Jupyter/pyspark-notebook:hub-3.0.0 using Spark 3.3.1 which has CVE-2022-42889 vulunerability

The fix for CVE-2022-42889 vulunerability has been released in Spark 3.3.2. See the link below

The current Z2jh 2.0.0 support jupyterhub 3.0.0 and the pyspark dockerstacks image containing jupyterhub 3.0.0 (jupyter/pyspark-notebook:hub-3.0.0) contains spark 3.3.1 which has the CVE-2022-42889 vulunerability.

Is there a jupyter/pyspark-notebook:hub-3.x.x image which contains spark 3.3.2 while having the jupyter and lab versions set to the following?
Helm chat version: 2.0.0
JupyterHub: 3.0.0
Jupyterlab: 3.5.0

I tried the following images also but they upgrade the jupyterhub version
jupyter/pyspark-notebook:spark-3.3.2 => Hub version 3.1.1
jupyter/pyspark-notebook:hub-3.1.0 => Hub version 3.1.0

If my understanding is correct then current Z2jh only supports hub 3.0.0 as per the following page, what are my options then? When will Z2jh support hub 3.1.1?

I always have a custom docker image with spark 3.3.1 option but want to avoid that if possible.

thank you

JupyterHub uses Semantic Versioning, so a given major version should be compatible with all minor versions- a 3.*.* hub should work with any 3.*.* singleuser-server.

Good to know this.

So, the following two would be fully compatible since hub is ensuring semantic versioning.
pyspark image: jupyter/pyspark-notebook:spark-3.3.2 which has jupyterhub 3.1.1
jupyterhub/k8s-hub:2.0.0 image which contains 3.0.0

Thanks, will try to upgrade.