GHSA-8w49-h785-mj3c - updating tronado package version for anaconda i…

…mage. (devcontainers#1270)
Mathiyarasy · Feb 14, 2025 · cd4daf6 · cd4daf6
1 parent 586c983
commit cd4daf6
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 2 deletions.
diff --git a/src/anaconda/.devcontainer/apply_security_patches.sh b/src/anaconda/.devcontainer/apply_security_patches.sh
@@ -3,7 +3,8 @@
 # vulnerabilities:
 # werkzeug - [GHSA-f9vj-2wh5-fj8j]
 
-vulnerable_packages=( "mistune=3.0.1" "transformers=4.36.0" "cryptography=43.0.1" "jupyter-lsp=2.2.2" "scrapy=2.11.2" "zipp=3.19.1")
+vulnerable_packages=( "mistune=3.0.1" "transformers=4.36.0" "cryptography=43.0.1" "jupyter-lsp=2.2.2" "scrapy=2.11.2" \ 
+                      "zipp=3.19.1" "tornado=6.4.2")
 
 # Define the number of rows (based on the length of vulnerable_packages)
 rows=${#vulnerable_packages[@]}

diff --git a/src/anaconda/test-project/test.sh b/src/anaconda/test-project/test.sh
@@ -42,7 +42,7 @@ checkPythonPackageVersion "cryptography" "43.0.1"
 checkPythonPackageVersion "transformers" "4.36.0"
 checkPythonPackageVersion "mpmath" "1.3.0"
 checkPythonPackageVersion "aiohttp" "3.10.2"
-checkPythonPackageVersion "tornado" "6.4.1"
+checkPythonPackageVersion "tornado" "6.4.2"
 checkPythonPackageVersion "jupyter_server" "2.14.1"
 checkPythonPackageVersion "pyarrow" "14.0.1"
 checkPythonPackageVersion "pillow" "10.3.0"