From 8d3e9aca9d352a3c4459e321de5d0a0b12062112 Mon Sep 17 00:00:00 2001
From: Alexander Smolyakov <v-asmoliakov@microsoft.com>
Date: Thu, 6 Apr 2023 21:02:49 +0400
Subject: [features/conda] Address CVE-2023-0286, CVE-2023-23931, and
 CVE-2022-40897 vulnerabilities (#518)

* [features/conda] Address CVE-2023-0286, CVE-2023-23931, and CVE-2022-40897 vulnerabilities

- Update `install.sh` to install updates for `cryptography` and `setuptools`  packages
- Add tests to verify `cryptography` and `setuptools`  packages version

* Bump feature version
---
 test/conda/test.sh | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'test')

diff --git a/test/conda/test.sh b/test/conda/test.sh
index 8a88511..fcb9d7e 100755
--- a/test/conda/test.sh
+++ b/test/conda/test.sh
@@ -32,5 +32,11 @@ check-version-ge() {
 certifiVersion=$(python -c "import certifi; print(certifi.__version__)")
 check-version-ge "certifi" "${certifiVersion}" "2022.12.07"
 
+cryptographyVersion=$(python -c "import cryptography; print(cryptography.__version__)")
+check-version-ge "cryptography" "${cryptographyVersion}" "39.0.1"
+
+setuptoolsVersion=$(python -c "import setuptools; print(setuptools.__version__)")
+check-version-ge "setuptools" "${setuptoolsVersion}" "65.5.1"
+
 # Report result
 reportResults
-- 
cgit v1.2.3