Bump jupyterlab version · dpoulopoulos/virtml@b316eab

Commit

Bump jupyterlab version

Bump `jupyterlab` version from 3.4.3 to 4.3.4. This resolves two
security alerts:

1. HTML injection in Jupyter Notebook and JupyterLab leading to DOM
   Clobbering (CVE ID: CVE-2024-43805)
2. Authentication and CSRF tokens leak (CVE ID: CVE-2024-22421)

---

* Release notes: https://github.com/jupyterlab/jupyterlab/releases
* Changelog:
  https://github.com/jupyterlab/jupyterlab/blob/@jupyterlab/[email protected]/CHANGELOG.md
* Commits:
  https://github.com/jupyterlab/jupyterlab/compare/@jupyterlab/[email protected]...@jupyterlab/[email protected]

Signed-off-by: Dimitris Poulopoulos <[email protected]>

Loading branch information

dependabot[bot] authored and dpoulopoulos committed Dec 31, 2024

1 parent 35261f5 commit b316eab

dockerfiles/notebooks/jupyter/requirements.txt

-Original file line number
+Diff line change
@@ -1,3 +1,3 @@
-    jupyterlab==3.4.3
+    jupyterlab==4.3.4
     notebook==6.4.12
     ipykernel==6.15.0

0 comments on commit `b316eab`

Please sign in to comment.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Commit

There are no files selected for viewing

0 comments on commit `b316eab`

Commit

There are no files selected for viewing

0 comments on commit b316eab

0 comments on commit `b316eab`