Skip to content

Commit

Permalink
Merge pull request #2473 from minrk/hub-1.5
Browse files Browse the repository at this point in the history
Release chart version 1.2.0, bump to JupyterHub 1.5
  • Loading branch information
consideRatio authored Nov 4, 2021
2 parents a96ac35 + faaaeab commit 5c0d0c5
Show file tree
Hide file tree
Showing 4 changed files with 26 additions and 3 deletions.
23 changes: 23 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,29 @@ Here you can find upgrade changes in between releases and upgrade instructions.

## UNRELEASED

## 1.2

### 1.2.0 - 2021-11-04

Security release! Updates JupyterHub to 1.5 to address a [moderate security vulnerability][ghsa-cw7p-q79f-m2v7]
affecting JupyterLab users,
where logout may not always fully clear credentials from the browser if multiple sessions are open at the time.

[ghsa-cw7p-q79f-m2v7]: https://github.com/jupyterhub/jupyterhub/security/advisories/GHSA-cw7p-q79f-m2v7

A few small features are backported from the upcoming 2.0 release as well.
See [the release notes][juptyerhub-1.5-changelog] for more.

[juptyerhub-1.5-changelog]: https://jupyterhub.readthedocs.io/en/1.5.0/changelog.html#id1

Because the vulnerability is in the single-user environment,
you can get the fix in existing deployments by upgrading JupyterHub to 1.5 in your _user_ environment
without updating the rest of your chart.

Similarly, upgrading the chart without also upgrading JupyterHub to 1.5 in your user environment **will not** fix the vulnerability.

JupyterHub 1.5 in the user environment is fully compatible with a Hub running 1.4, and _vice versa_.

## [1.1]

### [1.1.4] - 2021-10-28
Expand Down
2 changes: 1 addition & 1 deletion chartpress.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -48,4 +48,4 @@ charts:
# singleuser-sample, a primitive user container to start with.
singleuser-sample:
valuesPath: singleuser.image
PIP_OVERRIDES: jupyterhub==1.4.2
PIP_OVERRIDES: jupyterhub==1.5.0
2 changes: 1 addition & 1 deletion images/hub/requirements.txt
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,7 @@ jsonschema==3.2.0
# via jupyter-telemetry
jupyter-telemetry==0.1.0
# via jupyterhub
jupyterhub==1.4.2
jupyterhub==1.5.0
# via
# -r requirements.in
# jupyterhub-firstuseauthenticator
Expand Down
2 changes: 1 addition & 1 deletion jupyterhub/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
apiVersion: v2
name: jupyterhub
version: 0.0.1-set.by.chartpress
appVersion: 1.4.2
appVersion: 1.5.0
description: Multi-user Jupyter installation
keywords: [jupyter, jupyterhub, z2jh]
home: https://z2jh.jupyter.org
Expand Down

0 comments on commit 5c0d0c5

Please sign in to comment.