Skip to content

Commit fd61e38

Browse files
bhupendra-vaishnavgauravsaini04
bhupendra-vaishnav
and
gauravsaini04
authored
[anaconda] Python (Pip) Security Update for pyarrow (GHSA-5wvp-7f3h-6wmm) (#893)
* Updated pyarrow package to fix GHSA-5wvp-7f3h-6wmm * Updated pyarrow package to fix GHSA-5wvp-7f3h-6wmm * [Anaconda] Address GHSA-q3qx-c6g2-7pw2 vulnerability (#889) * [Anaconda] Update aiohttp due to GHSA-gfw2-4jvh-wgfg:aiohttp * [anaconda] Address GHSA-q3qx-c6g2-7pw2 vulnerability * Update Dockerfile * Updated pyarrow package to fix GHSA-5wvp-7f3h-6wmm * Updated pyarrow package to fix GHSA-5wvp-7f3h-6wmm * removed package-lock.json as its not require --------- Co-authored-by: gauravsaini04 <147703805+gauravsaini04@users.noreply.github.com>
1 parent 5f83f06 commit fd61e38

File tree

2 files changed

+5
-1
lines changed

2 files changed

+5
-1
lines changed

src/anaconda/.devcontainer/Dockerfile

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -29,7 +29,9 @@ RUN python3 -m pip install --upgrade \
2929
# https://github.com/advisories/GHSA-qppv-j76h-2rpx
3030
tornado==6.3.3 \
3131
# https://github.com/advisories/GHSA-r726-vmfq-j9j3
32-
jupyter_server==2.7.2
32+
jupyter_server==2.7.2 \
33+
# https://github.com/advisories/GHSA-5wvp-7f3h-6wmm
34+
pyarrow==14.0.1
3335

3436
# Reset and copy updated files with updated privs to keep image size down
3537
FROM mcr.microsoft.com/devcontainers/base:1-bullseye

src/anaconda/test-project/test.sh

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -46,6 +46,7 @@ checkPythonPackageVersion "mpmath" "1.3.0"
4646
checkPythonPackageVersion "aiohttp" "3.9.0"
4747
checkPythonPackageVersion "jupyter_server" "2.7.2"
4848
checkPythonPackageVersion "tornado" "6.3.3"
49+
checkPythonPackageVersion "pyarrow" "14.0.1"
4950

5051
checkCondaPackageVersion "pyopenssl" "23.2.0"
5152
checkCondaPackageVersion "cryptography" "41.0.3"
@@ -55,6 +56,7 @@ checkCondaPackageVersion "mpmath" "1.3.0"
5556
checkCondaPackageVersion "aiohttp" "3.9.0"
5657
checkCondaPackageVersion "pillow" "10.0.1"
5758
checkCondaPackageVersion "urllib3" "1.26.17"
59+
checkCondaPackageVersion "pyarrow" "14.0.1"
5860

5961
check "conda-update-conda" bash -c "conda update -y conda"
6062
check "conda-install-tensorflow" bash -c "conda create --name test-env -c conda-forge --yes tensorflow"

0 commit comments

Comments
 (0)