Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update dependencies for v1.24.8 #406

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Update dependencies for v1.24.8 #406

wants to merge 1 commit into from

Conversation

randomvariable
Copy link

@randomvariable randomvariable commented Dec 2, 2022
edited

Clears the following from static code analysis scans (in this case using https://github.com/aquasecurity/trivy, which is the default scanner in Harbor registry):

CVE-2022-1996
CVE-2022-21698
CVE-2022-27191
CVE-2022-27664
CVE-2022-29526
CVE-2022-32149
CVE-2020-8554

Impact of these is fairly low in the context of the CPI/CSI, but is open to misinterpretation by end users.

Signed-off-by: Naadir Jeewa jeewan@vmware.com

@randomvariable
Update dependencies for v1.24.8
1d21b4e 
Clears the following from static code analysis scans:

CVE-2022-1996
CVE-2022-21698
CVE-2022-27191
CVE-2022-27664
CVE-2022-29526
CVE-2022-32149
CVE-2020-8554

Signed-off-by: Naadir Jeewa <jeewan@vmware.com>
@oracle-contributor-agreement
Copy link

Thank you for your pull request and welcome to our community! To contribute, please sign the Oracle Contributor Agreement (OCA).
The following contributors of this PR have not signed the OCA:

To sign the OCA, please create an Oracle account and sign the OCA in Oracle's Contributor Agreement Application.

When signing the OCA, please provide your GitHub username. After signing the OCA and getting an OCA approval from Oracle, this PR will be automatically updated.

If you are an Oracle employee, please make sure that you are a member of the main Oracle GitHub organization, and your membership in this organization is public.

@oracle-contributor-agreement oracle-contributor-agreement bot added the OCA Required At least one contributor does not have an approved Oracle Contributor Agreement. label Dec 2, 2022
@randomvariable randomvariable reopened this Dec 3, 2022
@oracle-contributor-agreement oracle-contributor-agreement bot added OCA Verified All contributors have signed the Oracle Contributor Agreement. and removed OCA Required At least one contributor does not have an approved Oracle Contributor Agreement. labels Dec 3, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
OCA Verified All contributors have signed the Oracle Contributor Agreement.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@randomvariable