Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: bump dependencies #27

Merged
merged 32 commits into from
Apr 29, 2024
Merged

chore: bump dependencies #27

merged 32 commits into from
Apr 29, 2024

Conversation

Santhin
Copy link
Contributor

@Santhin Santhin commented Mar 11, 2024

changes:

Relates to DEVOPS-220

Copy link

Checkov

check_id file resource check_name guideline
0 CKV_DOCKER_2 /app/Dockerfile /app/Dockerfile. Ensure that HEALTHCHECK instructions have been added to container images https://docs.bridgecrew.io/docs/ensure-that-healthcheck-instructions-have-been-added-to-container-images

Copy link

Trivy

PkgName InstalledVersion Severity Title CVE URL
curl 7.88.1-r1 CRITICAL curl: heap based buffer overflow in the SOCKS5 proxy handshake https://avd.aquasec.com/nvd/cve-2023-38545
libcurl 8.0.1-r0 CRITICAL curl: heap based buffer overflow in the SOCKS5 proxy handshake https://avd.aquasec.com/nvd/cve-2023-38545
openssh 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh 9.1_p1-r2 CRITICAL Remote code execution in ssh-agent PKCS#11 support https://avd.aquasec.com/nvd/cve-2023-38408
openssh-client-common 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-client-common 9.1_p1-r2 CRITICAL Remote code execution in ssh-agent PKCS#11 support https://avd.aquasec.com/nvd/cve-2023-38408
openssh-client-default 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-client-default 9.1_p1-r2 CRITICAL Remote code execution in ssh-agent PKCS#11 support https://avd.aquasec.com/nvd/cve-2023-38408
openssh-keygen 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-keygen 9.1_p1-r2 CRITICAL Remote code execution in ssh-agent PKCS#11 support https://avd.aquasec.com/nvd/cve-2023-38408
openssh-server 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-server 9.1_p1-r2 CRITICAL Remote code execution in ssh-agent PKCS#11 support https://avd.aquasec.com/nvd/cve-2023-38408
openssh-server-common 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-server-common 9.1_p1-r2 CRITICAL Remote code execution in ssh-agent PKCS#11 support https://avd.aquasec.com/nvd/cve-2023-38408
openssh-sftp-server 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-sftp-server 9.1_p1-r2 CRITICAL Remote code execution in ssh-agent PKCS#11 support https://avd.aquasec.com/nvd/cve-2023-38408

Copy link

Checkov

check_id file resource check_name guideline
0 CKV_DOCKER_2 /app/Dockerfile /app/Dockerfile. Ensure that HEALTHCHECK instructions have been added to container images https://docs.bridgecrew.io/docs/ensure-that-healthcheck-instructions-have-been-added-to-container-images

Copy link

Trivy

PkgName InstalledVersion Severity Title CVE URL
curl 7.88.1-r1 CRITICAL curl: heap based buffer overflow in the SOCKS5 proxy handshake https://avd.aquasec.com/nvd/cve-2023-38545
libcurl 8.0.1-r0 CRITICAL curl: heap based buffer overflow in the SOCKS5 proxy handshake https://avd.aquasec.com/nvd/cve-2023-38545
openssh 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh 9.1_p1-r2 CRITICAL Remote code execution in ssh-agent PKCS#11 support https://avd.aquasec.com/nvd/cve-2023-38408
openssh-client-common 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-client-common 9.1_p1-r2 CRITICAL Remote code execution in ssh-agent PKCS#11 support https://avd.aquasec.com/nvd/cve-2023-38408
openssh-client-default 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-client-default 9.1_p1-r2 CRITICAL Remote code execution in ssh-agent PKCS#11 support https://avd.aquasec.com/nvd/cve-2023-38408
openssh-keygen 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-keygen 9.1_p1-r2 CRITICAL Remote code execution in ssh-agent PKCS#11 support https://avd.aquasec.com/nvd/cve-2023-38408
openssh-server 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-server 9.1_p1-r2 CRITICAL Remote code execution in ssh-agent PKCS#11 support https://avd.aquasec.com/nvd/cve-2023-38408
openssh-server-common 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-server-common 9.1_p1-r2 CRITICAL Remote code execution in ssh-agent PKCS#11 support https://avd.aquasec.com/nvd/cve-2023-38408
openssh-sftp-server 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-sftp-server 9.1_p1-r2 CRITICAL Remote code execution in ssh-agent PKCS#11 support https://avd.aquasec.com/nvd/cve-2023-38408

Copy link

Checkov

check_id file resource check_name guideline
0 CKV_DOCKER_2 /app/Dockerfile /app/Dockerfile. Ensure that HEALTHCHECK instructions have been added to container images https://docs.bridgecrew.io/docs/ensure-that-healthcheck-instructions-have-been-added-to-container-images

Copy link

Trivy

PkgName InstalledVersion Severity Title CVE URL
curl 7.88.1-r1 CRITICAL curl: heap based buffer overflow in the SOCKS5 proxy handshake https://avd.aquasec.com/nvd/cve-2023-38545
libcurl 8.0.1-r0 CRITICAL curl: heap based buffer overflow in the SOCKS5 proxy handshake https://avd.aquasec.com/nvd/cve-2023-38545
openssh 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh 9.1_p1-r2 CRITICAL Remote code execution in ssh-agent PKCS#11 support https://avd.aquasec.com/nvd/cve-2023-38408
openssh-client-common 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-client-common 9.1_p1-r2 CRITICAL Remote code execution in ssh-agent PKCS#11 support https://avd.aquasec.com/nvd/cve-2023-38408
openssh-client-default 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-client-default 9.1_p1-r2 CRITICAL Remote code execution in ssh-agent PKCS#11 support https://avd.aquasec.com/nvd/cve-2023-38408
openssh-keygen 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-keygen 9.1_p1-r2 CRITICAL Remote code execution in ssh-agent PKCS#11 support https://avd.aquasec.com/nvd/cve-2023-38408
openssh-server 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-server 9.1_p1-r2 CRITICAL Remote code execution in ssh-agent PKCS#11 support https://avd.aquasec.com/nvd/cve-2023-38408
openssh-server-common 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-server-common 9.1_p1-r2 CRITICAL Remote code execution in ssh-agent PKCS#11 support https://avd.aquasec.com/nvd/cve-2023-38408
openssh-sftp-server 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-sftp-server 9.1_p1-r2 CRITICAL Remote code execution in ssh-agent PKCS#11 support https://avd.aquasec.com/nvd/cve-2023-38408

Copy link

Checkov

check_id file resource check_name guideline
0 CKV_DOCKER_2 /app/Dockerfile /app/Dockerfile. Ensure that HEALTHCHECK instructions have been added to container images https://docs.bridgecrew.io/docs/ensure-that-healthcheck-instructions-have-been-added-to-container-images

Copy link

Trivy

PkgName InstalledVersion Severity Title CVE URL
curl 7.88.1-r1 CRITICAL curl: heap based buffer overflow in the SOCKS5 proxy handshake https://avd.aquasec.com/nvd/cve-2023-38545
libcurl 8.0.1-r0 CRITICAL curl: heap based buffer overflow in the SOCKS5 proxy handshake https://avd.aquasec.com/nvd/cve-2023-38545
openssh 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh 9.1_p1-r2 CRITICAL Remote code execution in ssh-agent PKCS#11 support https://avd.aquasec.com/nvd/cve-2023-38408
openssh-client-common 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-client-common 9.1_p1-r2 CRITICAL Remote code execution in ssh-agent PKCS#11 support https://avd.aquasec.com/nvd/cve-2023-38408
openssh-client-default 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-client-default 9.1_p1-r2 CRITICAL Remote code execution in ssh-agent PKCS#11 support https://avd.aquasec.com/nvd/cve-2023-38408
openssh-keygen 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-keygen 9.1_p1-r2 CRITICAL Remote code execution in ssh-agent PKCS#11 support https://avd.aquasec.com/nvd/cve-2023-38408
openssh-server 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-server 9.1_p1-r2 CRITICAL Remote code execution in ssh-agent PKCS#11 support https://avd.aquasec.com/nvd/cve-2023-38408
openssh-server-common 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-server-common 9.1_p1-r2 CRITICAL Remote code execution in ssh-agent PKCS#11 support https://avd.aquasec.com/nvd/cve-2023-38408
openssh-sftp-server 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-sftp-server 9.1_p1-r2 CRITICAL Remote code execution in ssh-agent PKCS#11 support https://avd.aquasec.com/nvd/cve-2023-38408

Copy link

Checkov

check_id file resource check_name guideline
0 CKV_DOCKER_2 /app/Dockerfile /app/Dockerfile. Ensure that HEALTHCHECK instructions have been added to container images https://docs.bridgecrew.io/docs/ensure-that-healthcheck-instructions-have-been-added-to-container-images

Copy link

Trivy

PkgName InstalledVersion Severity Title CVE URL

Copy link

Checkov

check_id file resource check_name guideline
0 CKV_DOCKER_2 /app/Dockerfile /app/Dockerfile. Ensure that HEALTHCHECK instructions have been added to container images https://docs.bridgecrew.io/docs/ensure-that-healthcheck-instructions-have-been-added-to-container-images

Copy link

Trivy

PkgName InstalledVersion Severity Title CVE URL

Copy link

Checkov

check_id file resource check_name guideline
0 CKV_DOCKER_2 /app/Dockerfile /app/Dockerfile. Ensure that HEALTHCHECK instructions have been added to container images https://docs.bridgecrew.io/docs/ensure-that-healthcheck-instructions-have-been-added-to-container-images

Copy link

Trivy

PkgName InstalledVersion Severity Title CVE URL

Copy link

Checkov

check_id file resource check_name guideline
0 CKV_DOCKER_2 /app/Dockerfile /app/Dockerfile. Ensure that HEALTHCHECK instructions have been added to container images https://docs.bridgecrew.io/docs/ensure-that-healthcheck-instructions-have-been-added-to-container-images

Copy link

Trivy

PkgName InstalledVersion Severity Title CVE URL

Copy link

Checkov

check_id file resource check_name guideline
0 CKV_DOCKER_2 /app/Dockerfile /app/Dockerfile. Ensure that HEALTHCHECK instructions have been added to container images https://docs.bridgecrew.io/docs/ensure-that-healthcheck-instructions-have-been-added-to-container-images

Copy link

Trivy

PkgName InstalledVersion Severity Title CVE URL

Copy link

Checkov

check_id file resource check_name guideline
0 CKV_DOCKER_2 /app/Dockerfile /app/Dockerfile. Ensure that HEALTHCHECK instructions have been added to container images https://docs.bridgecrew.io/docs/ensure-that-healthcheck-instructions-have-been-added-to-container-images

Copy link

Trivy

PkgName InstalledVersion Severity Title CVE URL

Copy link

Checkov

check_id file resource check_name guideline
0 CKV_DOCKER_2 /app/Dockerfile /app/Dockerfile. Ensure that HEALTHCHECK instructions have been added to container images https://docs.bridgecrew.io/docs/ensure-that-healthcheck-instructions-have-been-added-to-container-images

Copy link

Trivy

PkgName InstalledVersion Severity Title CVE URL

Copy link

Checkov

check_id file resource check_name guideline
0 CKV_DOCKER_2 /app/Dockerfile /app/Dockerfile. Ensure that HEALTHCHECK instructions have been added to container images https://docs.bridgecrew.io/docs/ensure-that-healthcheck-instructions-have-been-added-to-container-images

Copy link

Trivy

PkgName InstalledVersion Severity Title CVE URL

using newer version causes below error after pull-gitlab-variables.sh

{"level":"error","ts":"2024-04-29T09:34:57.278Z","caller":"events/instrumented_project_command_runner.go:78","msg":"Error running plan operation: Invalid environment variable definition: failed checking for glab updates: GET https://gitlab.com/api/v4/projects/gitlab-org/cli/releases: 401 {message: 401 Unauthorized}\nPGPASSWORD=xxx,GOOGLE_APPLICATION_CREDENTIALS=/atlantis-data/repos/getindata/infra/infrastructure/212/default/environments/dev/infra/GOOGLE_APPLICATION_CREDENTIALS_27049,APPROVAL_CONFIG_PATH=,ARM_USE_MSI=false\n (invalid key syntax)\ncheckov 3.2.74 is already installed\nconftest 0.50.0 is already installed\nglab 1.31.0 is already installed\ngojq 0.12.14 is already installed\nhelm 3.14.4 is already installed\ninfracost 0.10.35 is already installed\nkubectl 1.30.0 is already installed\nterraform-docs 0.16.0 is already installed\nterraform 1.3.6 is already installed\nterragrunt 0.42.5 is already installed\ntflint 0.43.0 is already installed\nyq 4.42.1 is already installed\n","json":{"repo":"getindata/infra/infrastructure","pull":"212"},"stacktrace":"github.com/runatlantis/atlantis/server/events.RunAndEmitStats\n\tgit.luolix.top/runatlantis/atlantis/server/events/instrumented_project_command_runner.go:78\ngit.luolix.top/runatlantis/atlantis/server/events.(*InstrumentedProjectCommandRunner).Plan\n\tgit.luolix.top/runatlantis/atlantis/server/events/instrumented_project_command_runner.go:38\ngit.luolix.top/runatlantis/atlantis/server/events.runProjectCmds\n\tgit.luolix.top/runatlantis/atlantis/server/events/project_command_pool_executor.go:48\ngit.luolix.top/runatlantis/atlantis/server/events.(*PlanCommandRunner).run\n\tgit.luolix.top/runatlantis/atlantis/server/events/plan_command_runner.go:262\ngit.luolix.top/runatlantis/atlantis/server/events.(*PlanCommandRunner).Run\n\tgit.luolix.top/runatlantis/atlantis/server/events/plan_command_runner.go:306\ngit.luolix.top/runatlantis/atlantis/server/events.(*DefaultCommandRunner).RunCommentCommand\n\tgit.luolix.top/runatlantis/atlantis/server/events/command_runner.go:365"}
Copy link

Checkov

check_id file resource check_name guideline
0 CKV_DOCKER_2 /app/Dockerfile /app/Dockerfile. Ensure that HEALTHCHECK instructions have been added to container images https://docs.bridgecrew.io/docs/ensure-that-healthcheck-instructions-have-been-added-to-container-images

Copy link

Trivy

PkgName InstalledVersion Severity Title CVE URL

@moss2k13 moss2k13 added the release/major triggers major release label Apr 29, 2024
@Santhin
Copy link
Contributor Author

Santhin commented Apr 29, 2024

LGTM!

@Santhin Santhin merged commit fdd12e8 into main Apr 29, 2024
5 checks passed
@Santhin Santhin deleted the chore/bump-dependencies branch April 29, 2024 10:54
@getindata getindata deleted a comment from github-actions bot Apr 29, 2024
@moss2k13 moss2k13 removed the release/major triggers major release label Apr 29, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants