We are getting some medium severity vulnerabilities related to older Python 2.7 version in RabbitMQ. Is there a way to fix these using the AWX build process?
The suggested fix is: All Python 2.7.x users should upgrade to the latest version >= python-2.7.172.7 but i am not sure how i can achieve this using the build process.
Also, could anyone please suggest how the RabbitMQ and Memcached Images are created during build process, i could only find a way to make changes in AWX Web/task images.
RabbitMQ is being replaced (https://github.com/ansible/awx/pull/6034).
Next release won't have a dependency on it if I understood it right.
So issues with rabbitmq container will resolve themselves soon.
Isn’t that built into your operating systems upgrade tools? Python2.7.172.7 would still show up at /usr/lib/python2.7, that is the “major release number”.
Thanks, i noticed it and tried the version 10.0.0, now for some reason my browser keeps showing the migration screen. This is a new clean installation and i have tried this multiple times but facing the same issue. Could you please suggest how to resolve this?
Actually that specific version has fixes for some of the library scripts in 2.7.16. I didnt get the part about upgrade tool of OS, i was trying to find a way to build or upgrade AWX RMQ image with Python 3.x. The default version in it is Python 2.7.16 but it is using RabbitMQ-alpine-management as base image and that is using alpine as base image. Hence, wanted to understand the dependency tree for upgraded version of python.
The container is a docker image, righ? I assume you’re using the CentOS 8 based docker containers? Most containers are stripped down OS images. Run “yum install” inside the docker container to get an updated image, and test with that.
