Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Version Bump #277

Open
wants to merge 10 commits into
base: main
Choose a base branch
from
Open

Version Bump #277

wants to merge 10 commits into from

Conversation

pkleybolte
Copy link
Contributor

Description

Links to Tickets or other PRs

Notes

Approval for review

  • All points were discussed with the ticket creator, support-team or product owner. The code upholds all quality guidelines from the PR-template.

Notice: Please remove the WIP label if the PR is ready to review, otherwise nobody will review it.

github-advanced-security[bot]
github-advanced-security bot found potential problems Oct 25, 2024
View reviewed changes
Dockerfile
@@ -1,5 +1,5 @@
ARG BASE_IMAGE_BUILDER=node:20.11.1-alpine3.19
ARG BASE_IMAGE=nginx:1.25-alpine
ARG BASE_IMAGE_BUILDER=node:20.18.0-alpine3.19

Check notice

Code scanning / Trivy

openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access Low

Package: libcrypto3
Installed Version: 3.1.7-r0
Vulnerability CVE-2024-9143
Severity: LOW
Fixed Version: 3.1.7-r1
Link: CVE-2024-9143
Dockerfile
@@ -1,5 +1,5 @@
ARG BASE_IMAGE_BUILDER=node:20.11.1-alpine3.19
ARG BASE_IMAGE=nginx:1.25-alpine
ARG BASE_IMAGE_BUILDER=node:20.18.0-alpine3.19

Check notice

Code scanning / Trivy

openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access Low

Package: libssl3
Installed Version: 3.1.7-r0
Vulnerability CVE-2024-9143
Severity: LOW
Fixed Version: 3.1.7-r1
Link: CVE-2024-9143
Dockerfile
@@ -1,5 +1,5 @@
ARG BASE_IMAGE_BUILDER=node:20.11.1-alpine3.19
ARG BASE_IMAGE=nginx:1.25-alpine
ARG BASE_IMAGE_BUILDER=node:20.18.0-alpine3.19

Check warning

Code scanning / Trivy

curl: OCSP stapling bypass with GnuTLS Medium

Package: curl
Installed Version: 8.9.1-r1
Vulnerability CVE-2024-8096
Severity: MEDIUM
Fixed Version: 8.10.0-r0
Link: CVE-2024-8096
Dockerfile
@@ -1,5 +1,5 @@
ARG BASE_IMAGE_BUILDER=node:20.11.1-alpine3.19
ARG BASE_IMAGE=nginx:1.25-alpine
ARG BASE_IMAGE_BUILDER=node:20.18.0-alpine3.19

Check warning

Code scanning / Trivy

curl: OCSP stapling bypass with GnuTLS Medium

Package: libcurl
Installed Version: 8.9.1-r1
Vulnerability CVE-2024-8096
Severity: MEDIUM
Fixed Version: 8.10.0-r0
Link: CVE-2024-8096
@YoussefBouch YoussefBouch added the enhancement New feature or request label Nov 18, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@pkleybolte pkleybolte

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@pkleybolte @YoussefBouch