[Anaconda] - aiohttp - GHSA-jwhx-xcg6-8xhj - apply security patch (devcontainers#1163)

gauravsaini04 · web-flow · commit ad358cf6f243 · 2024-08-16T16:14:35.000-07:00
diff --git a/src/anaconda/.devcontainer/apply_security_patches.sh b/src/anaconda/.devcontainer/apply_security_patches.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-vulnerable_packages=( "pydantic=2.5.3" "joblib=1.3.1" "mistune=3.0.1" "werkzeug=3.0.3" "transformers=4.36.0" "pillow=10.3.0" "aiohttp=3.9.4" \
+vulnerable_packages=( "pydantic=2.5.3" "joblib=1.3.1" "mistune=3.0.1" "werkzeug=3.0.3" "transformers=4.36.0" "pillow=10.3.0" "aiohttp=3.10.2" \
           "cryptography=42.0.4" "gitpython=3.1.41"  "jupyter-lsp=2.2.2" "idna=3.7" "jinja2=3.1.4" "scrapy=2.11.2" "black=24.4.2" "requests=2.32.2" "jupyter_server=2.14.1" "tornado=6.4.1" "tqdm=4.66.4" "urllib3=2.2.2" "scikit-learn=1.5.0" "zipp=3.19.1" )
 
 # Define the number of rows (based on the length of vulnerable_packages)
diff --git a/src/anaconda/test-project/test.sh b/src/anaconda/test-project/test.sh
@@ -41,7 +41,7 @@ checkPythonPackageVersion "certifi" "2022.12.07"
 checkPythonPackageVersion "cryptography" "42.0.4"
 checkPythonPackageVersion "transformers" "4.36.0"
 checkPythonPackageVersion "mpmath" "1.3.0"
-checkPythonPackageVersion "aiohttp" "3.9.4"
+checkPythonPackageVersion "aiohttp" "3.10.2"
 checkPythonPackageVersion "tornado" "6.4.1"
 checkPythonPackageVersion "jupyter_server" "2.14.1"
 checkPythonPackageVersion "pyarrow" "14.0.1"
