Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Security upgrade golang from 1.18.1-alpine to 1.18.9-alpine #39052

Closed
xiabee opened this issue Nov 10, 2022 · 0 comments · Fixed by #40863
Closed

Security upgrade golang from 1.18.1-alpine to 1.18.9-alpine #39052

xiabee opened this issue Nov 10, 2022 · 0 comments · Fixed by #40863
Assignees
@xiabee
Labels
affects-6.1 This bug affects the 6.1.x(LTS) versions. affects-6.5 This bug affects the 6.5.x(LTS) versions. affects-6.6 component/br This issue is related to BR of TiDB. type/enhancement The issue or PR belongs to an enhancement.

Comments

@xiabee
Copy link
Member

xiabee commented Nov 10, 2022
edited
Loading

Enhancement

Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.

Changes included in this PR

  • br/docker/Dockerfile

We recommend upgrading to golang:1.18.9-alpine, as this image has only 0 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.

Some of the most important vulnerabilities in your base image include:

Severity Priority Score / 1000 Issue Exploit Maturity
  300 Inadequate Encryption StrengthSNYK-ALPINE315-OPENSSL-2941810 No Known Exploit
  300 Inadequate Encryption StrengthSNYK-ALPINE315-OPENSSL-2941810 No Known Exploit
  500 Out-of-bounds WriteSNYK-ALPINE315-ZLIB-2976173 No Known Exploit

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 
🧐 View latest project report

🛠 Adjust project settings

Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.

Changes included in this PR
br/docker/Dockerfile
We recommend upgrading to golang:1.18.9-alpine, as this image has only 0 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.

Some of the most important vulnerabilities in your base image include:
@xiabee xiabee added the type/enhancement The issue or PR belongs to an enhancement. label Nov 10, 2022
@xiabee xiabee mentioned this issue Nov 10, 2022
Closed
12 tasks
@xiabee xiabee mentioned this issue Dec 8, 2022
Closed
12 tasks
@xiabee xiabee changed the title Security upgrade golang from 1.18.1-alpine to 1.18.7-alpine Security upgrade golang from 1.18.1-alpine to 1.18.9-alpine Jan 30, 2023
@xiabee xiabee mentioned this issue Jan 30, 2023
Merged
12 tasks
@VelocityLight VelocityLight added affects-6.1 This bug affects the 6.1.x(LTS) versions. affects-6.5 This bug affects the 6.5.x(LTS) versions. affects-6.6 labels Jan 30, 2023
@Ivy-YinSu Ivy-YinSu added the component/br This issue is related to BR of TiDB. label Feb 2, 2023
ti-chi-bot pushed a commit that referenced this issue Feb 14, 2023
@xiabee
br: security update br image:1.18.1-alpine to 1.18.9-alpine (#40863)
5999b2c 
ref #39052
This was referenced Feb 14, 2023
Merged
Closed
Merged
blacktear23 pushed a commit to blacktear23/tidb that referenced this issue Feb 15, 2023
@xiabee @blacktear23
br: security update br image:1.18.1-alpine to 1.18.9-alpine (pingcap#…
61525b4 
…40863)

ref pingcap#39052
ghazalfamilyusa pushed a commit to ghazalfamilyusa/tidb that referenced this issue Feb 15, 2023
@xiabee @ghazalfamilyusa
br: security update br image:1.18.1-alpine to 1.18.9-alpine (pingcap#…
eda4480 
…40863)

ref pingcap#39052
ti-chi-bot added a commit that referenced this issue Feb 16, 2023
@ti-chi-bot
br: security update br image:1.18.1-alpine to 1.18.9-alpine (#40863) (#…
41c687f 
…41386)

ref #39052
ti-chi-bot added a commit that referenced this issue Mar 30, 2023
@ti-chi-bot
br: security update br image:1.18.1-alpine to 1.18.9-alpine (#40863) (#…
a991ae5 
…41390)

ref #39052
@xiabee xiabee closed this as completed May 17, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@xiabee xiabee

Labels
affects-6.1 This bug affects the 6.1.x(LTS) versions. affects-6.5 This bug affects the 6.5.x(LTS) versions. affects-6.6 component/br This issue is related to BR of TiDB. type/enhancement The issue or PR belongs to an enhancement.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

br: security update br image:1.18.1-alpine to 1.18.9-alpine
3 participants
@VelocityLight @xiabee @Ivy-YinSu