Skip to content

1.25: Bump from jupyter_server >=2.10.0 to jupyter_server >=2.20.0 (#2207)#2216

Merged
andy-maier merged 1 commit into
stable_1.25from
1.25/andy/bump-jupyter-server
Jul 10, 2026
Merged

1.25: Bump from jupyter_server >=2.10.0 to jupyter_server >=2.20.0 (#2207)#2216
andy-maier merged 1 commit into
stable_1.25from
1.25/andy/bump-jupyter-server

Conversation

@andy-maier

Copy link
Copy Markdown
Member

backports PR #2207 into 1.25.

* security: Bump jupyter_server >=2.20.0 on Python>=3.10 (CVE-2024-35178)

Fixes path traversal vulnerability in jupyter_server <=2.17.0.

Signed-off-by: Vonteddu Chaithra <Vonteddu.Chaithra1@ibm.com>

* Addressed Review Comments

Signed-off-by: Vonteddu Chaithra <Vonteddu.Chaithra1@ibm.com>

---------

Signed-off-by: Vonteddu Chaithra <Vonteddu.Chaithra1@ibm.com>
Co-authored-by: Vonteddu Chaithra <Vonteddu.Chaithra1@ibm.com>
@andy-maier andy-maier self-assigned this Jul 10, 2026
@andy-maier andy-maier added this to the 1.25.2 milestone Jul 10, 2026
@coveralls

Copy link
Copy Markdown
Collaborator

Coverage Status

coverage: 79.821%. remained the same — 1.25/andy/bump-jupyter-server into stable_1.25

@andy-maier andy-maier merged commit d409c7e into stable_1.25 Jul 10, 2026
10 checks passed
@andy-maier andy-maier deleted the 1.25/andy/bump-jupyter-server branch July 10, 2026 07:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants