Closed rxm7706 closed 7 months ago
Also in case this helps others - since the CVE affects PyArrow versions 0.14.0 to 14.0.0 https://github.com/pitrou/pyarrow-hotfix provides a good work around for both pip and conda users pip install pyarrow_hotfix conda install -c conda-forge pyarrow-hotfix
Raised #399
@xhochy - This is just a placeholder. Assume at some point Pyarrow 14.0.1 will be supported similar to
Opening this just because we ran into https://nvd.nist.gov/vuln/detail/CVE-2023-47248 while trying to upgrade to PyArrow 14.0 and decided to skip to 14.0.1 One dependency was Turbodbc - that we will have to wait for.
Thanks and Regards.