Upgrade to Python3.6.13

[mahithsuresh]

openjdk:8 (the base image used by the spark container) has a dependency on python 2.7.16 which has a security vulnerability. Since openjdk:8 has not been updated and since python 2.7.16 has reached EOL, we are upgrading to python 3.6.13 which contains the fix for the vulnerability.

Upgraded to Python-3.6.13

Testing:

1. Scanned in ECR and the vulnerability is gone.
2. Exec’d into the container and the script worked as expected (no buffer overflows)
3. Ran integration tests
4. Ran manual tests that we used to deploy the last CM

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

[mahithsuresh]

Is 2.7 impacted? According to https://nvd.nist.gov/vuln/detail/CVE-2021-3177 only Python 3.x is impacted

Yeah - we use openjdk:8: https://snyk.io/test/docker/openjdk:8 it relies on 2.7 which has a the buffer overflow vulnerability according to this. I also ran the python scripts that were using to determine whether there is impact and that confirmed it.