Skip to content

Commit 6530d26

Browse files
committed
fix(hvp-monolith): clear Trivy CVEs (nuke pkgs cache, bump numexpr, justify locked CVEs)
Three changes addressing the 12 CVEs Trivy flagged on hvp-monolith: 1. Dockerfile cleanup: remove /opt/conda/pkgs/* (was: only pkgs/cache). The extracted package dirs hold a second copy of every installed package (~9 GB) plus stale versions left behind by env solves. Eliminates CVE-2026-1669 (keras 3.12.0 only existed in pkgs/; base env has 3.14.1) and shrinks the final image. 2. env-vcontact2.yaml: pin numexpr>=2.8.5 to clear CVE-2023-39631 (CRITICAL — langchain RCE via evaluate). 2.8.5 is the lowest fixed release and still py=3.8 + numpy<1.24 compatible. 3. .trivyignore: document the remaining CVEs that are upstream-locked and not reachable in our pipeline: - DVF env (py=3.6 ceiling): keras 2.2.4, setuptools 58.0.4 CVEs - vcontact2 env (py=3.8 ceiling): urllib3 2.2.3, setuptools 75.3.0 - jaraco.context 5.3.0 vendored by both setuptools above - Ruby json/net-imap from das_tool's bioconda dep on r44 ruby Each .trivyignore entry includes a written reachability argument and a quarterly review reminder per AGENTS.md.
1 parent d44158a commit 6530d26

3 files changed

Lines changed: 71 additions & 2 deletions

File tree

docker/hvp-monolith/.trivyignore

Lines changed: 63 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -11,3 +11,66 @@
1111
# package is upgraded. Remove entries once the underlying package ships a fix.
1212
#
1313
# =============================================================================
14+
#
15+
# -----------------------------------------------------------------------------
16+
# DeepVirFinder env (python=3.6) — upstream-locked
17+
# -----------------------------------------------------------------------------
18+
# DVF (jessieren/DeepVirFinder) ships no py>3.6 support and pins keras==2.2.4
19+
# + theano==1.0.3. Both are pip-installed in a sidecar env. setuptools at the
20+
# py3.6 ceiling is 58.0.4. None of these are reachable from a workflow caller:
21+
# DVF is invoked only via /usr/local/bin/dvf.py against user-supplied FASTA;
22+
# no untrusted model download, no PyPI install at runtime, no setuptools
23+
# package_index calls. Accepted until DVF is replaced (tracking).
24+
#
25+
# CVE-2024-3660: keras 2.2.4 — code injection via TF Keras model load. We
26+
# never load third-party model files; only the DVF-bundled weights ship in
27+
# the image. Quarterly review.
28+
CVE-2024-3660
29+
# CVE-2025-12060: keras 2.2.4 — path traversal in model loading. Same scope
30+
# as above; not reachable. Quarterly review.
31+
CVE-2025-12060
32+
# CVE-2024-6345: setuptools <70.0.0 — RCE via package_index download
33+
# functions. We never invoke setuptools at runtime (envs are baked at build
34+
# time). Hits both 58.0.4 (DVF, py3.6 ceiling) and 75.3.0 (vcontact2, py3.8
35+
# ceiling). Quarterly review.
36+
CVE-2024-6345
37+
# CVE-2025-47273: setuptools <78.1.1 — path traversal in PackageIndex. Same
38+
# non-reachability argument as CVE-2024-6345. Quarterly review.
39+
CVE-2025-47273
40+
#
41+
# -----------------------------------------------------------------------------
42+
# vcontact2 env (python=3.8) — upstream-locked
43+
# -----------------------------------------------------------------------------
44+
# vcontact2 0.11.3 requires python=3.8. urllib3 2.3+ requires python>=3.9, so
45+
# the py3.8 ceiling is urllib3 2.2.3. vcontact2 itself uses urllib3 only via
46+
# pandas's optional network features (we don't); the wrapper shim calls the
47+
# binary against local files. Accepted until vcontact2 ships py>=3.9 support.
48+
#
49+
# CVE-2026-44431: urllib3 2.2.3 — fixed in 2.7.0; not py3.8-compatible.
50+
# No untrusted-URL fetch in the pipeline. Quarterly review.
51+
CVE-2026-44431
52+
#
53+
# -----------------------------------------------------------------------------
54+
# jaraco.context (vendored by setuptools)
55+
# -----------------------------------------------------------------------------
56+
# CVE-2026-23949: jaraco.context 5.3.0 — path traversal via malicious tar.
57+
# Vendored inside setuptools (setuptools._vendor.jaraco.context) in the
58+
# py3.6 and py3.8 sidecar envs above. Same non-reachability argument as
59+
# the setuptools CVEs. Removed automatically when those envs upgrade.
60+
CVE-2026-23949
61+
#
62+
# -----------------------------------------------------------------------------
63+
# Ruby (pulled in by das_tool=1.1.7)
64+
# -----------------------------------------------------------------------------
65+
# das_tool ships .rb scripts (scg_blank_diamond.rb, scg_blank_usearch.rb,
66+
# scg_blank_blast.rb) that bioconda's r44 ruby runtime executes. Dropping
67+
# Ruby breaks das_tool; bioconda has not rebuilt das_tool on a newer Ruby
68+
# stdlib gem set. Neither JSON parsing nor IMAP is invoked in the
69+
# das_tool execution paths we use.
70+
#
71+
# CVE-2026-33210: ruby/json 2.18.0 — DoS / info disclosure via format string.
72+
# das_tool's .rb scripts don't parse untrusted JSON. Quarterly review.
73+
CVE-2026-33210
74+
# CVE-2026-42246: ruby/net-imap 0.6.2 — IMAP client vulnerability. das_tool
75+
# does not open any network sockets, let alone IMAP. Quarterly review.
76+
CVE-2026-42246

docker/hvp-monolith/Dockerfile

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -82,15 +82,18 @@ RUN set -e; \
8282

8383
# Strip caches, byte-compiled modules, and docs from /opt/conda. Python will
8484
# regenerate __pycache__ at runtime for modules it imports; nothing here is
85-
# required at runtime.
85+
# required at runtime. The /opt/conda/pkgs/* extracted dirs hold a second copy
86+
# of every installed package (~9 GB) plus stale versions left behind by env
87+
# solves — those stale copies trip Trivy with CVEs against versions that are
88+
# not actually on $PATH in any env.
8689
RUN set -e; \
8790
find /opt/conda -type d -name __pycache__ -prune -exec rm -rf {} +; \
8891
find /opt/conda -type f -name '*.pyc' -delete; \
8992
find /opt/conda -type f -name '*.pyo' -delete; \
9093
find /opt/conda -type d -path '*/share/man*' -prune -exec rm -rf {} +; \
9194
find /opt/conda -type d -path '*/share/doc/*' -prune -exec rm -rf {} +; \
9295
find /opt/conda -type d -path '*/share/info/*' -prune -exec rm -rf {} +; \
93-
rm -rf /opt/conda/pkgs/cache 2>/dev/null || true; \
96+
rm -rf /opt/conda/pkgs 2>/dev/null || true; \
9497
rm -rf /home/$MAMBA_USER/.mamba/pkgs 2>/dev/null || true; \
9598
true
9699

docker/hvp-monolith/env-vcontact2.yaml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,9 @@ dependencies:
1111
# vcontact2 0.11.3 uses `np.warnings.filterwarnings(...)` which numpy >=1.24
1212
# removed. Pin numpy below 1.24 to keep the module importable.
1313
- "numpy<1.24"
14+
# numexpr 2.8.4 carries CVE-2023-39631 (langchain RCE via evaluate);
15+
# 2.8.5+ fixes it and still solves under py=3.8 + numpy<1.24.
16+
- "numexpr>=2.8.5"
1417
- diamond=2.1.24
1518
- mcl
1619
- clusterone

0 commit comments

Comments
 (0)