From fe8f30e791b7d7189b4f5d2d29513dd057e5c051 Mon Sep 17 00:00:00 2001 From: Gaurav Saini <147703805+gauravsaini04@users.noreply.github.com> Date: Fri, 3 May 2024 05:23:22 +0530 Subject: [PATCH] [Miniconda] - idna - GHSA-jjg7-2v4v-x38h security patch for vulnerability (#1047) --- src/miniconda/.devcontainer/Dockerfile | 8 ++++---- src/miniconda/test-project/test.sh | 1 + 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/src/miniconda/.devcontainer/Dockerfile b/src/miniconda/.devcontainer/Dockerfile index 633dbadca..83b6389bd 100644 --- a/src/miniconda/.devcontainer/Dockerfile +++ b/src/miniconda/.devcontainer/Dockerfile @@ -2,15 +2,15 @@ FROM continuumio/miniconda3 as upstream # Temporary: Upgrade python packages due to mentioned CVEs # They are installed by the base image (continuumio/miniconda3) which does not have the patch. -# RUN conda install \ - # https://github.com/advisories/ - # = +RUN conda install \ + # https://github.com/advisories/GHSA-jjg7-2v4v-x38h + idna==3.7 RUN python3 -m pip install --upgrade \ # https://github.com/advisories/GHSA-6vqw-3v5j-54x4 cryptography==42.0.4 \ # installed for compatibility with cryptography v42.0.4 - pyopenssl==24.0.0 + pyopenssl==24.0.0 # Reset and copy updated files with updated privs to keep image size down FROM mcr.microsoft.com/devcontainers/base:1-bullseye diff --git a/src/miniconda/test-project/test.sh b/src/miniconda/test-project/test.sh index 24563e213..c8a50b341 100755 --- a/src/miniconda/test-project/test.sh +++ b/src/miniconda/test-project/test.sh @@ -28,6 +28,7 @@ checkCondaPackageVersion "setuptools" "65.5.1" checkCondaPackageVersion "wheel" "0.38.1" checkCondaPackageVersion "requests" "2.31.0" checkCondaPackageVersion "urllib3" "1.26.17" +checkCondaPackageVersion "idna" "3.7" check "conda-update-conda" bash -c "conda update -y conda" check "conda-install-tensorflow" bash -c "conda create --name test-env -c conda-forge --yes tensorflow"