Bug fixes and the experimental obfuscate-metadata build command flag to confuse vulnerability scanners

kcq released this 09 Jun 02:20

· 197 commits to master since this release

762eea8

Improvements

New experimental build command flag to prevent the vulnerability scanners from discovering the metadata they need to identify the vulnerabilities (--obfuscate-metadata) inspired by the Malicious Compliance KubeCon EU 2023 talk

Bug Fixes

HEALTHCHECK instruction decoding enhancements to handle the data generated by buildah
fsutil format string bug fix

Binaries

Build them from source or download from a CDN location:

Linux
Linux ARM
Linux ARM64
Mac
Mac M1
Containerized: docker pull dslim/slim

Assets 2