Open cdagraca opened 8 months ago
Since there is no fix for docker images, pyarrow_hotfix is an only option for the moment
I have a fork of 13.3-LTS with working library upgrades for ubuntu (python, dbfuse, standard). I can do the same for 14.3-LTS. I'm just having trouble working out how to build and test all of the other images so I can raise a PR.
13.3-LTS and 14.3-LTS both still use pyarrow 8.0.0, which contains CVE-2023-47248 It appears this has been patched for actual runtime environments but not for the corresponding docker images.