Address HIGH CVE in DS 56 & 58

[ndmitch311]

These are as identified on the other system, but run against Trivy in our system to see if there are additional that pop up sooner than the other system has them loaded

CVE-2023-6246 libc-bin
CVE-2023-6246 libc6
CVE-2023-6779 libc-bin
CVE-2023-6779 libc6

CVE-2024-0553 libgnutils30
CVE-2024-0567 libgnutils30
CVE-2024-24862 fastapi
CVE-2024-24762 starlette
CVE-2024-28085 bsdutils
CVE-2024-28085 libblkid1
CVE-2024-28085 libmount1
CVE-2024-28085 libsmartcols1
CVE-2024-28085 libuuid1
CVE-2024-28085 mount
CVE-2024-28085 util-linux
CVE-2024-28085 util-linux-extra

[natebynum20]

@ndmitch311 Is there a version number or a tag for which elastic_datashader is running on the highside?

I've built master from the lowside and push'ed a docker image to our Harbor for Trivy scan and only received 3 CVE's (shown below) which don't match the list you added above

CVE-2024-1135 gunicorn
CVE-2024-22195 Jinja2
CVE-2024-34064 Jinja2

[ndmitch311]

The latest release number (57) is running on the other network.

While our Trivy might not catch the same ones that the scan on the other network did, we're still on the hook for all the others.
If our Trivy is catching additional, i.e. the 3 listed, that likely means those will hit soon on the other network. We should fix all CVE.
Please include all CVE (the ones in the ticket and caught in our scan ) in the release notes so we can include those in what we inform the customer was addressed.