miniconda-cryptography-update_for_security_patch_GHSA-6vqw-3v5j-54x4 (#…

…976) * miniconda-cryptography-update_for_security_patch_GHSA-6vqw-3v5j-54x4 * changes as requested * misc change
devcontainers · Feb 28, 2024 · f5a7c1d · f5a7c1d
1 parent e22b5bc
commit f5a7c1d
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 8 deletions.
diff --git a/src/miniconda/.devcontainer/Dockerfile b/src/miniconda/.devcontainer/Dockerfile
@@ -6,13 +6,11 @@ FROM continuumio/miniconda3 as upstream
     # https://github.com/advisories/<CVE_ID>
     # <package_name> = <version>
 
-RUN conda install \
-    # https://github.com/advisories/GHSA-3ww4-gg4f-jr7f
-    cryptography==42.0.2
-
 RUN python3 -m pip install --upgrade \
-    # installed for compatibility with cryptography v42.0.2
-    pyopenssl==24.0.0
+    # https://github.com/advisories/GHSA-6vqw-3v5j-54x4
+    cryptography==42.0.4 \
+    # installed for compatibility with cryptography v42.0.4
+    pyopenssl==24.0.0 
 
 # Reset and copy updated files with updated privs to keep image size down
 FROM mcr.microsoft.com/devcontainers/base:1-bullseye

diff --git a/src/miniconda/test-project/test.sh b/src/miniconda/test-project/test.sh
@@ -18,11 +18,11 @@ check "gitconfig-contains-name" sh -c "cat /etc/gitconfig | grep 'name = devcont
 
 check "usr-local-etc-config-does-not-exist" test ! -f "/usr/local/etc/gitconfig"
 
-checkPythonPackageVersion "cryptography" "42.0.2"
+checkPythonPackageVersion "cryptography" "42.0.4"
 checkPythonPackageVersion "setuptools" "65.5.1"
 checkPythonPackageVersion "wheel" "0.38.1"
 
-checkCondaPackageVersion "cryptography" "42.0.2"
+checkCondaPackageVersion "cryptography" "42.0.4"
 checkCondaPackageVersion "pyopenssl" "24.0.0"
 checkCondaPackageVersion "setuptools" "65.5.1"
 checkCondaPackageVersion "wheel" "0.38.1"