Product Research Enterprise Plans Docs

PyPi: Sbpy

CVE-2023-41334

Transitive

Safety vulnerability ID: 72899

This vulnerability was reviewed by experts

The information on this page was manually curated by our Cybersecurity Intelligence Team.

Created at Mar 18, 2024 Updated at Nov 29, 2024

Scan your Python projects for vulnerabilities →

Advisory

Sbpy now requires `astropy` version 5.3.3 or higher to mitigate CVE-2023-41334.

Affected package

sbpy

Latest version: 0.5.0

Python module for small-body planetary astronomy

Affected versions

Fixed versions

Vulnerability changelog

==================

- Revised required and optional packages:

- Only numpy and astropy are required; scipy, synphot, ads, and astroquery are
now optional dependencies. [383]

- Created an option to install a recommended list of packages, e.g., ``pip
install sbpy[recommended]``. [383]

- Require `astropy` >= 5.3.3 to avoid a security vulnerability. [400]

New Features
------------

sbpy.activity
^^^^^^^^^^^^^
- New `sbpy.activity.CircularAperture.from_coma_equivalent()` to immediately
create a `CircularAperture` from any other `Aperture` given a nominal coma
surface brightness distribution. [393]

sbpy.dynamics
^^^^^^^^^^^^^

- New class to encapsulate dynamical state vectors: `sbpy.dynamics.state.State`. [394]

- New support for dynamical integrations: `sbpy.dynamics.models`. Three models
are implemented: `FreeExpansion`, `SolarGravity`, and `SolarGravityAndRadiationPressure`. [394]

- New ability to produce dust syndynes and synchrones: `sbpy.dynamics.syndynes`. [394]

sbpy.time
^^^^^^^^^

- New sub-module to support conversions to NAIF SPICE ephemeris time. [394]

sbpy.utils
^^^^^^^^^^
- New `required_packages` and `optional_packages` functions to test for the
presence of required and optional packages. [383]

sbpy.utils.decorators
^^^^^^^^^^^^^^^^^^^^^
- New `requires` and `optionally_uses` function decorators to simplify testing
for required and optional packages. [383]

API Changes
-----------

sbpy.sources
^^^^^^^^^^^^
* Deprecated ``SynphotRequired``. Use
``sbpy.execptions.RequiredPackageUnavailable``. [383]

Bug Fixes
---------
* ``sbpy.sources.SpectralSource`` now correctly raises
``RequiredPackageUnavailable`` when ``synphot`` is not available, replacing a
locally defined ``SynphotRequired`` or the generic ``ImportError``. [383]

* Fix `sbpy.photometry.bandpass` crash when reading in SDSS filter transmission
curves using `synphot` 1.4. [400]

sbpy.calib
^^^^^^^^^^
* Fixed: the CALSPEC solar spectrum was missing from `solar_sources`. [387]

Resources

Use this package?

Scan your Python project for dependency vulnerabilities in two minutes

Scan your application