diff --git a/src/anaconda/.devcontainer/apply_security_patches.sh b/src/anaconda/.devcontainer/apply_security_patches.sh index 6cf971f5d..f796dc846 100644 --- a/src/anaconda/.devcontainer/apply_security_patches.sh +++ b/src/anaconda/.devcontainer/apply_security_patches.sh @@ -1,13 +1,19 @@ #!/bin/bash +# Upgrading pip to fix the vulnerability (GHSA-jp4c-xjxw-mgf9) +python3 -m pip install --upgrade --no-cache-dir "pip==26.1.2" || exit $? + # vulnerabilities: # werkzeug - [GHSA-f9vj-2wh5-fj8j] # pyasn1 - [GHSA-jr27-m4p2-rc6r] -# ujson - [GHSA-wgvc-ghv9-3pmm] +# ujson - [GHSA-c38f-wx89-p2xg] +# twisted - [GHSA-grgv-6hw6-v9g4] +# gitpython - [GHSA-v87r-6q3f-2j67] +# mistune - [GHSA-8mp2-v27r-99xp] -patched_package_versions=( "mistune=3.0.1" "aiohttp=3.10.11" "cryptography=44.0.1" "h11=0.16.0" "jinja2=3.1.6" "jupyter_core=5.8.1" "protobuf=6.33.5" "requests=2.32.4" "setuptools=78.1.1" "transformers=4.53.0" "urllib3=2.5.0" "werkzeug=3.1.5" "jupyter-lsp=2.2.2" "scrapy=2.14.2" +patched_package_versions=( "mistune=3.2.1" "aiohttp=3.10.11" "cryptography=44.0.1" "h11=0.16.0" "jinja2=3.1.6" "jupyter_core=5.8.1" "protobuf=6.33.5" "requests=2.32.4" "setuptools=78.1.1" "transformers=4.53.0" "urllib3=2.5.0" "werkzeug=3.1.5" "jupyter-lsp=2.2.2" "scrapy=2.14.2" "zipp=3.19.1" "tornado=6.5.5" "jupyterlab=4.4.8" "imagecodecs=2024.9.22" "fonttools=4.60.2" "pyarrow=17.0.0" "brotli=1.2.0" "filelock=3.20.1" "bokeh=3.8.2" "distributed=2026.1.0" "wheel=0.46.2" "nltk=3.9.3" "black=26.3.1" "pyjwt=2.12.0" "pillow=12.1.1" "pyopenssl=26.0.0" "nbconvert=7.17.1" "markdown=3.8.1" "python-dotenv=1.2.2" "lxml=6.1.0" - "pyasn1=0.6.3" "ujson=5.12.0") + "pyasn1=0.6.3" "ujson=5.12.1" "twisted=26.4.0" "gitpython=3.1.50") # Define the number of rows (based on the length of patched_package_versions) rows=${#patched_package_versions[@]} diff --git a/src/anaconda/README.md b/src/anaconda/README.md index 3eb8b0b2c..a87e146fc 100644 --- a/src/anaconda/README.md +++ b/src/anaconda/README.md @@ -30,7 +30,7 @@ You can decide how often you want updates by referencing a [semantic version](ht - `mcr.microsoft.com/devcontainers/anaconda:1-3` - `mcr.microsoft.com/devcontainers/anaconda:1.3-3` -- `mcr.microsoft.com/devcontainers/anaconda:1.3.19-3` +- `mcr.microsoft.com/devcontainers/anaconda:1.3.20-3` See [history](history) for information on the contents of each version and [here for a complete list of available tags](https://mcr.microsoft.com/v2/devcontainers/anaconda/tags/list). diff --git a/src/anaconda/manifest.json b/src/anaconda/manifest.json index 398276029..64bd5b84a 100644 --- a/src/anaconda/manifest.json +++ b/src/anaconda/manifest.json @@ -1,5 +1,5 @@ { - "version": "1.3.19", + "version": "1.3.20", "build": { "latest": true, "rootDistro": "debian", diff --git a/src/anaconda/test-project/test.sh b/src/anaconda/test-project/test.sh index d5292f5ee..91b77f207 100755 --- a/src/anaconda/test-project/test.sh +++ b/src/anaconda/test-project/test.sh @@ -31,7 +31,7 @@ check "usr-local-etc-config-does-not-exist" test ! -f "/usr/local/etc/gitconfig" checkPythonPackageVersion "joblib" "1.2.0" checkPythonPackageVersion "cookiecutter" "2.1.1" -checkPythonPackageVersion "mistune" "3.0.1" +checkPythonPackageVersion "mistune" "3.2.1" checkPythonPackageVersion "numpy" "1.22" checkPythonPackageVersion "setuptools" "78.1.1" checkPythonPackageVersion "wheel" "0.46.2" @@ -50,8 +50,8 @@ checkPythonPackageVersion "jupyter_server" "2.14.1" checkPythonPackageVersion "pyarrow" "17.0.0" checkPythonPackageVersion "pillow" "12.1.1" checkPythonPackageVersion "jupyterlab" "4.4.8" -checkPythonPackageVersion "notebook" "7.2.2" -checkPythonPackageVersion "gitpython" "3.1.41" +checkPythonPackageVersion "notebook" "7.5.6" +checkPythonPackageVersion "gitpython" "3.1.50" checkPythonPackageVersion "jupyter-lsp" "2.2.2" checkPythonPackageVersion "idna" "3.7" checkPythonPackageVersion "jinja2" "3.1.4" @@ -69,7 +69,9 @@ checkPythonPackageVersion "pyjwt" "2.12.0" checkPythonPackageVersion "python-dotenv" "1.2.2" checkPythonPackageVersion "lxml" "6.1.0" checkPythonPackageVersion "pyasn1" "0.6.3" -checkPythonPackageVersion "ujson" "5.12.0" +checkPythonPackageVersion "ujson" "5.12.1" +checkPythonPackageVersion "pip" "26.1.2" +checkPythonPackageVersion "twisted" "26.4.0" checkCondaPackageVersion "pyopenssl" "26.0.0" checkCondaPackageVersion "requests" "2.32.4" @@ -85,7 +87,7 @@ checkCondaPackageVersion "nltk" "3.9.3" checkCondaPackageVersion "markdown" "3.8.1" checkCondaPackageVersion "python-dotenv" "1.2.2" checkCondaPackageVersion "pyasn1" "0.6.3" -checkCondaPackageVersion "ujson" "5.12.0" +checkCondaPackageVersion "ujson" "5.12.1" check "conda-update-conda" bash -c "conda update -y conda" check "conda-install-tensorflow" bash -c "conda create --name test-env -c conda-forge --yes tensorflow"