[Miniconda] Address cryptography - GHSA-jfhm-5ghh-2f97 vulnerability (#…

…918)
devcontainers · Jan 16, 2024 · e90f2be · e90f2be
1 parent af848a7
commit e90f2be
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 2 deletions.
diff --git a/src/miniconda/.devcontainer/Dockerfile b/src/miniconda/.devcontainer/Dockerfile
@@ -6,6 +6,10 @@ FROM continuumio/miniconda3 as upstream
  # https://github.com/advisories/<CVE_ID>
  # <package_name> = <version>
 
+RUN conda install \
+ # https://github.com/advisories/GHSA-jfhm-5ghh-2f97
+ cryptography==41.0.7
+
 # Reset and copy updated files with updated privs to keep image size down
 FROM mcr.microsoft.com/devcontainers/base:1-bullseye
 

diff --git a/src/miniconda/test-project/test.sh b/src/miniconda/test-project/test.sh
@@ -18,11 +18,11 @@ check "gitconfig-contains-name" sh -c "cat /etc/gitconfig | grep 'name = devcont
 
 check "usr-local-etc-config-does-not-exist" test ! -f "/usr/local/etc/gitconfig"
 
-checkPythonPackageVersion "cryptography" "41.0.3"
+checkPythonPackageVersion "cryptography" "41.0.7"
 checkPythonPackageVersion "setuptools" "65.5.1"
 checkPythonPackageVersion "wheel" "0.38.1"
 
-checkCondaPackageVersion "cryptography" "41.0.3"
+checkCondaPackageVersion "cryptography" "41.0.7"
 checkCondaPackageVersion "pyopenssl" "23.2.0"
 checkCondaPackageVersion "setuptools" "65.5.1"
 checkCondaPackageVersion "wheel" "0.38.1"