From bc2fb80f676682f9fe2f1827cb4ab7601406cb74 Mon Sep 17 00:00:00 2001
From: sireeshajonnalagadda <sireeshajonnalagadda@github.com>
Date: Thu, 14 May 2026 06:23:08 +0000
Subject: [PATCH 1/3] Update package versions for security and testing
 enhancements

---
 src/anaconda/.devcontainer/apply_security_patches.sh | 2 +-
 src/anaconda/manifest.json                           | 2 +-
 src/anaconda/test-project/test.sh                    | 2 ++
 3 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/anaconda/.devcontainer/apply_security_patches.sh b/src/anaconda/.devcontainer/apply_security_patches.sh
index c4f4936a24..069d1bf8ea 100644
--- a/src/anaconda/.devcontainer/apply_security_patches.sh
+++ b/src/anaconda/.devcontainer/apply_security_patches.sh
@@ -4,7 +4,7 @@
 # werkzeug - [GHSA-f9vj-2wh5-fj8j] 
 
 patched_package_versions=( "mistune=3.0.1" "aiohttp=3.10.11" "cryptography=44.0.1" "h11=0.16.0" "jinja2=3.1.6" "jupyter_core=5.8.1" "protobuf=6.33.5" "requests=2.32.4" "setuptools=78.1.1" "transformers=4.53.0" "urllib3=2.5.0" "werkzeug=3.1.5" "jupyter-lsp=2.2.2" "scrapy=2.14.2"
-                      "zipp=3.19.1" "tornado=6.5.5" "jupyterlab=4.4.8" "imagecodecs=2024.9.22" "fonttools=4.60.2" "pyarrow=17.0.0" "brotli=1.2.0" "filelock=3.20.1" "bokeh=3.8.2" "distributed=2026.1.0" "wheel=0.46.2" "nltk=3.9.3" "black=26.3.1" "pyjwt=2.12.0" "pillow=12.1.1" "pyopenssl=26.0.0" "nbconvert=7.17.0" "markdown=3.8.1")
+                      "zipp=3.19.1" "tornado=6.5.5" "jupyterlab=4.4.8" "imagecodecs=2024.9.22" "fonttools=4.60.2" "pyarrow=17.0.0" "brotli=1.2.0" "filelock=3.20.1" "bokeh=3.8.2" "distributed=2026.1.0" "wheel=0.46.2" "nltk=3.9.3" "black=26.3.1" "pyjwt=2.12.0" "pillow=12.1.1" "pyopenssl=26.0.0" "nbconvert=7.17.0" "markdown=3.8.1" "pyasn1=0.6.3" "ujson=5.12.0")
 
 # Define the number of rows (based on the length of patched_package_versions)
 rows=${#patched_package_versions[@]}
diff --git a/src/anaconda/manifest.json b/src/anaconda/manifest.json
index 885e504fd4..a717e5505a 100644
--- a/src/anaconda/manifest.json
+++ b/src/anaconda/manifest.json
@@ -1,5 +1,5 @@
 {
-	"version": "1.3.14",
+	"version": "1.3.15",
 	"build": {
 		"latest": true,
 		"rootDistro": "debian",
diff --git a/src/anaconda/test-project/test.sh b/src/anaconda/test-project/test.sh
index 0602a90121..f40c03a6e3 100755
--- a/src/anaconda/test-project/test.sh
+++ b/src/anaconda/test-project/test.sh
@@ -79,6 +79,8 @@ checkCondaPackageVersion "black" "26.3.1"
 checkCondaPackageVersion "streamlit" "1.37.0"
 checkCondaPackageVersion "nltk" "3.9.3"
 checkCondaPackageVersion "markdown" "3.8.1"
+checkCondaPackageVersion "pyasn1" "0.6.3"
+checkCondaPackageVersion "ujson" "5.12.0"
 
 check "conda-update-conda" bash -c "conda update -y conda"
 check "conda-install-tensorflow" bash -c "conda create --name test-env -c conda-forge --yes tensorflow"

From 5db3b2d35cfc1734da23ef4d0d4df1a40859b590 Mon Sep 17 00:00:00 2001
From: sireeshajonnalagadda <sireeshajonnalagadda@github.com>
Date: Thu, 14 May 2026 14:50:18 +0530
Subject: [PATCH 2/3] Updated vulnerability-related package list

---
 src/anaconda/.devcontainer/apply_security_patches.sh | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/anaconda/.devcontainer/apply_security_patches.sh b/src/anaconda/.devcontainer/apply_security_patches.sh
index 069d1bf8ea..134fdd96d6 100644
--- a/src/anaconda/.devcontainer/apply_security_patches.sh
+++ b/src/anaconda/.devcontainer/apply_security_patches.sh
@@ -1,7 +1,8 @@
 #!/bin/bash
 
-# vulnerabilities:
-# werkzeug - [GHSA-f9vj-2wh5-fj8j] 
+ # Vulnerability-related package updates tracked in this list include:
+ # - pyasn1 - [GHSA-jr27-m4p2-rc6r]
+ # - ujson - [GHSA-wgvc-ghv9-3pmm)]
 
 patched_package_versions=( "mistune=3.0.1" "aiohttp=3.10.11" "cryptography=44.0.1" "h11=0.16.0" "jinja2=3.1.6" "jupyter_core=5.8.1" "protobuf=6.33.5" "requests=2.32.4" "setuptools=78.1.1" "transformers=4.53.0" "urllib3=2.5.0" "werkzeug=3.1.5" "jupyter-lsp=2.2.2" "scrapy=2.14.2"
                       "zipp=3.19.1" "tornado=6.5.5" "jupyterlab=4.4.8" "imagecodecs=2024.9.22" "fonttools=4.60.2" "pyarrow=17.0.0" "brotli=1.2.0" "filelock=3.20.1" "bokeh=3.8.2" "distributed=2026.1.0" "wheel=0.46.2" "nltk=3.9.3" "black=26.3.1" "pyjwt=2.12.0" "pillow=12.1.1" "pyopenssl=26.0.0" "nbconvert=7.17.0" "markdown=3.8.1" "pyasn1=0.6.3" "ujson=5.12.0")

From 35583592cef570ec32ed92bad3507396a444cbef Mon Sep 17 00:00:00 2001
From: sireeshajonnalagadda <sireeshajonnalagadda@github.com>
Date: Thu, 21 May 2026 13:21:27 +0000
Subject: [PATCH 3/3] Update Anaconda image version to 1.3.15 in README.md

---
 src/anaconda/README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/anaconda/README.md b/src/anaconda/README.md
index 2a10640805..26ae561968 100644
--- a/src/anaconda/README.md
+++ b/src/anaconda/README.md
@@ -30,7 +30,7 @@ You can decide how often you want updates by referencing a [semantic version](ht
 
 - `mcr.microsoft.com/devcontainers/anaconda:1-3`
 - `mcr.microsoft.com/devcontainers/anaconda:1.3-3`
-- `mcr.microsoft.com/devcontainers/anaconda:1.3.14-3`
+- `mcr.microsoft.com/devcontainers/anaconda:1.3.15-3`
 
 See [history](history) for information on the contents of each version and [here for a complete list of available tags](https://mcr.microsoft.com/v2/devcontainers/anaconda/tags/list).