Hi I would like to follow up a bit on this comment...
# flytekit
s
Hi I would like to follow up a bit on this comment https://github.com/flyteorg/flytekit/pull/1769#issuecomment-1691372912. How critical is the bug compared to the security issue? Thanks.
f
Cc @thankful-minister-83577 do you know
t
and if you could bump that more @steep-jackal-21573 that would be great, we need more clout behind that ticket
s
I've managed to get another engineer on our side to bump the issue 😄 I will upvote it as well.
So, this issue is indeed considered to be more important than the CVE, from flytekit perspective, is that correct?
f
Let’s post it in the community and ask everyone to upvote
👍 1
t
@steep-jackal-21573 yeah it’s a correctness issue… it just fails in certain set-up configurations.
s
I see. If the impact is not wide spread, would it make sense to ask users to have the version pinned only for those set-up configurations? The CVE looks pretty serious according to Snyk.