Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix vulnerabilities in multiple images #4172

Open
K-Pomian opened this issue Dec 4, 2024 · 3 comments · May be fixed by #4173
Open

Fix vulnerabilities in multiple images #4172

K-Pomian opened this issue Dec 4, 2024 · 3 comments · May be fixed by #4173
Assignees
@K-Pomian
Labels
security

Comments

@K-Pomian
Copy link
Contributor

K-Pomian commented Dec 4, 2024
edited
Loading

Aquasec scans were performed on amd64_anax, amd64_anax_k8s, amd64_cloud-sync-service, amd64_auto-upgrade-cronjob_k8s and amd64_edge-sync-service and found the following high vulnerabilities:
@K-Pomian K-Pomian self-assigned this Dec 4, 2024
@K-Pomian K-Pomian added the bug label Dec 4, 2024
@K-Pomian K-Pomian linked a pull request Dec 4, 2024 that will close this issue
Open
12 tasks
@K-Pomian K-Pomian changed the title Fix vulnerabilities found by Aquasec Fix vulnerabilities in amd64_anax:2.31.0-1591 found by Aquasec Dec 4, 2024
K-Pomian added a commit that referenced this issue Dec 9, 2024
@K-Pomian
Issue #4172 - Fix vulnerabilities in amd64_anax:2.31.0-1591 found by …
4a0a616 
…Aquasec

Signed-off-by: Konrad-Pomian <[email protected]>
@K-Pomian K-Pomian added security and removed bug labels Dec 9, 2024
K-Pomian added a commit that referenced this issue Dec 9, 2024
@K-Pomian
Issue #4172 - Fix vulnerabilities in amd64_anax:2.31.0-1591 found by …
da319ea 
…Aquasec

Signed-off-by: Konrad-Pomian <[email protected]>
@K-Pomian
Copy link
Contributor Author

K-Pomian commented Dec 9, 2024

The same vulnerabilities were found in amd64_cloud-sync-service image

@K-Pomian K-Pomian changed the title Fix vulnerabilities in amd64_anax:2.31.0-1591 found by Aquasec Fix vulnerabilities in amd64_anax and amd64_cloud-sync-service v2.31 images found by Aquasec Dec 9, 2024
K-Pomian added a commit that referenced this issue Dec 9, 2024
@K-Pomian
Issue #4172 - Fix vulnerabilities in amd64_anax:2.31.0-1591 found by …
28a79ae 
…Aquasec

Signed-off-by: Konrad-Pomian <[email protected]>
@K-Pomian K-Pomian mentioned this issue Dec 9, 2024
Merged
12 tasks
@K-Pomian
Copy link
Contributor Author

K-Pomian commented Dec 9, 2024

The above images has common vulnerabilities with images in issues #4174 #4176 and #4178, hence I'm closing the previously listed issues and their corresponding PR and will rename this issue and its corresponding PR accordingly.

This was referenced Dec 9, 2024
Closed
Closed
Closed
Closed
Closed
Closed
@K-Pomian K-Pomian changed the title Fix vulnerabilities in amd64_anax and amd64_cloud-sync-service v2.31 images found by Aquasec Fix vulnerabilities multiple images Dec 9, 2024
@K-Pomian K-Pomian changed the title Fix vulnerabilities multiple images Fix vulnerabilities in multiple images Dec 9, 2024
LiilyZhang added a commit that referenced this issue Dec 9, 2024
@LiilyZhang
Merge pull request #4191 from open-horizon/fix-image-vulnerabilities-…
2a70088 
…anax-2.31

Issue #4172 - Fix vulnerabilities in multiple images for v2.31
@K-Pomian
Copy link
Contributor Author

The above vulnerabilities were found in both v2.31 and v2.30, hence PRs with fixes to master, v2.30 and v2.31 branches are required to close the issue

@K-Pomian K-Pomian mentioned this issue Dec 10, 2024
Closed
K-Pomian added a commit that referenced this issue Dec 10, 2024
@K-Pomian
Issue #4172 - Fix vulnerabilities in multiple images
6484113 
Signed-off-by: Konrad-Pomian <[email protected]>
@K-Pomian K-Pomian mentioned this issue Dec 10, 2024
Merged
12 tasks
K-Pomian added a commit that referenced this issue Dec 10, 2024
@K-Pomian
Issue #4172 - Fix vulnerabilities in multiple images
7e57647 
Signed-off-by: Konrad-Pomian <[email protected]>
LiilyZhang added a commit that referenced this issue Dec 10, 2024
@LiilyZhang
Merge pull request #4195 from open-horizon/fix-image-vulnerabilities-…
c80a28e 
…v2.30

Issue #4172 - Fix vulnerabilities in multiple images
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@K-Pomian K-Pomian

Labels
security
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Issue open-horizon#4172 - Fix vulnerabilities in multiple images open-horizon/anax
1 participant
@K-Pomian