From 51b5bc722e6d5b829e6887304cf12a55374fd561 Mon Sep 17 00:00:00 2001 From: Don Jayamanne Date: Wed, 15 Nov 2023 06:06:18 +1100 Subject: [PATCH] Fixes from release (#14720) --- CHANGELOG.md | 7 +++ .../raw/launcher/kernelProcess.node.ts | 10 ---- .../launcher/kernelProcess.node.unit.test.ts | 48 ++----------------- 3 files changed, 10 insertions(+), 55 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index bcfd6fb848a..909269edb4b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,13 @@ This changelog is deprecated. Here is where you can find details about the lates - Highlighted features for the latest release are described in the VS Code release notes, under the "Contributions to extensions" section: https://code.visualstudio.com/updates - All issues and code changes can be found by searching our Github repo under the latest milestone. [Example from November 2022](https://github.com/microsoft/vscode-jupyter/issues?q=is%3Aclosed+milestone%3A%22November+2022%22+) + +## 2023.10.1100000000 + +### Fixes + +1. Fixed vulnerability described in [CVE-2023-36018](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36018) + ## 2022.10.110 (2 November 2022) ### Enhancements diff --git a/src/kernels/raw/launcher/kernelProcess.node.ts b/src/kernels/raw/launcher/kernelProcess.node.ts index d771926e284..7ac60ba92c9 100644 --- a/src/kernels/raw/launcher/kernelProcess.node.ts +++ b/src/kernels/raw/launcher/kernelProcess.node.ts @@ -480,16 +480,6 @@ export class KernelProcess implements IKernelProcess { private addPythonConnectionArgs(connectionFile: Uri): string[] { const newConnectionArgs: string[] = []; - newConnectionArgs.push(`--ip=${this._connection.ip}`); - newConnectionArgs.push(`--stdin=${this._connection.stdin_port}`); - newConnectionArgs.push(`--control=${this._connection.control_port}`); - newConnectionArgs.push(`--hb=${this._connection.hb_port}`); - newConnectionArgs.push(`--Session.signature_scheme="${this._connection.signature_scheme}"`); - newConnectionArgs.push(`--Session.key=b"${this._connection.key}"`); // Note we need the 'b here at the start for a byte string - newConnectionArgs.push(`--shell=${this._connection.shell_port}`); - newConnectionArgs.push(`--transport="${this._connection.transport}"`); - newConnectionArgs.push(`--iopub=${this._connection.iopub_port}`); - // Turn this on if you get desparate. It can cause crashes though as the // logging code isn't that robust. // if (isTestExecution()) { diff --git a/src/kernels/raw/launcher/kernelProcess.node.unit.test.ts b/src/kernels/raw/launcher/kernelProcess.node.unit.test.ts index d81308138ac..3fef86db1d9 100644 --- a/src/kernels/raw/launcher/kernelProcess.node.unit.test.ts +++ b/src/kernels/raw/launcher/kernelProcess.node.unit.test.ts @@ -305,21 +305,7 @@ suite('kernel Process', () => { when(pythonExecFactory.createActivatedEnvironment(anything())).thenResolve(instance(pythonProcess)); when(connectionMetadata.kind).thenReturn('startUsingPythonInterpreter'); when(connectionMetadata.kernelSpec).thenReturn(kernelSpec); - const expectedArgs = [ - `-m`, - `ipykernel`, - `--ip=${connection.ip}`, - `--stdin=${connection.stdin_port}`, - `--control=${connection.control_port}`, - `--hb=${connection.hb_port}`, - `--Session.signature_scheme="${connection.signature_scheme}"`, - `--Session.key=b"${connection.key}"`, - `--shell=${connection.shell_port}`, - `--transport="${connection.transport}"`, - `--iopub=${connection.iopub_port}`, - `--f="${expectedConnectionFile}"`, - `--debug` - ]; + const expectedArgs = [`-m`, `ipykernel`, `--f="${expectedConnectionFile}"`, `--debug`]; await kernelProcess.launch(__dirname, 0, token.token); verify(processService.execObservable(anything(), anything())).never(); @@ -353,21 +339,7 @@ suite('kernel Process', () => { when(pythonExecFactory.createActivatedEnvironment(anything())).thenResolve(instance(pythonProcess)); when(connectionMetadata.kind).thenReturn('startUsingPythonInterpreter'); when(connectionMetadata.kernelSpec).thenReturn(kernelSpec); - const expectedArgs = [ - `-m`, - `ipykernel`, - `--ip=${connection.ip}`, - `--stdin=${connection.stdin_port}`, - `--control=${connection.control_port}`, - `--hb=${connection.hb_port}`, - `--Session.signature_scheme="${connection.signature_scheme}"`, - `--Session.key=b"${connection.key}"`, - `--shell=${connection.shell_port}`, - `--transport="${connection.transport}"`, - `--iopub=${connection.iopub_port}`, - `--f="${Uri.file(tempFile).fsPath}"`, - `--debug` - ]; + const expectedArgs = [`-m`, `ipykernel`, `--f="${Uri.file(tempFile).fsPath}"`, `--debug`]; await kernelProcess.launch(__dirname, 0, token.token); verify(processService.execObservable(anything(), anything())).never(); @@ -394,21 +366,7 @@ suite('kernel Process', () => { when(pythonExecFactory.createActivatedEnvironment(anything())).thenResolve(instance(pythonProcess)); when(connectionMetadata.kind).thenReturn('startUsingPythonInterpreter'); when(connectionMetadata.kernelSpec).thenReturn(kernelSpec); - const expectedArgs = [ - `-m`, - `ipykernel`, - `--ip=${connection.ip}`, - `--stdin=${connection.stdin_port}`, - `--control=${connection.control_port}`, - `--hb=${connection.hb_port}`, - `--Session.signature_scheme="${connection.signature_scheme}"`, - `--Session.key=b"${connection.key}"`, - `--shell=${connection.shell_port}`, - `--transport="${connection.transport}"`, - `--iopub=${connection.iopub_port}`, - `--f=${Uri.file('connection.json').fsPath}`, - `--debug` - ]; + const expectedArgs = [`-m`, `ipykernel`, `--f=${Uri.file('connection.json').fsPath}`, `--debug`]; await kernelProcess.launch(__dirname, 0, token.token); verify(processService.execObservable(anything(), anything())).never();