Category:
Resolution:
Resolved
Please do not run any Jupyter applications at OSC until further notice due to a security vulnerability.
OSC will update JupyterLab and Jupyter Notebook applications to rectify this as soon as possible.
List of versions changed:
- 0.35: removed because there is no official patch release.
- 1.2: upgraded to 1.2.21
- 2.1: replaced with 2.2.10 because there is no official patch release.
- 3.0: upgraded to 3.0.17
References for more information:
CVE-2021–32797 and CVE-2021–32798 Remote Code execution in JupyterLab and Jupyter Notebook
Resolved
Jupyter applications have been updated to patch security vulnerabilities.
- Version 0.35 of Jupyter has been dropped as there is no patch available for that version.
- Version 1.2 has been updated to 1.2.21.
- Version 2.1 has been replaced by 2.2.
- Version 3.0 has been updated to 3.0.17.
Exentensions that were built for 3.0 will likely need to be rebuilt by running the jupyter lab build command in a terminal within the Jupyter application.
