You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
current pyarrow dependency version is set to pyarrow>=10,<11. However, there is a known vulnerability in pyarrow with the CVE-2023-47248.
I'd like to propose bumping the pyarrow version to a range of pyarrow>=14.0.1,<15, which should include the necessary fix for the aforementioned vulnerability. This version range should not introduce compatibility issues while ensuring we are using a secure version of the library.
The text was updated successfully, but these errors were encountered:
Hi,
current pyarrow dependency version is set to
pyarrow>=10,<11. However, there is a known vulnerability in pyarrow with the CVE-2023-47248.I'd like to propose bumping the pyarrow version to a range of
pyarrow>=14.0.1,<15, which should include the necessary fix for the aforementioned vulnerability. This version range should not introduce compatibility issues while ensuring we are using a secure version of the library.The text was updated successfully, but these errors were encountered: