From e90f2bee2537d1a9bbcb6a1a14b33965c1b3cf0f Mon Sep 17 00:00:00 2001 From: gauravsaini04 <147703805+gauravsaini04@users.noreply.github.com> Date: Wed, 17 Jan 2024 01:02:41 +0530 Subject: [PATCH] [Miniconda] Address cryptography - GHSA-jfhm-5ghh-2f97 vulnerability (#918) --- src/miniconda/.devcontainer/Dockerfile | 4 ++++ src/miniconda/test-project/test.sh | 4 ++-- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/src/miniconda/.devcontainer/Dockerfile b/src/miniconda/.devcontainer/Dockerfile index fa697aba0..dc6f69d61 100644 --- a/src/miniconda/.devcontainer/Dockerfile +++ b/src/miniconda/.devcontainer/Dockerfile @@ -6,6 +6,10 @@ FROM continuumio/miniconda3 as upstream # https://github.com/advisories/ # = +RUN conda install \ + # https://github.com/advisories/GHSA-jfhm-5ghh-2f97 + cryptography==41.0.7 + # Reset and copy updated files with updated privs to keep image size down FROM mcr.microsoft.com/devcontainers/base:1-bullseye diff --git a/src/miniconda/test-project/test.sh b/src/miniconda/test-project/test.sh index 1640204a1..7358bcfca 100755 --- a/src/miniconda/test-project/test.sh +++ b/src/miniconda/test-project/test.sh @@ -18,11 +18,11 @@ check "gitconfig-contains-name" sh -c "cat /etc/gitconfig | grep 'name = devcont check "usr-local-etc-config-does-not-exist" test ! -f "/usr/local/etc/gitconfig" -checkPythonPackageVersion "cryptography" "41.0.3" +checkPythonPackageVersion "cryptography" "41.0.7" checkPythonPackageVersion "setuptools" "65.5.1" checkPythonPackageVersion "wheel" "0.38.1" -checkCondaPackageVersion "cryptography" "41.0.3" +checkCondaPackageVersion "cryptography" "41.0.7" checkCondaPackageVersion "pyopenssl" "23.2.0" checkCondaPackageVersion "setuptools" "65.5.1" checkCondaPackageVersion "wheel" "0.38.1"