx/testing.txt
+++ b/requirements/edx/testing.txt
@@ -27,7 +27,7 @@ apipkg==1.5               # via execnet
 appdirs==1.4.3
 argh==0.26.2
 argparse==1.4.0           # via caniusepython3
-asn1crypto==1.0.0
+asn1crypto==1.0.1
 astroid==1.5.3            # via pylint, pylint-celery
 atomicwrites==1.3.0       # via pytest
 attrs==17.4.0
@@ -37,7 +37,7 @@ backports.functools-lru-cache==1.5
 backports.ssl-match-hostname==3.7.0.1  # via docker
 backports.tempfile==1.0   # via moto
 backports.weakref==1.0.post1  # via backports.tempfile
-beautifulsoup4==4.8.0
+beautifulsoup4==4.8.1
 billiard==3.3.0.23
 bleach==2.1.4
 bok-choy==1.0.0
@@ -124,7 +124,7 @@ edx-django-oauth2-provider==1.3.5
 edx-django-release-util==0.3.1
 edx-django-sites-extensions==2.3.1
 edx-django-utils==2.0.0
-edx-drf-extensions==2.4.0
+edx-drf-extensions==2.4.1
 edx-enterprise==2.0.0
 edx-i18n-tools==0.4.8
 edx-lint==1.3.0
@@ -177,7 +177,7 @@ isodate==0.6.0
 isort==4.3.21
 itypes==1.1.0
 jinja2-pluralize==0.3.0
-jinja2==2.10.1
+jinja2==2.10.3
 jmespath==0.9.4
 jsondiff==1.1.1
 jsonfield==2.0.2
@@ -266,7 +266,7 @@ python-openid==2.2.5 ; python_version == "2.7"
 python-slugify==3.0.4
 python-swiftclient==3.8.1
 python3-saml==1.5.0
-pytz==2019.2
+pytz==2019.3
 pyuca==1.1
 pyyaml==5.1.2
 radon==4.0.0
@@ -335,4 +335,4 @@ xss-utils==0.1.1
 zipp==0.6.0               # via importlib-metadata
 
 # The following packages are considered to be unsafe in a requirements file:
-# setuptools==41.2.0        # via caniusepython3, fs, lazy, pytest, python-levenshtein
+# setuptools==41.4.0        # via caniusepython3, fs, lazy, pytest, python-levenshtein