Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Issue open-horizon#4172 - Fix vulnerabilities in multiple images #4173

Merged
merged 2 commits into from
Dec 16, 2024

Conversation

K-Pomian
Copy link
Contributor

@K-Pomian K-Pomian commented Dec 4, 2024

Description

The PR includes fixed for vulnerabilities listed in the below issue.

Fixes #4172

Type of change

  • Bug fix (non-breaking change which fixes an issue)

How Has This Been Tested?

Could not test it, because I need an image with the changes to be built by GH Actions pipeline in order to be able to run Aquasec scan on it.

Checklist:

  • My code follows the style guidelines of this project
  • I have performed a self-review of my own code
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • My changes generate no new warnings
  • I have added tests that prove my fix is effective or that my feature works
  • New and existing unit tests pass locally with my changes
  • Any dependent changes have been merged and published in downstream modules
  • I have checked my code and corrected any misspellings
  • I have tagged the reviewers in a comment below incase my pull request is ready for a review
  • I have signed the commit message to agree to Developer Certificate of Origin (DCO) (to certify that you wrote or otherwise have the right to submit your contribution to the project.) by adding "--signoff" to my git commit command.

@K-Pomian K-Pomian self-assigned this Dec 4, 2024
@K-Pomian K-Pomian force-pushed the fix-vulnerabilities branch from ccd6144 to dab3236 Compare December 4, 2024 07:32
@K-Pomian K-Pomian changed the title Fix vulnerabilities Fix vulnerabilities in amd64_anax:2.31.0-1591 Dec 4, 2024
@LiilyZhang
Copy link
Contributor

LiilyZhang commented Dec 4, 2024

Please combine all the commits into 1 commit with message like "Issue open-horizon#4172 - Fix vulnerabilities in amd64_anax:2.31.0-1591 found by Aquasec" @K-Pomian

@@ -14,6 +14,7 @@ ARG DOCKER_VER=24.0.5
ARG REQUIRED_RPMS="openssl ca-certificates shadow-utils jq iptables vim-minimal psmisc procps-ng tar gzip"
RUN microdnf update -y --nodocs --setopt=install_weak_deps=0 --disableplugin=subscription-manager \
&& microdnf install -y --nodocs --setopt=install_weak_deps=0 --disableplugin=subscription-manager ${REQUIRED_RPMS} \
&& microdnf upgrade -y --nodocs --setopt=install_weak_deps=0 --disableplugin=subscription-manager krb5-libs \
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same as there

@K-Pomian K-Pomian force-pushed the fix-vulnerabilities branch from dab3236 to 4a0a616 Compare December 9, 2024 07:23
@K-Pomian K-Pomian changed the title Fix vulnerabilities in amd64_anax:2.31.0-1591 Fix vulnerabilities in multiple images Dec 9, 2024
@K-Pomian K-Pomian changed the title Fix vulnerabilities in multiple images Issue open-horizon#4172 - Fix vulnerabilities in multiple images Dec 9, 2024
@K-Pomian K-Pomian force-pushed the fix-vulnerabilities branch from 4a0a616 to 7e57647 Compare December 10, 2024 09:58
@dlarson04 dlarson04 merged commit 209a61b into master Dec 16, 2024
3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Fix vulnerabilities in multiple images
4 participants