what is the timeline for support to airflow 2.8

Question

what is the timeline for support to airflow 2.8

yossisht9876 opened this issue 8 months ago · 6 comments

Checks

I have checked for existing issues.
This report is about the User-Community Airflow Helm Chart.

Motivation

hi
we wonder what is the timeline for support to airflow 2.8 ?
as for now we use airflow 2.7.3 python 3.9 and our security team discover that there is more then 290 vulnerabilities. Top risk: CVE-2019-8457 (CVSS:9.8, Buffer Overflow)

`There are a total of 292 vulnerabilities in apache/airflow@2.7.3-python3.9.

The severities of the CVEs are as follows:

Critical : 10

High : 64

Medium : 58

Low : 160

The following 92 dependencies have vulnerabilities: db5.3-util@5.3.28+dfsg1-0.8, libdb5.3@5.3.28+dfsg1-0.8, libpython3.9-minimal@3.9.2-1, libpython3.9-stdlib@3.9.2-1, python3.9@3.9.2-1, python3.9-minimal@3.9.2-1, zlib1g@1:1.2.11.dfsg-2+deb11u2, openssh-client@1:8.4p1-5+deb11u2, curl@7.74.0-1.3+deb11u10, libcurl4@7.74.0-1.3+deb11u10, bind9-host@1:9.16.44-1~~deb11u1, bind9-libs@1:9.16.44-1~~deb11u1, libperl5.32@5.32.1-4+deb11u2, perl@5.32.1-4+deb11u2, perl-base@5.32.1-4+deb11u2, perl-modules-5.32@5.32.1-4+deb11u2, e2fsprogs@1.46.2-2, libcom-err2@1.46.2-2, libext2fs2@1.46.2-2, libss2@1.46.2-2...+ 72 more`

and 80% of the vulnerabilities are fixed in 2.8 version

Implementation

No response

Are you willing & able to help?

I am able to submit a PR!
I can help test the feature!

Answer 1 · 2024-01-04T14:38:03.000Z

+1 for a chart update to support Airflow 2.8 🙏