CVE-2021-32677

Advisory

Syft 0.6.0a0 updates its dependency 'fastapi' to v0.68.0 to include a security fix.

Affected package

Affected versions

Fixed versions

Vulnerability changelog

This is the first alpha release of `0.6.0`.

What's Changed
* Test network utility by vsquareg in https://github.com/OpenMined/PySyft/pull/5609
* Fixing Pillow 8.3.0 breaking CI by madhavajay in https://github.com/OpenMined/PySyft/pull/5755
* Serialization of ring_size in ShareTensor, ReplicatedSharedTensor by rasswanth-s in https://github.com/OpenMined/PySyft/pull/5753
* Modified deserialization to use share config. by rasswanth-s in https://github.com/OpenMined/PySyft/pull/5763
* Iamtrask/ch135/sample story by iamtrask in https://github.com/OpenMined/PySyft/pull/5791
* [WIP] pip install hagrid (and it's deps automagically) by iamtrask in https://github.com/OpenMined/PySyft/pull/5777
* [sympc] Changed type of nr_parties to int32 from bytes by hershd23 in https://github.com/OpenMined/PySyft/pull/5804
* Fixed linting errror by unpacking tuple correctly and adding type hint by IshanMi in https://github.com/OpenMined/PySyft/pull/5825
* [WIP] Store DP Tensor in object-store by Kritikalcoder in https://github.com/OpenMined/PySyft/pull/5792
* Flake 8 fix 0.6.0 by tudorcebere in https://github.com/OpenMined/PySyft/pull/5821
* Remove --experimental_allow_proto3_optional and force upgrade protobuf>=3.15 by rohithpudari in https://github.com/OpenMined/PySyft/pull/5649
* Removed old original pytorch example references and updated notebooks by madhavajay in https://github.com/OpenMined/PySyft/pull/5835
* Gym protobuf by madhavajay in https://github.com/OpenMined/PySyft/pull/5836
* [W.I.P.] Fixing linting errors in Autograd by IshanMi in https://github.com/OpenMined/PySyft/pull/5832
* Ch488 HAGrid goes to sk00le and learns grammar by madhavajay in https://github.com/OpenMined/PySyft/pull/5828
* fixing mypy for hagrid by tudorcebere in https://github.com/OpenMined/PySyft/pull/5829
* fixing mypy for grid by tudorcebere in https://github.com/OpenMined/PySyft/pull/5831
* Added PublishScalarService to Domain by IshanMi in https://github.com/OpenMined/PySyft/pull/5842
* Fixed issue causing the tool to break because of MyPy change by madhavajay in https://github.com/OpenMined/PySyft/pull/5843
* Getting MyPy checking for Syft working by madhavajay in https://github.com/OpenMined/PySyft/pull/5845
* Updating tox fix by madhavajay in https://github.com/OpenMined/PySyft/pull/5846
* Ch291 syft by tudorcebere in https://github.com/OpenMined/PySyft/pull/5841
* Madhava/hot fix backend issue by madhavajay in https://github.com/OpenMined/PySyft/pull/5847
* Madhava/ch589 hagrid polish by madhavajay in https://github.com/OpenMined/PySyft/pull/5849
* Add Tensor send support for ADP PyGrid demo by IshanMi in https://github.com/OpenMined/PySyft/pull/5853
* Fixed issue where datasets endpoint was using old attribute name by madhavajay in https://github.com/OpenMined/PySyft/pull/5854
* First 0.6.0 Stack Integration Test by madhavajay in https://github.com/OpenMined/PySyft/pull/5855
* Added version to stack docker images by madhavajay in https://github.com/OpenMined/PySyft/pull/5856
* HAGrid ssh keygen by madhavajay in https://github.com/OpenMined/PySyft/pull/5858
* Windows HAGrid README by madhavajay in https://github.com/OpenMined/PySyft/pull/5859
* [W.I.P.] Add experimental notebook for ADP Demo by IshanMi in https://github.com/OpenMined/PySyft/pull/5862
* Updating 0.6.0 by madhavajay in https://github.com/OpenMined/PySyft/pull/5863
* Hotfix for Deps by madhavajay in https://github.com/OpenMined/PySyft/pull/5867
* flynt check back by tudorcebere in https://github.com/OpenMined/PySyft/pull/5865
* HAGrid Wheel Build by madhavajay in https://github.com/OpenMined/PySyft/pull/5871
* Sympc tensor grid by gmuraru in https://github.com/OpenMined/PySyft/pull/5822
* Notebook design experience by shubham3121 in https://github.com/OpenMined/PySyft/pull/5823
* Merge into dev by iamtrask in https://github.com/OpenMined/PySyft/pull/5875
* Continuing work from PR 5734 by iamtrask in https://github.com/OpenMined/PySyft/pull/5737
* Codebase fixes to get the Friday trade_demo working by iamtrask in https://github.com/OpenMined/PySyft/pull/5876
* Serde for primitive types by iamtrask in https://github.com/OpenMined/PySyft/pull/5879
* Add support for hagrid shorthand commands by iamtrask in https://github.com/OpenMined/PySyft/pull/5878
* Hot Fix for unboxed PyPrimitive upcasting by madhavajay in https://github.com/OpenMined/PySyft/pull/5884
* mypy fix for syft 🍒 by madhavajay in https://github.com/OpenMined/PySyft/pull/5885
* Fixed weird issue with test_known_child_nodes failing in CI by madhavajay in https://github.com/OpenMined/PySyft/pull/5888
* Fixing dependencies with security warnings from dependabot by madhavajay in https://github.com/OpenMined/PySyft/pull/5893
* [SMPC] Add public operations and refactor some code by gmuraru in https://github.com/OpenMined/PySyft/pull/5889
* Bump next from 10.0.8 to 11.1.0 in /packages/grid/grid-ui by dependabot in https://github.com/OpenMined/PySyft/pull/5906
* Fixing problem with hagrid and tail by madhavajay in https://github.com/OpenMined/PySyft/pull/5915
* [PyGrid] Improve logging by tcp in https://github.com/OpenMined/PySyft/pull/5880
* [PyGrid] Set up pytest for grid tests by tcp in https://github.com/OpenMined/PySyft/pull/5882
* [WIP] Upgrade websockets for dependabot security alert by madhavajay in https://github.com/OpenMined/PySyft/pull/5914
* HAGrid VM Image by madhavajay in https://github.com/OpenMined/PySyft/pull/5912
* auto update cherry picked by madhavajay in https://github.com/OpenMined/PySyft/pull/5919
* Update Stable Branch by madhavajay in https://github.com/OpenMined/PySyft/pull/5920
* Azure Image Build and Quickstart Template by madhavajay in https://github.com/OpenMined/PySyft/pull/5924
* Add publish as forward method by gmuraru in https://github.com/OpenMined/PySyft/pull/5929
* [PyGrid] Users CRUD by tcp in https://github.com/OpenMined/PySyft/pull/5883
* HAGrid Improvements by madhavajay in https://github.com/OpenMined/PySyft/pull/5936
* Added log rotation cronjob by madhavajay in https://github.com/OpenMined/PySyft/pull/5937
* Updating 0.6.0 by madhavajay in https://github.com/OpenMined/PySyft/pull/5938
* Split cron into redeploy by madhavajay in https://github.com/OpenMined/PySyft/pull/5939
* Updating 0.6.0 by madhavajay in https://github.com/OpenMined/PySyft/pull/5940
* Updating 0.6.0 by madhavajay in https://github.com/OpenMined/PySyft/pull/5941
* Make redeploy.sh only run once at a time by madhavajay in https://github.com/OpenMined/PySyft/pull/5942
* Update 0.6.0 by madhavajay in https://github.com/OpenMined/PySyft/pull/5943
* Back to dev by madhavajay in https://github.com/OpenMined/PySyft/pull/5947
* Prepare for ADP+SMPC Demo branch Merge into dev by iamtrask in https://github.com/OpenMined/PySyft/pull/5931
* [WIP] Accountant allows downloads of published data by Kritikalcoder in https://github.com/OpenMined/PySyft/pull/5793
* feat: start UI e2e testing by tcp in https://github.com/OpenMined/PySyft/pull/5932
* I tried to sort out merge conflicts for https://github.com/OpenMined/PySyft/pull/5935 by iamtrask in https://github.com/OpenMined/PySyft/pull/5949
* Fixing docker image cache and adding stack tests to dev PRs by madhavajay in https://github.com/OpenMined/PySyft/pull/5953
* SimpleService and NodeRunnableMessageWithReply by iamtrask in https://github.com/OpenMined/PySyft/pull/5954
* fix: remove blank notebook by tcp in https://github.com/OpenMined/PySyft/pull/5951
* syft.register() and domain_client.request_budget() by iamtrask in https://github.com/OpenMined/PySyft/pull/5955
* Revert previous change I made which broke things because of new alemb… by iamtrask in https://github.com/OpenMined/PySyft/pull/5956
* deleted mitogen folder and strategy by bayegaspard in https://github.com/OpenMined/PySyft/pull/5958
* Dataset creation and discovery improvements by iamtrask in https://github.com/OpenMined/PySyft/pull/5957
* [WIP] Mock Notebooks for course 3 by shubham3121 in https://github.com/OpenMined/PySyft/pull/5961
* Deploy node-specific interface (domain or network) by tcp in https://github.com/OpenMined/PySyft/pull/5959
* Fixing some Docker issues by madhavajay in https://github.com/OpenMined/PySyft/pull/5965
* MPCTensor : Numpy Hook Methods by rasswanth-s in https://github.com/OpenMined/PySyft/pull/5963
* Fixing broken torch tests due to changed handling of builtins and boxes by madhavajay in https://github.com/OpenMined/PySyft/pull/5966
* chore(deps): bump next from 11.1.0 to 11.1.1 in /packages/grid/frontend by dependabot in https://github.com/OpenMined/PySyft/pull/5950
* chore(deps): bump axios from 0.21.1 to 0.21.2 in /packages/grid/frontend by dependabot in https://github.com/OpenMined/PySyft/pull/5972
* Serde refactor remove interface by tudorcebere in https://github.com/OpenMined/PySyft/pull/5970
* Absolufy imports and fixes by madhavajay in https://github.com/OpenMined/PySyft/pull/5975
* moving recursive serde into the decorator by tudorcebere in https://github.com/OpenMined/PySyft/pull/5973
* Merging adp_dev into dev by IshanMi in https://github.com/OpenMined/PySyft/pull/5978
* Merge adp_dev into dev by IshanMi in https://github.com/OpenMined/PySyft/pull/5979
* IntermediateGammaTensor.repeat() by iamtrask in https://github.com/OpenMined/PySyft/pull/5977
* [WIP] IntermediateGammaTensor.__sub__ by iamtrask in https://github.com/OpenMined/PySyft/pull/5976
* [WIP] Data Subject Annotation Wizard and related UX improvements by iamtrask in https://github.com/OpenMined/PySyft/pull/5960
* SMPC + AutoDP Integration Tests by madhavajay in https://github.com/OpenMined/PySyft/pull/5981
* Forgot the prestige 🎩 by madhavajay in https://github.com/OpenMined/PySyft/pull/5982
* Ci optimize path filter by bitsofsteve in https://github.com/OpenMined/PySyft/pull/5987
* Modified Version Tests to pull request. by rasswanth-s in https://github.com/OpenMined/PySyft/pull/5988
* SMPC -Numpy Ops by rasswanth-s in https://github.com/OpenMined/PySyft/pull/5990
* Add comparison operators for REPTs and SEPTs by fiza11 in https://github.com/OpenMined/PySyft/pull/5986
* [SMPC] Implemented matmul by aanurraj in https://github.com/OpenMined/PySyft/pull/5993
* Abstraction of MPCTensor for tensor pointer computation. by rasswanth-s in https://github.com/OpenMined/PySyft/pull/5971
* Bump tmpl from 1.0.4 to 1.0.5 in /packages/grid/frontend by dependabot in https://github.com/OpenMined/PySyft/pull/5998
* chore(deps): bump semver-regex from 3.1.2 to 3.1.3 in /packages/grid/frontend by dependabot in https://github.com/OpenMined/PySyft/pull/5992
* Added support and tests to SingleEntityPhiTensor for all transform operators by IshanMi in https://github.com/OpenMined/PySyft/pull/5995
* Added .lock and .json to stack tests to include frontend package updates by madhavajay in https://github.com/OpenMined/PySyft/pull/6001
* Bump ansi-regex from 5.0.0 to 5.0.1 in /packages/grid/frontend by dependabot in https://github.com/OpenMined/PySyft/pull/6000
* Initial VPN support by madhavajay in https://github.com/OpenMined/PySyft/pull/5997
* Added support & tests for np operations (eq, ne, add, sub, repeat, pos) to S.E.P.T, R.E.P.T by IshanMi in https://github.com/OpenMined/PySyft/pull/5948
* [W.I.P.] Patch flaky SEPT tests on Windows by checking for dimension size by IshanMi in https://github.com/OpenMined/PySyft/pull/6002
* Adding ALL remaining ADP Operations for week 2 by IshanMi in https://github.com/OpenMined/PySyft/pull/6005
* Add support and tests for all transform operations for RowEntityPhiTensors by IshanMi in https://github.com/OpenMined/PySyft/pull/6003
* Update / Fix roles by IonesioJunior in https://github.com/OpenMined/PySyft/pull/6006
* Fixed Inplace SQL Alchemy issue. by rasswanth-s in https://github.com/OpenMined/PySyft/pull/6010
* Update README.md by callezenwaka in https://github.com/OpenMined/PySyft/pull/5918
* Ci docker layer cache setup by bitsofsteve in https://github.com/OpenMined/PySyft/pull/6004
* Replacing Global Variables in pytest files with fixtures by IshanMi in https://github.com/OpenMined/PySyft/pull/6009
* Create L5_Data_Scientist.ipynb by pculliton in https://github.com/OpenMined/PySyft/pull/6027
* Released HAGrid==0.1.6 by madhavajay in https://github.com/OpenMined/PySyft/pull/6034
* [SMPC]Generation of Beaver Triples by rasswanth-s in https://github.com/OpenMined/PySyft/pull/5996
* Kubernetes installation with helmcharts and tilt by AutomationLife in https://github.com/OpenMined/PySyft/pull/5928
* Docker Buildx Cache by madhavajay in https://github.com/OpenMined/PySyft/pull/6039
* Fixed issue with devspace dev command by madhavajay in https://github.com/OpenMined/PySyft/pull/6038
* Manual Docker Cache + Cleanup by madhavajay in https://github.com/OpenMined/PySyft/pull/6040
* Update the deploy node notebook for Course 3 by IrinaMBejan in https://github.com/OpenMined/PySyft/pull/6037
* Making git repo url explicit by adding .git suffix by madhavajay in https://github.com/OpenMined/PySyft/pull/6044
* Tensor pointer abstraction. by rasswanth-s in https://github.com/OpenMined/PySyft/pull/6045
* Fixes SMPC stack integration tests by rasswanth-s in https://github.com/OpenMined/PySyft/pull/5974
* Implement n_entities and unique_entities for SEPT, REPT, IGT by IshanMi in https://github.com/OpenMined/PySyft/pull/6035
* Modified Crypto Store Code by rasswanth-s in https://github.com/OpenMined/PySyft/pull/6048
* SPDZ multiply code by rasswanth-s in https://github.com/OpenMined/PySyft/pull/6049
* VPN API by madhavajay in https://github.com/OpenMined/PySyft/pull/6046
* Private Multiplication Iteration four. by rasswanth-s in https://github.com/OpenMined/PySyft/pull/6050
* Private mul iteration5 by rasswanth-s in https://github.com/OpenMined/PySyft/pull/6052
* Private mul iteration6 by rasswanth-s in https://github.com/OpenMined/PySyft/pull/6053
* Add round() to SEPT, REPT by IshanMi in https://github.com/OpenMined/PySyft/pull/6028
* fix: update set-value to 4.0.0 by tcp in https://github.com/OpenMined/PySyft/pull/6062
* Fix: move set-value to 4.1.0 by tcp in https://github.com/OpenMined/PySyft/pull/6063
* [Engineering] - DO configures domain by IonesioJunior in https://github.com/OpenMined/PySyft/pull/5968
* Implement Min() and Max() for SingleEntityPhiTensor by IshanMi in https://github.com/OpenMined/PySyft/pull/6007
* Fix race condition in trade demo test with getting requests approved by madhavajay in https://github.com/OpenMined/PySyft/pull/6066
* Add L3 notebook improvements by IrinaMBejan in https://github.com/OpenMined/PySyft/pull/6058
* Add qualifier and arithmetic operations for SEPTs by fiza11 in https://github.com/OpenMined/PySyft/pull/6013
* Iteration 2 Private Compare by rasswanth-s in https://github.com/OpenMined/PySyft/pull/6065
* Add decomposition on the DS side by gmuraru in https://github.com/OpenMined/PySyft/pull/6067
* Add trace() and prod() methods for SingleEntityPhiTensors by IshanMi in https://github.com/OpenMined/PySyft/pull/6008
* Private compare iteration 4 to iteration 3 by gmuraru in https://github.com/OpenMined/PySyft/pull/6070
* Iteration3 Private Compare by rasswanth-s in https://github.com/OpenMined/PySyft/pull/6069
* Iteration 5 Private Compare by rasswanth-s in https://github.com/OpenMined/PySyft/pull/6072
* Iteration 6 - Add ring size and use map operation by gmuraru in https://github.com/OpenMined/PySyft/pull/6073
* Added cumsum() and cumprod() to SEPT, REPT by IshanMi in https://github.com/OpenMined/PySyft/pull/6029
* [Back-End] - Adjust permissions so a Data Scientist (or any user?) can update their own information by IonesioJunior in https://github.com/OpenMined/PySyft/pull/6076
* SMPC - Private Multiplication and Parties communication. by rasswanth-s in https://github.com/OpenMined/PySyft/pull/6032
* Added remaining Week 3 operators plus a bonus Week 4 operator by IshanMi in https://github.com/OpenMined/PySyft/pull/6030
* Add get_ops from ShareTensor by gmuraru in https://github.com/OpenMined/PySyft/pull/6074
* notebooks: add mock notebooks for course 3 by shubham3121 in https://github.com/OpenMined/PySyft/pull/5964
* Documentation: Hagrid by jmaunon in https://github.com/OpenMined/PySyft/pull/6079
* Admin users can set budget when creating users through jupyter notebook by iamtrask in https://github.com/OpenMined/PySyft/pull/6080
* Configure self-hosted runner for CI runs by bitsofsteve in https://github.com/OpenMined/PySyft/pull/6075
* Intermediate Gamma Tensor [IGT] by rasswanth-s in https://github.com/OpenMined/PySyft/pull/6036
* Update ancestors.py by pculliton in https://github.com/OpenMined/PySyft/pull/6081
* SMPC Private compare by gmuraru in https://github.com/OpenMined/PySyft/pull/6077
* Update dataset upload flow (Functionalities for assets) by shubham3121 in https://github.com/OpenMined/PySyft/pull/6068
* fixing association requests by madhavajay in https://github.com/OpenMined/PySyft/pull/6059
* Private-private comparison for RowEntityPhiTensors by IshanMi in https://github.com/OpenMined/PySyft/pull/6087
* Client PeerDiscovery by madhavajay in https://github.com/OpenMined/PySyft/pull/6088
* Network Search by madhavajay in https://github.com/OpenMined/PySyft/pull/6092
* Initial work on unfinished tasks retrying. by tudorcebere in https://github.com/OpenMined/PySyft/pull/6089
* Container Action by rasswanth-s in https://github.com/OpenMined/PySyft/pull/6084
* Login to ProxyClient by madhavajay in https://github.com/OpenMined/PySyft/pull/6093
* Polling and blocking by iamtrask in https://github.com/OpenMined/PySyft/pull/6090
* splitting smpc test to run on self-hosted by bitsofsteve in https://github.com/OpenMined/PySyft/pull/6083
* Added sy.networks API to fetch from github.com/OpenMined/NetworkRegistry by madhavajay in https://github.com/OpenMined/PySyft/pull/6097
* Smpc dp integration by iamtrask in https://github.com/OpenMined/PySyft/pull/6094
* WIP - Fix dataset delete during get and request approval by shubham3121 in https://github.com/OpenMined/PySyft/pull/6095
* Added configure and settings to network by madhavajay in https://github.com/OpenMined/PySyft/pull/6098
* Fixed join_network to support both client and host_or_ip by madhavajay in https://github.com/OpenMined/PySyft/pull/6100
* PyGrid frontend by tcp in https://github.com/OpenMined/PySyft/pull/6078
* Update get_settings info by IonesioJunior in https://github.com/OpenMined/PySyft/pull/6099
* 0.6.0 alpha0 by madhavajay in https://github.com/OpenMined/PySyft/pull/6101
* SMPC-DP comparison by rasswanth-s in https://github.com/OpenMined/PySyft/pull/6105
* Add version tests path back in workflow file by rasswanth-s in https://github.com/OpenMined/PySyft/pull/6109
* Pre-process material for Comparison operations by gmuraru in https://github.com/OpenMined/PySyft/pull/6086
* Fixed issue where datasets were double encoded via the proxy client by madhavajay in https://github.com/OpenMined/PySyft/pull/6107
* Syft 0.6.0 Alpha by madhavajay in https://github.com/OpenMined/PySyft/pull/6106

New Contributors
* hershd23 made their first contribution in https://github.com/OpenMined/PySyft/pull/5804
* IshanMi made their first contribution in https://github.com/OpenMined/PySyft/pull/5825
* rohithpudari made their first contribution in https://github.com/OpenMined/PySyft/pull/5649
* dependabot made their first contribution in https://github.com/OpenMined/PySyft/pull/5906
* bayegaspard made their first contribution in https://github.com/OpenMined/PySyft/pull/5958
* bitsofsteve made their first contribution in https://github.com/OpenMined/PySyft/pull/5987
* fiza11 made their first contribution in https://github.com/OpenMined/PySyft/pull/5986
* callezenwaka made their first contribution in https://github.com/OpenMined/PySyft/pull/5918
* pculliton made their first contribution in https://github.com/OpenMined/PySyft/pull/6027
* AutomationLife made their first contribution in https://github.com/OpenMined/PySyft/pull/5928

**Full Changelog**: https://github.com/OpenMined/PySyft/compare/0.5.0...v0.6.0-alpha.0

Resources

• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32677