Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Vulnerability patch in network-tools #1947

Merged
merged 1 commit into from
Dec 17, 2020
Merged

Vulnerability patch in network-tools #1947

merged 1 commit into from
Dec 17, 2020

Conversation

github-actions[bot]
Copy link

A rebuild of jupyterhub/k8s-network-tools has been found to influence the detected vulnerabilities! This PR will trigger a rebuild because it has updated a comment in the Dockerfile.

About

This scan for known vulnerabilities has been made by aquasecurity/trivy. Trivy was configured to filter the vulnerabilities with the following settings:

  • severity: CRITICAL,HIGH
  • ignore-unfixed: true

Before

Before trying to rebuild the image, the following vulnerabilities was detected in jupyterhub/k8s-network-tools:0.10.6-n031.h4728fa2f.

Target Vuln. ID Package Name Installed v. Fixed v.
alpine CVE-2020-1971 libcrypto1.1 1.1.1g-r0 1.1.1i-r0
alpine CVE-2020-1971 libssl1.1 1.1.1g-r0 1.1.1i-r0

After

No vulnerabilities! 🎉

@welcome
Copy link

welcome bot commented Dec 17, 2020

Thanks for submitting your first pull request! You are awesome! 🤗

If you haven't done so already, check out Jupyter's Code of Conduct. Also, please make sure you followed the pull request template, as this will help us review your contribution more quickly.
welcome
You can meet the other Jovyans by joining our Discourse forum. There is also a intro thread there where you can stop by and say Hi! 👋

Welcome to the Jupyter community! 🎉

@yuvipanda yuvipanda merged commit 0f3f262 into master Dec 17, 2020
@yuvipanda yuvipanda deleted the vuln-scan-network-tools branch December 17, 2020 08:35
@yuvipanda
Copy link
Collaborator

w00p.

consideRatio pushed a commit to jupyterhub/helm-chart that referenced this pull request Dec 17, 2020
[jupyterhub] Automatic update for commit 0.10.6-n035.hc9ec68a9
7964476 
jupyterhub/zero-to-jupyterhub-k8s#1947 Merge pull request #1947 from jupyterhub/vuln-scan-network-tools
@consideRatio consideRatio mentioned this pull request Jan 5, 2021
Open
3 tasks
@consideRatio consideRatio mentioned this pull request Sep 29, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@consideRatio consideRatio Awaiting requested review from consideRatio

@manics manics Awaiting requested review from manics

@minrk minrk Awaiting requested review from minrk

Assignees
No one assigned
Labels
dependencies maintenance
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@yuvipanda @consideRatio