From 3007c979507e292ef95d416fc11145bbaa289c9e Mon Sep 17 00:00:00 2001
From: Dorota Toczydlowska <115542912+dorotat-nv@users.noreply.github.com>
Date: Mon, 27 Jan 2025 19:38:25 +0100
Subject: [PATCH] fix CVE - bionemo1 (#662)

### Description
Fixing vulnerabilities found by CVE for `bionemo1`


usr/local/lib/python3.10/dist-packages/urllib3 (fixed in:
1.26.17)(https://github.com/advisories/GHSA-v845-jxx5-vc9f)

/usr/local/lib/python3.10/dist-packages/tornado (fixed in:
6.4.2)(https://github.com/advisories/GHSA-8w49-h785-mj3c)


### Type of changes
<!-- Mark the relevant option with an [x] -->

- [x]  Bug fix (non-breaking change which fixes an issue)
- [ ]  New feature (non-breaking change which adds functionality)
- [ ]  Refactor
- [ ]  Documentation update
- [ ]  Other (please describe):

### CI Pipeline Configuration
Configure CI behavior by applying the relevant labels:

-
[SKIP_CI](https://github.com/NVIDIA/bionemo-framework/blob/main/docs/docs/user-guide/contributing/contributing.md#skip_ci)
- Skip all continuous integration tests
-
[INCLUDE_NOTEBOOKS_TESTS](https://github.com/NVIDIA/bionemo-framework/blob/main/docs/docs/user-guide/contributing/contributing.md#include_notebooks_tests)
- Execute notebook validation tests in pytest
-
[INCLUDE_SLOW_TESTS](https://github.com/NVIDIA/bionemo-framework/blob/main/docs/docs/user-guide/contributing/contributing.md#include_slow_tests)
- Execute tests labelled as slow in pytest for extensive testing


> [!NOTE]
> By default, the notebooks validation tests are skipped unless
explicitly enabled.

### Usage
<!--- How does a user interact with the changed code -->
```python
TODO: Add code snippet
```

### Pre-submit Checklist
<!--- Ensure all items are completed before submitting -->

 - [x] I have tested these changes locally
 - [ ] I have updated the documentation accordingly
 - [ ] I have added/updated tests as needed
 - [ ] All existing tests pass successfully

---------

Signed-off-by: Dorota Toczydlowska <115542912+dorotat-nv@users.noreply.github.com>
---
 setup/requirements-cve.txt | 1 +
 setup/requirements.txt     | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/setup/requirements-cve.txt b/setup/requirements-cve.txt
index 53d2e4b1bd..7d588dcb2e 100644
--- a/setup/requirements-cve.txt
+++ b/setup/requirements-cve.txt
@@ -13,3 +13,4 @@ setuptools>=70.0.0
 nltk>=3.9.1
 aiohttp>=3.9.4
 Werkzeug>=3.0.3
+tornado>=6.4.2
diff --git a/setup/requirements.txt b/setup/requirements.txt
index 7b5df88e1d..62c8200084 100644
--- a/setup/requirements.txt
+++ b/setup/requirements.txt
@@ -9,7 +9,7 @@ pyfastx==1.1.0
 # matplotlib>=3.4.3
 matplotlib==3.8.0
 rdkit==2023.9.5
-urllib3==1.26.16
+urllib3==1.26.17
 ijson==3.2.3
 wandb==0.15.6
 einops==0.6.1