Merge pull request #842 from exasol/develop

* #831: Update conda flavors to cryptography 41.0.3 and openssl 3.1.2 (#837) * #839: Updated dependencies and ignore Kernel CVEs (#841)
exasol · Sep 7, 2023 · b636638 · b636638
2 parents a668434 + 4af39c7
commit b636638
Show file tree

Hide file tree

Showing 17 changed files with 63 additions and 58 deletions.
diff --git a/.current_gitmodules b/.current_gitmodules
diff --git a/doc/changes/changes_7.0.0.md b/doc/changes/changes_7.0.0.md
@@ -33,4 +33,6 @@ n/a
  - #805: Upgraded r-4-minimal flavor to R 4.3 and Ubuntu 22.04
  - #806: Removed flavor python-3.7-minimal-EXASOL-6.2.0
  - #807: Removed flavor standard-EXASOL-7.0.0
- - #827: Update packages and ignore kernel CVEs
+ - #827: Updated packages and ignore kernel CVEs
+ - #831: Updated conda flavors to cryptography 41.0.3 and openssl 3.1.2
+ - #839: Updated dependencies and ignore kernel CVEs
diff --git a/...ackage_diffs/7.0.0/r-4-minimal-EXASOL-6.2.0/build_deps/apt_get_packages_diff.md b/...ackage_diffs/7.0.0/r-4-minimal-EXASOL-6.2.0/build_deps/apt_get_packages_diff.md
diff --git a/...s/package_diffs/7.0.0/standard-EXASOL-8.0.0/build_deps/apt_get_packages_diff.md b/...s/package_diffs/7.0.0/standard-EXASOL-8.0.0/build_deps/apt_get_packages_diff.md
diff --git a/...diffs/7.0.0/standard-EXASOL-8.0.0/flavor_base_deps_apt/apt_get_packages_diff.md b/...diffs/7.0.0/standard-EXASOL-8.0.0/flavor_base_deps_apt/apt_get_packages_diff.md
diff --git a/...ackage_diffs/7.0.0/standard-EXASOL-8.0.0/language_deps/apt_get_packages_diff.md b/...ackage_diffs/7.0.0/standard-EXASOL-8.0.0/language_deps/apt_get_packages_diff.md
diff --git a/...7.0.0/template-Exasol-all-python-3.8-conda/language_deps/conda_packages_diff.md b/...7.0.0/template-Exasol-all-python-3.8-conda/language_deps/conda_packages_diff.md
diff --git a/....0.0/template-Exasol-all-python-3.8-conda/udfclient_deps/conda_packages_diff.md b/....0.0/template-Exasol-all-python-3.8-conda/udfclient_deps/conda_packages_diff.md
diff --git a/.../template-Exasol-all-python-3.8-cuda-conda/language_deps/conda_packages_diff.md b/.../template-Exasol-all-python-3.8-cuda-conda/language_deps/conda_packages_diff.md
diff --git a/...template-Exasol-all-python-3.8-cuda-conda/udfclient_deps/conda_packages_diff.md b/...template-Exasol-all-python-3.8-cuda-conda/udfclient_deps/conda_packages_diff.md
diff --git a/flavors/r-4-minimal-EXASOL-6.2.0/flavor_base/build_deps/packages/apt_get_packages b/flavors/r-4-minimal-EXASOL-6.2.0/flavor_base/build_deps/packages/apt_get_packages
@@ -2,7 +2,7 @@ coreutils|8.32-4.1ubuntu1
 locales|2.35-0ubuntu3.1
 tar|1.34+dfsg-1ubuntu0.1.22.04.1
 curl|7.81.0-1ubuntu1.13
-openjdk-11-jdk|11.0.20+8-1ubuntu1~22.04
+openjdk-11-jdk|11.0.20.1+1-0ubuntu1~22.04
 build-essential|12.9ubuntu3
 libpcre3-dev|2:8.39-13ubuntu0.22.04.1
 protobuf-compiler|3.12.4-1ubuntu7.22.04.1

diff --git a/flavors/r-4-minimal-EXASOL-6.2.0/flavor_base/security_scan/.trivyignore b/flavors/r-4-minimal-EXASOL-6.2.0/flavor_base/security_scan/.trivyignore
@@ -13,6 +13,8 @@ CVE-2023-3609
 CVE-2023-3777
 CVE-2023-3995
 CVE-2023-4015
+CVE-2023-4563
+CVE-2023-4569
 #CVE-2022-23648 is a bug in containerd, not issue for containers
 CVE-2022-23648
 #issue in cgroups, but no threat for ScriptLanguageContainer

diff --git a/flavors/standard-EXASOL-8.0.0/flavor_base/build_deps/packages/apt_get_packages b/flavors/standard-EXASOL-8.0.0/flavor_base/build_deps/packages/apt_get_packages
@@ -2,7 +2,7 @@ coreutils|8.28-1ubuntu1
 locales|2.27-3ubuntu1.6
 tar|1.29b-2ubuntu0.4
 curl|7.68.0-1ubuntu2.19
-openjdk-11-jdk|11.0.19+7~us1-0ubuntu1~20.04.1
+openjdk-11-jdk|11.0.20.1+1-0ubuntu1~20.04
 build-essential|12.4ubuntu1
 libpcre3-dev|2:8.39-9ubuntu0.1
 protobuf-compiler|3.0.0-9.1ubuntu1.1

diff --git a/flavors/standard-EXASOL-8.0.0/flavor_base/flavor_base_deps_apt/packages/apt_get_packages b/flavors/standard-EXASOL-8.0.0/flavor_base/flavor_base_deps_apt/packages/apt_get_packages
@@ -16,6 +16,6 @@ libxml2-dev|2.9.10+dfsg-5ubuntu0.20.04.6 # Needed by R XML package
 apt-transport-https|2.0.9
 gnupg|2.2.19-3ubuntu2.2
 libhiredis-dev|0.14.0-6 # Needed by R redux package
-libsmbclient|2:4.15.13+dfsg-0ubuntu0.20.04.3
-libsmbclient-dev|2:4.15.13+dfsg-0ubuntu0.20.04.3
-smbclient|2:4.15.13+dfsg-0ubuntu0.20.04.3
+libsmbclient|2:4.15.13+dfsg-0ubuntu0.20.04.4
+libsmbclient-dev|2:4.15.13+dfsg-0ubuntu0.20.04.4
+smbclient|2:4.15.13+dfsg-0ubuntu0.20.04.4
diff --git a/flavors/standard-EXASOL-8.0.0/flavor_base/language_deps/packages/apt_get_packages b/flavors/standard-EXASOL-8.0.0/flavor_base/language_deps/packages/apt_get_packages
@@ -2,4 +2,4 @@ ca-certificates|20230311ubuntu0.20.04.1
 python3.8-dev|3.8.10-0ubuntu1~20.04.8
 python3-distutils|3.8.10-0ubuntu1~20.04
 curl|7.68.0-1ubuntu2.19
-openjdk-11-jdk-headless|11.0.20+8-1ubuntu1~20.04
+openjdk-11-jdk-headless|11.0.20.1+1-0ubuntu1~20.04
diff --git a/flavors/standard-EXASOL-8.0.0/flavor_base/security_scan/.trivyignore b/flavors/standard-EXASOL-8.0.0/flavor_base/security_scan/.trivyignore
@@ -15,6 +15,7 @@ CVE-2023-3090
 CVE-2023-3611
 CVE-2023-3776
 CVE-2023-3609
+CVE-2023-4563
 #CVE-2022-23648 is a bug in containerd, not issue for containers
 CVE-2022-23648
 #issue in cgroups, but no threat for ScriptLanguageContainer

diff --git a/script-languages b/script-languages