The fix for CVE-2022-42889 vulunerability has been released in Spark 3.3.2. See the link below
The current Z2jh 2.0.0 support jupyterhub 3.0.0 and the pyspark dockerstacks image containing jupyterhub 3.0.0 (jupyter/pyspark-notebook:hub-3.0.0) contains spark 3.3.1 which has the CVE-2022-42889 vulunerability.
Is there a jupyter/pyspark-notebook:hub-3.x.x image which contains spark 3.3.2 while having the jupyter and lab versions set to the following?
Helm chat version: 2.0.0
JupyterHub: 3.0.0
Jupyterlab: 3.5.0
I tried the following images also but they upgrade the jupyterhub version
jupyter/pyspark-notebook:spark-3.3.2 => Hub version 3.1.1
jupyter/pyspark-notebook:hub-3.1.0 => Hub version 3.1.0
If my understanding is correct then current Z2jh only supports hub 3.0.0 as per the following page, what are my options then? When will Z2jh support hub 3.1.1?
I always have a custom docker image with spark 3.3.1 option but want to avoid that if possible.
thank you