[jira] [Updated] (FLINK-29300) Upgrade python version to 3.10.3

Wed, 14 Sep 2022 03:11:05 -0700 


     [ 
https://issues.apache.org/jira/browse/FLINK-29300?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Bilna updated FLINK-29300:
--------------------------
    Description: 
Security scans listed lot of CVEs from Python 3.8. So please upgrade python 
version to 3.10.3
|Component Name|Component Version Name|Vulnerability Name(s)|Base Score - 
cvss3|Severity - cvss3|Fix version|
|Python programming language|3.7.3|CVE-2015-20107 (BDSA-2015-0814) 
|9.8|CRITICAL |3.10.3|
|Python programming language|3.7.3|CVE-2022-26488 (BDSA-2022-0627) |7|HIGH 
|3.10.3| 
|Python programming language|3.7.3|CVE-2021-3737 (BDSA-2021-3183) 
|7.5|HIGH|3.10.3|
|Python programming language|3.7.3|CVE-2022-0391 (BDSA-2021-4119) 
|7.5|HIGH|3.10.3| 
|Python programming language|3.7.3|CVE-2021-3177 (BDSA-2021-0085) 
|9.8|CRITICAL|3.10.3| 
|Python programming language|3.7.3|CVE-2020-27619 (BDSA-2020-2928) 
|9.8|CRITICAL |3.10.3|
|Python programming language|3.7.3|CVE-2020-26116 (BDSA-2020-2544) |7.2|HIGH 
|3.10.3|
|Python programming language|3.7.3|CVE-2019-20907 (BDSA-2019-4493) 
|7.5|HIGH|3.10.3|
|Python programming language|3.7.3|CVE-2020-15523 (BDSA-2020-1616) 
|7.8|HIGH|3.10.3| 
|Python programming language|3.7.3|CVE-2019-16056 (BDSA-2019-2926) |7.5|HIGH 
|3.10.3|
|Python programming language|3.7.3|CVE-2019-10160 (BDSA-2019-1748) 
|9.8|CRITICAL|3.10.3|
|Python programming language|3.7.3|CVE-2019-9948 (BDSA-2019-0819) 
|9.1|CRITICAL|3.10.3|

  was:Security scans listed lot of CVEs from Python 3.8. So please upgrade 
python version to 3.10.3


> Upgrade python version to 3.10.3
> --------------------------------
>
>                 Key: FLINK-29300
>                 URL: https://issues.apache.org/jira/browse/FLINK-29300
>             Project: Flink
>          Issue Type: Improvement
>            Reporter: Bilna
>            Priority: Major
>
> Security scans listed lot of CVEs from Python 3.8. So please upgrade python 
> version to 3.10.3
> |Component Name|Component Version Name|Vulnerability Name(s)|Base Score - 
> cvss3|Severity - cvss3|Fix version|
> |Python programming language|3.7.3|CVE-2015-20107 (BDSA-2015-0814) 
> |9.8|CRITICAL |3.10.3|
> |Python programming language|3.7.3|CVE-2022-26488 (BDSA-2022-0627) |7|HIGH 
> |3.10.3| 
> |Python programming language|3.7.3|CVE-2021-3737 (BDSA-2021-3183) 
> |7.5|HIGH|3.10.3|
> |Python programming language|3.7.3|CVE-2022-0391 (BDSA-2021-4119) 
> |7.5|HIGH|3.10.3| 
> |Python programming language|3.7.3|CVE-2021-3177 (BDSA-2021-0085) 
> |9.8|CRITICAL|3.10.3| 
> |Python programming language|3.7.3|CVE-2020-27619 (BDSA-2020-2928) 
> |9.8|CRITICAL |3.10.3|
> |Python programming language|3.7.3|CVE-2020-26116 (BDSA-2020-2544) |7.2|HIGH 
> |3.10.3|
> |Python programming language|3.7.3|CVE-2019-20907 (BDSA-2019-4493) 
> |7.5|HIGH|3.10.3|
> |Python programming language|3.7.3|CVE-2020-15523 (BDSA-2020-1616) 
> |7.8|HIGH|3.10.3| 
> |Python programming language|3.7.3|CVE-2019-16056 (BDSA-2019-2926) |7.5|HIGH 
> |3.10.3|
> |Python programming language|3.7.3|CVE-2019-10160 (BDSA-2019-1748) 
> |9.8|CRITICAL|3.10.3|
> |Python programming language|3.7.3|CVE-2019-9948 (BDSA-2019-0819) 
> |9.1|CRITICAL|3.10.3|



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to