https://flyte.org logo
#flytekit
Title
# flytekit
h

honnix

08/29/2023, 9:24 AM
Hi I would like to follow up a bit on this comment https://github.com/flyteorg/flytekit/pull/1769#issuecomment-1691372912. How critical is the bug compared to the security issue? Thanks.
k

Ketan (kumare3)

08/29/2023, 1:48 PM
Cc @Yee do you know
y

Yee

08/29/2023, 5:04 PM
and if you could bump that more @honnix that would be great, we need more clout behind that ticket
h

honnix

08/30/2023, 7:18 AM
I've managed to get another engineer on our side to bump the issue đŸ˜„ I will upvote it as well.
So, this issue is indeed considered to be more important than the CVE, from flytekit perspective, is that correct?
k

Ketan (kumare3)

08/30/2023, 3:22 PM
Let’s post it in the community and ask everyone to upvote
y

Yee

08/30/2023, 5:51 PM
@honnix yeah it’s a correctness issue… it just fails in certain set-up configurations.
h

honnix

08/30/2023, 6:45 PM
I see. If the impact is not wide spread, would it make sense to ask users to have the version pinned only for those set-up configurations? The CVE looks pretty serious according to Snyk.