[miniconda] - cryptography - GHSA-79v4-65xg-pq4g (devcontainers#1360)

Kaniska244 · web-flow · commit 9a1ee1ae7354 · 2025-03-28T10:24:24.000-05:00
* Miniconda vulnerability fix for GHSA-79v4-65xg-pq4g * Bump up minor version change for this vulnerability fix. * Correcting the test script to check cryptography package version.
diff --git a/src/miniconda/.devcontainer/apply_security_patches.sh b/src/miniconda/.devcontainer/apply_security_patches.sh
@@ -5,7 +5,7 @@
 
 # define array of packages for pinning to the patched versions
 # vulnerable_packages=( "package1=version1" "package2=version2" "package3=version3" )
-vulnerable_packages=()
+vulnerable_packages=( "cryptography=44.0.1" )
 
 # Define the number of rows (based on the length of vulnerable_packages)
 rows=${#vulnerable_packages[@]}
diff --git a/src/miniconda/manifest.json b/src/miniconda/manifest.json
@@ -1,5 +1,5 @@
 {
-	"version": "1.1.2",
+	"version": "1.1.3",
 	"build": {
 		"latest": true,
 		"rootDistro": "debian",
diff --git a/src/miniconda/test-project/test.sh b/src/miniconda/test-project/test.sh
@@ -18,12 +18,12 @@ check "gitconfig-contains-name" sh -c "cat /etc/gitconfig | grep 'name = devcont
 
 check "usr-local-etc-config-does-not-exist" test ! -f "/usr/local/etc/gitconfig"
 
-checkPythonPackageVersion "cryptography" "43.0.1"
+checkPythonPackageVersion "cryptography" "44.0.1"
 checkPythonPackageVersion "setuptools" "65.5.1"
 checkPythonPackageVersion "wheel" "0.38.1"
 checkPythonPackageVersion "urllib3" "2.2.2"
 
-checkCondaPackageVersion "cryptography" "43.0.1"
+checkCondaPackageVersion "cryptography" "44.0.1"
 checkCondaPackageVersion "setuptools" "65.5.1"
 checkCondaPackageVersion "wheel" "0.38.1"
 checkCondaPackageVersion "requests" "2.32.0"

Original file line number	Diff line number	Diff line change
`@@ -1,5 +1,5 @@`
`1`	`1`	`{`
`2`		`- "version": "1.1.2",`
	`2`	`+ "version": "1.1.3",`
`3`	`3`	`"build": {`
`4`	`4`	`"latest": true,`
`5`	`5`	`"rootDistro": "debian",`