exasol · tkilias · Aug 8, 2023 · Aug 7, 2023 · Aug 7, 2023 · Aug 7, 2023
diff --git a/flavors/python-3.8-minimal-EXASOL-6.2.0/flavor_base/security_scan/.trivyignore b/flavors/python-3.8-minimal-EXASOL-6.2.0/flavor_base/security_scan/.trivyignore
@@ -12,6 +12,9 @@ CVE-2022-43945
 CVE-2023-3090
 CVE-2023-3389
 CVE-2023-3390 
+CVE-2023-3611
+CVE-2023-3776
+CVE-2023-3609
 #CVE-2022-23648 is a bug in containerd, not issue for containers
 CVE-2022-23648
 #issue in cgroups, but no threat for ScriptLanguageContainer

diff --git a/...rs/template-Exasol-all-python-3.8-conda/flavor_base/language_deps/packages/conda_packages b/...rs/template-Exasol-all-python-3.8-conda/flavor_base/language_deps/packages/conda_packages
@@ -5,6 +5,6 @@ pyarrow|12.0.0
 libblas|3.9.0=15_linux64_mkl
 mamba|1.3.1
 ld_impl_linux-64|2.36.1
-cryptography|39.0.2
+cryptography|41.0.2
 libxml2|2.10.3=hca2bb57_4 # Pinned for OpenJDK in build_deps
 icu|70.1=h27087fc_0 # Pinned for OpenJDK in build_deps
diff --git a/flavors/template-Exasol-all-python-3.8-conda/flavor_base/security_scan/.trivyignore b/flavors/template-Exasol-all-python-3.8-conda/flavor_base/security_scan/.trivyignore
@@ -1,13 +1,16 @@
 #bug in trivy, no idea when a new debian package will be released (https://github.com/aquasecurity/trivy/issues/1680)
 CVE-2021-43816
-#CVE-2022-0847, CVE-2022-0001, CVE-2022-0002, CVE-2022-1015 affect kernel, no issue for container
+#The following CVEs affect kernel, no issue for container
 CVE-2022-0847
 CVE-2022-0001
 CVE-2022-0002
 CVE-2022-1015
 CVE-2022-23960
 CVE-2022-25636
 CVE-2022-43945
+CVE-2023-3611
+CVE-2023-3776
+CVE-2023-3609
 #CVE-2022-23648 is a bug in containerd, not issue for containers
 CVE-2022-23648
 #issue in cgroups, but no threat for ScriptLanguageContainer
@@ -16,3 +19,5 @@ CVE-2022-0492
 CVE-2022-27191
 # CVE-2022-23960 affects only ARM architectures
 CVE-2022-23960
+# We ignore CVE-2023-38325, because cryptography 41.0.3 is currently on available on conda, https://github.com/conda-forge/cryptography-feedstock/issues/122
+CVE-2023-38325
diff --git a/...mplate-Exasol-all-python-3.8-cuda-conda/flavor_base/language_deps/packages/conda_packages b/...mplate-Exasol-all-python-3.8-cuda-conda/flavor_base/language_deps/packages/conda_packages
@@ -5,6 +5,6 @@ pyarrow|12.0.0=py38h4559c88_4_cuda
 libblas|3.9.0=15_linux64_mkl
 mamba|1.3.1
 ld_impl_linux-64|2.36.1
-cryptography|39.0.2
+cryptography|41.0.2
 libxml2|2.10.3=hca2bb57_4 # Pinned for OpenJDK in build_deps
 icu|70.1=h27087fc_0 # Pinned for OpenJDK in build_deps
diff --git a/flavors/template-Exasol-all-python-3.8-cuda-conda/flavor_base/security_scan/.trivyignore b/flavors/template-Exasol-all-python-3.8-cuda-conda/flavor_base/security_scan/.trivyignore
@@ -1,13 +1,16 @@
 #bug in trivy, no idea when a new debian package will be released (https://github.com/aquasecurity/trivy/issues/1680)
 CVE-2021-43816
-#CVE-2022-0847, CVE-2022-0001, CVE-2022-0002, CVE-2022-1015 affect kernel, no issue for container
+#The following CVEs affect kernel, no issue for container
 CVE-2022-0847
 CVE-2022-0001
 CVE-2022-0002
 CVE-2022-1015
 CVE-2022-23960
 CVE-2022-25636
 CVE-2022-43945
+CVE-2023-3611
+CVE-2023-3776
+CVE-2023-3609
 #CVE-2022-23648 is a bug in containerd, not issue for containers
 CVE-2022-23648
 #issue in cgroups, but no threat for ScriptLanguageContainer
@@ -16,3 +19,5 @@ CVE-2022-0492
 CVE-2022-27191
 # CVE-2022-23960 affects only ARM architectures
 CVE-2022-23960
+# We ignore CVE-2023-38325, because cryptography 41.0.3 is currently on available on conda, https://github.com/conda-forge/cryptography-feedstock/issues/122
+CVE-2023-38325
diff --git a/poetry.lock b/poetry.lock