From ad358cf6f2431e3621c7db29a8adcd51bb364c80 Mon Sep 17 00:00:00 2001
From: Gaurav Saini <147703805+gauravsaini04@users.noreply.github.com>
Date: Sat, 17 Aug 2024 04:44:35 +0530
Subject: [PATCH 1/2] [Anaconda] - aiohttp - GHSA-jwhx-xcg6-8xhj - apply
 security patch (#1163)

---
 src/anaconda/.devcontainer/apply_security_patches.sh | 2 +-
 src/anaconda/test-project/test.sh                    | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/anaconda/.devcontainer/apply_security_patches.sh b/src/anaconda/.devcontainer/apply_security_patches.sh
index 00e232828..cd00c52ba 100644
--- a/src/anaconda/.devcontainer/apply_security_patches.sh
+++ b/src/anaconda/.devcontainer/apply_security_patches.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-vulnerable_packages=( "pydantic=2.5.3" "joblib=1.3.1" "mistune=3.0.1" "werkzeug=3.0.3" "transformers=4.36.0" "pillow=10.3.0" "aiohttp=3.9.4" \
+vulnerable_packages=( "pydantic=2.5.3" "joblib=1.3.1" "mistune=3.0.1" "werkzeug=3.0.3" "transformers=4.36.0" "pillow=10.3.0" "aiohttp=3.10.2" \
           "cryptography=42.0.4" "gitpython=3.1.41"  "jupyter-lsp=2.2.2" "idna=3.7" "jinja2=3.1.4" "scrapy=2.11.2" "black=24.4.2" "requests=2.32.2" "jupyter_server=2.14.1" "tornado=6.4.1" "tqdm=4.66.4" "urllib3=2.2.2" "scikit-learn=1.5.0" "zipp=3.19.1" )
 
 # Define the number of rows (based on the length of vulnerable_packages)
diff --git a/src/anaconda/test-project/test.sh b/src/anaconda/test-project/test.sh
index de089d41a..1c7884293 100755
--- a/src/anaconda/test-project/test.sh
+++ b/src/anaconda/test-project/test.sh
@@ -41,7 +41,7 @@ checkPythonPackageVersion "certifi" "2022.12.07"
 checkPythonPackageVersion "cryptography" "42.0.4"
 checkPythonPackageVersion "transformers" "4.36.0"
 checkPythonPackageVersion "mpmath" "1.3.0"
-checkPythonPackageVersion "aiohttp" "3.9.4"
+checkPythonPackageVersion "aiohttp" "3.10.2"
 checkPythonPackageVersion "tornado" "6.4.1"
 checkPythonPackageVersion "jupyter_server" "2.14.1"
 checkPythonPackageVersion "pyarrow" "14.0.1"

From 6b46a28338ca4edf0672bf8c6a3e2ed0564dae45 Mon Sep 17 00:00:00 2001
From: Gaurav Saini <147703805+gauravsaini04@users.noreply.github.com>
Date: Sat, 17 Aug 2024 04:47:23 +0530
Subject: [PATCH 2/2] [dotnet] - Support noble distro and remove stale
 powershell security patch (#1158)

* [dotnet] - powershell fails in other variants

* changes misc.

* misc change

* removed set -x , set +x

* removed uid & gid config options from common-utils

* mistake correction
---
 src/dotnet/.devcontainer/Dockerfile        | 27 +---------------------
 src/dotnet/.devcontainer/devcontainer.json |  2 --
 2 files changed, 1 insertion(+), 28 deletions(-)

diff --git a/src/dotnet/.devcontainer/Dockerfile b/src/dotnet/.devcontainer/Dockerfile
index a11b81e20..1f8a6f182 100644
--- a/src/dotnet/.devcontainer/Dockerfile
+++ b/src/dotnet/.devcontainer/Dockerfile
@@ -4,29 +4,4 @@ ENV PATH $PATH:/home/vscode/.dotnet:/home/vscode/.dotnet/tools
 
 # clear this environment variable so xml docs from NuGet packages are unpackaged. The default dotnet/sdk image sets it to 'skip'.
 # see https://github.com/dotnet/dotnet-docker/issues/2790
-ENV NUGET_XMLDOC_MODE=
-
-# Temporary: Upgrade packages due to mentioned CVEs
-# They are installed by the base image (mcr.microsoft.com/dotnet/sdk) which does not have the patch.
-# https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30045
-RUN if [ "$(dpkg --print-architecture)" = "amd64" ]; then \
-        apt-get update && \
-        apt-get install -y wget && \
-        POWERSHELL_FILE_NAME="powershell_7.4.4-1.deb_amd64.deb" && \
-        wget https://github.com/PowerShell/PowerShell/releases/download/v7.4.4/${POWERSHELL_FILE_NAME} && \
-        dpkg -i ${POWERSHELL_FILE_NAME} && \
-        apt-get install -f && \
-        rm ${POWERSHELL_FILE_NAME} ; \
-    fi
-
-RUN if [ "$(dpkg --print-architecture)" = "arm64" ]; then \
-        apt-get update && \
-        apt-get install -y curl tar && \
-        POWERSHELL_FILE_PATH="/opt/microsoft/powershell/7" && \
-        curl -L -o /tmp/powershell.tar.gz https://github.com/PowerShell/PowerShell/releases/download/v7.4.4/powershell-7.4.4-linux-arm64.tar.gz && \
-        mkdir -p ${POWERSHELL_FILE_PATH} && \
-        tar zxf /tmp/powershell.tar.gz -C ${POWERSHELL_FILE_PATH} && \
-        chmod +x ${POWERSHELL_FILE_PATH}/pwsh && \
-        ln -snf ${POWERSHELL_FILE_PATH}/pwsh /usr/bin/pwsh && \
-        rm /tmp/powershell.tar.gz ; \
-    fi
\ No newline at end of file
+ENV NUGET_XMLDOC_MODE=
\ No newline at end of file
diff --git a/src/dotnet/.devcontainer/devcontainer.json b/src/dotnet/.devcontainer/devcontainer.json
index a31bcae69..141b6263e 100644
--- a/src/dotnet/.devcontainer/devcontainer.json
+++ b/src/dotnet/.devcontainer/devcontainer.json
@@ -7,8 +7,6 @@
         "ghcr.io/devcontainers/features/common-utils:2": {
             "installZsh": "true",
             "username": "vscode",
-            "userUid": "1000",
-            "userGid": "1000",
             "upgradePackages": "true"
         },
         "ghcr.io/devcontainers/features/node:1": {