Fix Critical pyArrow CVE-2023-47248 (!809) · Merge requests · OSDU Software / OSDU Data Platform / Domain Data Management Services / Wellbore / Wellbore Domain Services · GitLab

Cyril Monmouton requested to merge feature/fix-CVEs-pyarrow into master Nov 14, 2023

Summary

Update pyArrow to version 14.0.1 due to critical CVE-2023-47248 around deserialisation on parquet format.

Type of change

🔒 Security fix

Validation

New tests added
Covered by the unit tests
Covered by the integration tests
Non functional testing (performance, scalability, security ...)

Work Item

Work item link provided: #85 (closed)

Edited Nov 17, 2023 by Yannick