From f53085f079181afc2aad7663bf4557197ed3041d Mon Sep 17 00:00:00 2001 From: "Mahadik, Mukul Chandrakant" Date: Fri, 6 Oct 2023 15:55:17 -0700 Subject: [PATCH] Updating fixed vulnerabilities after new observations Creating this Commit / PR to fix observed vulnerabilities after updating in earlier PR. - Cryptography vulnerability fixed and not being detected in latest image. - Certifi is also updated to recommended version but a slightly older version also exists which will be removed in this commit. - Flask still shows up as a vulnerability, but unable to find the package actually being installed when using find ~/miniconda-23.5.2/ -name flask* --- .docker/setup_config.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/.docker/setup_config.sh b/.docker/setup_config.sh index 46168e2ab..268ba1c77 100644 --- a/.docker/setup_config.sh +++ b/.docker/setup_config.sh @@ -19,6 +19,7 @@ conda install -c conda-forge cryptography=41.0.4 wheel=0.40.0 rm -rf /root/miniconda-23.1.0/pkgs/cryptography-38.0.4-py39h9ce1e76_0 rm -rf /root/miniconda-23.1.0/pkgs/wheel-0.37.1-pyhd3eb1b0_0 rm -rf /root/miniconda-23.5.2/pkgs/cryptography-39.0.1-py39h9ce1e76_2 +rm -rf /root/miniconda-23.5.2/pkgs/certifi-2023.5.7-py39h06a4308_0 # Clean up the conda install conda clean -t