fix: remove duplicate cerifi line and add comment linking to CVE

amazon-braket · Sep 20, 2023 · dd8765d · dd8765d
1 parent ee04c21
commit dd8765d
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/tensorflow/jobs/docker/2.12/py3/Dockerfile.gpu b/tensorflow/jobs/docker/2.12/py3/Dockerfile.gpu
@@ -14,6 +14,7 @@ RUN apt-get update \
 
 # Ensure below libraries are pinned to mitigate vulnerability
 RUN ${PIP} install --no-cache --upgrade \
+# https://nvd.nist.gov/vuln/detail/CVE-2023-37920
         certifi>=2023.7.22  
 
 # Installing our custom python libraries
@@ -24,7 +25,7 @@ RUN ${PIP} install --no-cache --upgrade \
         amazon-braket-sdk==1.55.0 \
         awscli==1.29.4 \
         botocore==1.31.4 \
-        boto3==1.28.3 \
+        boto3==1.28.3 \ 
         dask==2023.1.1 \        
         h5py==3.8.0 \
         ipykernel==5.3.4 \
@@ -42,8 +43,7 @@ RUN ${PIP} install --no-cache --upgrade \
         scikit-learn==1.2.2 \
         six==1.16.0 \
         scipy==1.9.3 \
-        typing_extensions==4.3.0 \
-        certifi==2023.7.22
+        typing_extensions==4.3.0
 
 RUN ${PIP} install --no-cache --upgrade sagemaker-training==4.4.10