fix: upgrade to 3.11.11-slim-bookworm to address critical vulnerabilities

[gpchandran]

There are few critical vulnerabilities that remain unresolved in the 3.11-slim-bookworm version. To address these , it is good to upgrade to the 3.11.11-slim-bookworm version
Hi @mistercrunch @michael-s-molina - can you please review and approve

#32229
#31503

SUMMARY

BEFORE/AFTER SCREENSHOTS OR ANIMATED GIF

TESTING INSTRUCTIONS

ADDITIONAL INFORMATION

• Has associated issue:
• Required feature flags:
• Changes UI
• Includes DB Migration (follow approval process in SIP-59)
  • Migration is atomic, supports rollback & is backwards-compatible
  • Confirm DB migration upgrade and downgrade tested
  • Runtime estimates and downtime expectations provided
• Introduces new feature or API
• Removes existing feature or API

[korbit-ai]

I've completed my review and didn't find any issues.

Need a new review? Comment /korbit-review on this PR and I'll review your latest changes.

Korbit Guide: Usage and Customization

Interacting with Korbit

• You can manually ask Korbit to review your PR using the /korbit-review command in a comment at the root of your PR.
• You can ask Korbit to generate a new PR description using the /korbit-generate-pr-description command in any comment on your PR.
• Too many Korbit comments? I can resolve all my comment threads if you use the /korbit-resolve command in any comment on your PR.
• Chat with Korbit on issues we post by tagging @korbit-ai in your reply.
• Help train Korbit to improve your reviews by giving a 👍 or 👎 on the comments Korbit posts.

Customizing Korbit

• Check out our docs on how you can make Korbit work best for you and your team.
• Customize Korbit for your organization through the Korbit Console.

Current Korbit Configuration

General Settings

​

Setting	Value
Review Schedule	Automatic excluding drafts
Max Issue Count	10
Automatic PR Descriptions	❌

Issue Categories

​

Category	Enabled
Documentation	✅
Logging	✅
Error Handling	✅
Readability	✅
Design	✅
Performance	✅
Security	✅
Functionality	✅

Feedback and Support

• Tell us what you think of Korbit
• Schedule a call with our team
• Email us @ [email protected]

Note

Korbit Pro is free for open source projects 🎉

Looking to add Korbit to your team? Get started with a free 2 week trial here

[github-actions]

Congrats on making your first PR and thank you for contributing to Superset! 🎉 ❤️

We hope to see you in our Slack community too! Not signed up? Use our Slack App to self-register.

[gpchandran]

@sadpandajoe - is it possible to cherrypick this PR into 4.1.2rc1? this address lot of debian OS level vulnerabilities

[gpchandran]

Hi @michael-s-molina, do you have any idea when version 5.0.0 will be released? I checked Apache Superset 5.0.0 and didn't see any blockers, are we waiting on three new issues that need to be resolved.?

Hi @sadpandajoe, could you please assist with creating version 4.1.3 if version 5.0.0 is going to take longer? addressing this critical OS vulnerabilities will help everyone

[michael-s-molina]

Hi @michael-s-molina, do you have any idea when version 5.0.0 will be released? I checked Apache Superset 5.0.0 and didn't see any blockers, are we waiting on three new issues that need to be resolved.?

No ETA as we depend on testing and bug fixes from the community. I added one blocker that we're currently working on.

[gpchandran]

Hi @michael-s-molina, do you have any idea when version 5.0.0 will be released? I checked Apache Superset 5.0.0 and didn't see any blockers, are we waiting on three new issues that need to be resolved.?

No ETA as we depend on testing and bug fixes from the community. I added one blocker that we're currently working on.

Thanks for your response @michael-s-molina
Hi @sadpandajoe @michael-s-molina - sorry to bother, would you please help create 4.1.3, lot of OS level critical vulnerabilities will be resolved with this base python image upgrade