From 91ae81299c358f653992b2c9005c27cc57c53469 Mon Sep 17 00:00:00 2001 From: Alexander Smolyakov Date: Tue, 12 Sep 2023 16:01:23 +0400 Subject: [PATCH 1/2] Bump `cryptography` package version --- src/anaconda/.devcontainer/Dockerfile | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/anaconda/.devcontainer/Dockerfile b/src/anaconda/.devcontainer/Dockerfile index e06b2c8253..3d347e8eaa 100644 --- a/src/anaconda/.devcontainer/Dockerfile +++ b/src/anaconda/.devcontainer/Dockerfile @@ -6,9 +6,10 @@ RUN . /etc/os-release && if [ "${VERSION_CODENAME}" != "bullseye" ]; then exit 1 # Temporary: Upgrade python packages due to mentioned CVEs # They are installed by the base image (continuumio/anaconda3) which does not have the patch. RUN conda install \ - # https://github.com/advisories/GHSA-5cpq-8wj7-hf2v + # pyopenssl should be updated to be compatible with latest version of cryptography pyopenssl=23.2.0 \ - cryptography=41.0.2 \ + # https://github.com/advisories/GHSA-jm77-qphf-c4w8 + cryptography=41.0.3 \ # https://github.com/advisories/GHSA-j8r2-6x86-q33q requests=2.31.0 \ # https://github.com/advisories/GHSA-f865-m6cq-j9vx From 13e5f915d2dbe91287769c002e288aa8c340638f Mon Sep 17 00:00:00 2001 From: Alexander Smolyakov Date: Tue, 12 Sep 2023 16:01:35 +0400 Subject: [PATCH 2/2] Update tests --- src/anaconda/test-project/test.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/anaconda/test-project/test.sh b/src/anaconda/test-project/test.sh index d71302b228..ad1d5b1539 100755 --- a/src/anaconda/test-project/test.sh +++ b/src/anaconda/test-project/test.sh @@ -40,7 +40,7 @@ checkPythonPackageVersion "nbconvert" "6.5.1" checkPythonPackageVersion "werkzeug" "2.2.3" checkPythonPackageVersion "certifi" "2022.12.07" checkPythonPackageVersion "requests" "2.31.0" -checkPythonPackageVersion "cryptography" "41.0.2" +checkPythonPackageVersion "cryptography" "41.0.3" checkPythonPackageVersion "torch" "1.13.1" checkPythonPackageVersion "transformers" "4.30.0" checkPythonPackageVersion "mpmath" "1.3.0" @@ -51,7 +51,7 @@ tornado_version=$(python -c "import tornado; print(tornado.version)") check-version-ge "tornado-requirement" "${tornado_version}" "6.3.3" checkCondaPackageVersion "pyopenssl" "23.2.0" -checkCondaPackageVersion "cryptography" "41.0.2" +checkCondaPackageVersion "cryptography" "41.0.3" checkCondaPackageVersion "requests" "2.31.0" checkCondaPackageVersion "pygments" "2.15.1" checkCondaPackageVersion "mpmath" "1.3.0"