pywbem / pywbem / test-2091
92%

DEFAULT BRANCH: master
Ran
Jobs 16
Files 46
Run time 1min
Badge
Embed ▾
README BADGES
x

If you need to use a raster PNG badge, change the '.svg' to '.png' in the link

Markdown

Textile

RDoc

HTML

Rst
coverage: 92.295%. First build
test-2091

push

github

andy-maier 
Add fixes for new safety issues, 17 Mar 2024.

Modified safety policy dev-requirements, and minimum constraints for new
issues with:

1. cryptography - New minimum 42.0.2 for python > 3.7
2. Jupyter Notebook - New Minimum 7.07 Python > 3.8
3. jupyter server - new minimum 2.11.2, Python > 3.8

The new safety issues are as follows:

   Vulnerability ID: 65183
   Affected spec: >=7.0.0,<=7.0.6
   ADVISORY: CVE-2024-22420 describes a vulnerability in Jupyter
Notebook, where user interaction with a malicious notebook or
Markdown file
enables an attacker to access and act with the same permissions as
the user.
The flaw lies in the table of contents plugin. Jupyter Notebook
v7.0.7
includes a patch for this issue. Users can manually disable the
plugin as a
   workaround.
https://github.com/jupyterlab/jupyterlab/security/advisories/GHSA-4m77-cmpx-
   vjc4
   CVE-2024-22420
   For more information, please visit
   https://data.safetycli.com/v/65183/f17

   NOTES:
     New minimum version: 7.0.7

     7.0.2 python 3.8, 3.11
     7.0.7, first version with documented python 3.12 support.
     Previously the classiifier was python 3:;

-> Vulnerability found in notebook version 7.0.2
   Vulnerability ID: 65182
   Affected spec: >=7.0.0,<=7.0.6
   ADVISORY: CVE-2024-22421 is a vulnerability in Jupyter Notebook where
clicking a malicious link could expose Authorization and XSRFToken
tokens to
third parties in older jupyter-server versions. Patched versions
include
notebook above 7.0.7. Users are advised to upgrade jupyter-server to
version
2.7.2 or newer, which includes a fix for a redirect vulnerability. No
other
workaround has been identified.
https://github.com/jupyterlab/jupyterlab/secu
   rity/advisories/GHSA-44cc-43rp-5947
   CVE-2024-22421
   For more information, please visit
   https://data.safetycli.com/v/65182/f17

   Note: NEW MINIMUM 7.0.7  Also proposes jupyter-server >= 2.7.2

-> Vulnerability found in cryptography version 3.4.7
   Vulnerability ID: 65... (continued)

11488 of 12447 relevant lines covered (92.3%)

14.6 hits per line

Jobs
ID Job ID Ran Files Coverage
1 ubuntu-latest,3.7,minimum - test-2091.1 0
92.0
 GitHub Action Run
2 ubuntu-20.04,3.6,minimum - test-2091.2 0
92.01
 GitHub Action Run
3 ubuntu-20.04,3.6,latest - test-2091.3 0
92.01
 GitHub Action Run
4 ubuntu-latest,3.10,latest - test-2091.4 0
92.23
 GitHub Action Run
5 ubuntu-latest,3.7,latest - test-2091.5 0
92.01
 GitHub Action Run
6 ubuntu-latest,3.8,latest - test-2091.6 0
92.21
 GitHub Action Run
7 ubuntu-latest,3.10,minimum - test-2091.7 0
92.22
 GitHub Action Run
8 ubuntu-latest,3.12,latest - test-2091.8 0
92.22
 GitHub Action Run
9 windows-latest,3.11,latest - test-2091.9 0
92.24
 GitHub Action Run
10 macos-latest,3.6,latest - test-2091.10 0
92.01
 GitHub Action Run
11 macos-latest,3.11,latest - test-2091.11 0
92.23
 GitHub Action Run
12 windows-latest,3.10,minimum - test-2091.12 0
92.23
 GitHub Action Run
13 windows-latest,3.12,latest - test-2091.13 0
92.23
 GitHub Action Run
14 windows-latest,3.11,minimum - test-2091.14 0
92.23
 GitHub Action Run
15 windows-latest,3.6,latest - test-2091.15 0
92.03
 GitHub Action Run
16 ubuntu-latest,3.12,minimum - test-2091.16 0
92.21
 GitHub Action Run
Source Files on build test-2091
Detailed source file information is not available for this build.