Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Apply CVE Fix #71

Closed
wants to merge 1 commit into from
Closed

Apply CVE Fix #71

wants to merge 1 commit into from
+65 −65

Conversation

octo-sts[bot]
Copy link

@octo-sts octo-sts bot commented Jan 10, 2025

Grype Scan Summary after updating to 7.4.2-r0-202501081559 
No vulnerabilities found

Prisma Cloud Console Link

View detailed scan results in Prisma Cloud Console

Changes

File Changes 
diff --git a/helm/redis/values.yaml b/helm/redis/values.yaml
index c6098e0..b3309ea 100644
--- a/helm/redis/values.yaml
+++ b/helm/redis/values.yaml
@@ -9,4 +9,4 @@ master:
 image:
   registry: cgr.dev
   repository: cgr-demo.com/redis-server-bitnami
-  tag: 7.4.1-r0-202412141645
+  tag: 7.4.2-r0-202501081559
diff --git a/pcc_scan_results.json b/pcc_scan_results.json
index 1aac2fd..7f4dcd5 100644
--- a/pcc_scan_results.json
+++ b/pcc_scan_results.json
@@ -1,11 +1,11 @@
 {
 	"results": [
 		{
-			"id": "sha256:e023f556edaf4f901d974ad7bc4930a7fc4fab037471a7e5baf488531c68b7de",
-			"name": "cgr.dev/cgr-demo.com/redis-server-bitnami:7.4.1-r0-202412141645",
+			"id": "sha256:69f3634101bbc1cef21b9584588f20f2697ff82b132189e6c2639d6d3f0a064b",
+			"name": "cgr.dev/cgr-demo.com/redis-server-bitnami:7.4.2-r0-202501081559",
 			"distro": "Chainguard",
 			"distroRelease": "20230214",
-			"digest": "sha256:7ade4d608dfbcc11d612ae6ec42befb570cbe3262ff19e34c77f37671ef9fc10",
+			"digest": "sha256:7e016701932fcff0f9e1bd2eca35862b1fdea4ec728b99214fff9e521d23a141",
 			"collections": [
 				"All"
 			],
@@ -45,7 +45,7 @@
 				{
 					"type": "os",
 					"name": "libxcrypt",
-					"version": "4.4.36-r8",
+					"version": "4.4.37-r0",
 					"licenses": [
 						"GPL-2.0-or-later AND LGPL-2.1-or-later"
 					]
@@ -68,113 +68,113 @@
 				},
 				{
 					"type": "os",
-					"name": "glibc",
-					"version": "2.40-r3",
+					"name": "attr",
+					"version": "2.5.2-r4",
 					"licenses": [
-						"LGPL-2.1-or-later"
+						"GPL-2.0-or-later"
 					]
 				},
 				{
 					"type": "os",
-					"name": "openssl",
-					"version": "3.4.0-r4",
+					"name": "ncurses",
+					"version": "6.5_p20241228-r0",
 					"licenses": [
-						"Apache-2.0"
+						"MIT"
 					]
 				},
 				{
 					"type": "os",
-					"name": "acl",
-					"version": "2.3.2-r4",
+					"name": "gcc",
+					"version": "14.2.0-r7",
 					"licenses": [
-						"LGPL-2.1-or-later AND GPL-2.0-or-later"
+						"GPL-3.0-or-later WITH GCC-exception-3.1"
 					]
 				},
 				{
 					"type": "os",
-					"name": "attr",
-					"version": "2.5.2-r4",
+					"name": "ca-certificates",
+					"version": "20241121-r1",
 					"licenses": [
-						"GPL-2.0-or-later"
+						"MPL-2.0 AND MIT"
 					]
 				},
 				{
 					"type": "os",
-					"name": "ncurses",
-					"version": "6.5_p20241006-r4",
+					"name": "redis-7.4",
+					"version": "7.4.2-r0",
 					"licenses": [
-						"MIT"
+						"SSPL-1.0"
 					]
 				},
 				{
 					"type": "os",
-					"name": "gcc",
-					"version": "14.2.0-r6",
+					"name": "glibc",
+					"version": "2.40-r3",
 					"licenses": [
-						"GPL-3.0-or-later WITH GCC-exception-3.1"
+						"LGPL-2.1-or-later"
 					]
 				},
 				{
 					"type": "os",
-					"name": "ca-certificates",
-					"version": "20241010-r2",
+					"name": "openssl",
+					"version": "3.4.0-r5",
 					"licenses": [
-						"MPL-2.0 AND MIT"
+						"Apache-2.0"
 					]
 				},
 				{
 					"type": "os",
-					"name": "redis-7.4",
-					"version": "7.4.1-r0",
+					"name": "acl",
+					"version": "2.3.2-r4",
 					"licenses": [
-						"SSPL-1.0"
+						"LGPL-2.1-or-later AND GPL-2.0-or-later"
 					]
 				},
 				{
 					"type": "go",
-					"name": "syscall",
+					"name": "net",
 					"version": "1.23.1",
 					"path": "/usr/bin/wait-for-port"
 				},
 				{
 					"type": "go",
-					"name": "internal/poll",
+					"name": "internal/abi",
 					"version": "1.23.1",
 					"path": "/usr/bin/wait-for-port"
 				},
 				{
 					"type": "go",
-					"name": "unique",
+					"name": "sync",
 					"version": "1.23.1",
 					"path": "/usr/bin/wait-for-port"
 				},
 				{
 					"type": "go",
-					"name": "errors",
+					"name": "unique",
 					"version": "1.23.1",
 					"path": "/usr/bin/wait-for-port"
 				},
 				{
 					"type": "go",
-					"name": "internal/abi",
+					"name": "internal/stringslite",
 					"version": "1.23.1",
 					"path": "/usr/bin/wait-for-port"
 				},
 				{
 					"type": "go",
-					"name": "path/filepath",
+					"name": "io/fs",
 					"version": "1.23.1",
 					"path": "/usr/bin/wait-for-port"
 				},
 				{
 					"type": "go",
-					"name": "os",
+					"name": "io",
 					"version": "1.23.1",
 					"path": "/usr/bin/wait-for-port"
 				},
 				{
 					"type": "go",
-					"name": "internal/runtime/syscall",
+					"name": "runtime",
 					"version": "1.23.1",
 					"path": "/usr/bin/wait-for-port"
 				},
@@ -186,121 +186,121 @@
 				},
 				{
 					"type": "go",
-					"name": "net",
+					"name": "syscall",
 					"version": "1.23.1",
 					"path": "/usr/bin/wait-for-port"
 				},
 				{
 					"type": "go",
-					"name": "internal/itoa",
+					"name": "internal/chacha8rand",
 					"version": "1.23.1",
 					"path": "/usr/bin/wait-for-port"
 				},
 				{
 					"type": "go",
-					"name": "sync/atomic",
+					"name": "path/filepath",
 					"version": "1.23.1",
 					"path": "/usr/bin/wait-for-port"
 				},
 				{
 					"type": "go",
-					"name": "io/fs",
+					"name": "vendor/golang.org/x/net/dns/dnsmessage",
 					"version": "1.23.1",
 					"path": "/usr/bin/wait-for-port"
 				},
 				{
 					"type": "go",
-					"name": "runtime",
+					"name": "internal/itoa",
 					"version": "1.23.1",
 					"path": "/usr/bin/wait-for-port"
 				},
 				{
 					"type": "go",
-					"name": "sync",
+					"name": "internal/syscall/unix",
 					"version": "1.23.1",
 					"path": "/usr/bin/wait-for-port"
 				},
 				{
 					"type": "go",
-					"name": "internal/byteorder",
+					"name": "internal/runtime/atomic",
 					"version": "1.23.1",
 					"path": "/usr/bin/wait-for-port"
 				},
 				{
 					"type": "go",
-					"name": "internal/runtime/atomic",
+					"name": "context",
 					"version": "1.23.1",
 					"path": "/usr/bin/wait-for-port"
 				},
 				{
 					"type": "go",
-					"name": "io",
+					"name": "net/netip",
 					"version": "1.23.1",
 					"path": "/usr/bin/wait-for-port"
 				},
 				{
 					"type": "go",
-					"name": "internal/chacha8rand",
+					"name": "sync/atomic",
 					"version": "1.23.1",
 					"path": "/usr/bin/wait-for-port"
 				},
 				{
 					"type": "go",
-					"name": "time",
-					"version": "1.23.1",
+					"name": "golang.org/x/sys/unix",
+					"version": "v0.21.0",
 					"path": "/usr/bin/wait-for-port"
 				},
 				{
 					"type": "go",
-					"name": "runtime/internal/sys",
+					"name": "internal/poll",
 					"version": "1.23.1",
 					"path": "/usr/bin/wait-for-port"
 				},
 				{
 					"type": "go",
-					"name": "internal/bytealg",
+					"name": "time",
 					"version": "1.23.1",
 					"path": "/usr/bin/wait-for-port"
 				},
 				{
 					"type": "go",
-					"name": "golang.org/x/sys/unix",
-					"version": "v0.21.0",
+					"name": "os",
+					"version": "1.23.1",
 					"path": "/usr/bin/wait-for-port"
 				},
 				{
 					"type": "go",
-					"name": "net/netip",
+					"name": "internal/byteorder",
 					"version": "1.23.1",
 					"path": "/usr/bin/wait-for-port"
 				},
 				{
 					"type": "go",
-					"name": "context",
+					"name": "errors",
 					"version": "1.23.1",
 					"path": "/usr/bin/wait-for-port"
 				},
 				{
 					"type": "go",
-					"name": "strconv",
+					"name": "internal/runtime/syscall",
 					"version": "1.23.1",
 					"path": "/usr/bin/wait-for-port"
 				},
 				{
 					"type": "go",
-					"name": "vendor/golang.org/x/net/dns/dnsmessage",
+					"name": "runtime/internal/sys",
 					"version": "1.23.1",
 					"path": "/usr/bin/wait-for-port"
 				},
 				{
 					"type": "go",
-					"name": "internal/syscall/unix",
+					"name": "internal/bytealg",
 					"version": "1.23.1",
 					"path": "/usr/bin/wait-for-port"
 				},
 				{
 					"type": "go",
-					"name": "internal/stringslite",
+					"name": "strconv",
 					"version": "1.23.1",
 					"path": "/usr/bin/wait-for-port"
 				},
@@ -325,7 +325,7 @@
 				},
 				{
 					"name": "redis-server",
-					"version": "14.2.0",
+					"version": "7.4.2",
 					"path": "/usr/bin/redis-server"
 				}
 			],
@@ -347,13 +347,13 @@
 			"vulnerabilityScanPassed": true,
 			"history": [
 				{
-					"created": "2024-12-12T00:51:33Z",
+					"created": "2025-01-08T14:05:43Z",
 					"instruction": "RUN apko"
 				}
 			],
-			"scanTime": "2024-12-19T19:20:16.216866149Z",
-			"scanID": "676471f0e666b670b910fa1e"
+			"scanTime": "2025-01-10T18:08:16.303073375Z",
+			"scanID": "6781621066d245dd3378a7f3"
 		}
 	],
-	"consoleURL": "https://app.prismacloud.io/compute?computeState=/monitor/vulnerabilities/images/ci?search%3Dsha256%253Ae023f556edaf4f901d974ad7bc4930a7fc4fab037471a7e5baf488531c68b7de"
+	"consoleURL": "https://app.prismacloud.io/compute?computeState=/monitor/vulnerabilities/images/ci?search%3Dsha256%253A69f3634101bbc1cef21b9584588f20f2697ff82b132189e6c2639d6d3f0a064b"
 }
\ No newline at end of file
diff --git a/pcc_scan_results.sarif.json b/pcc_scan_results.sarif.json
index 717266f..7dbd052 100644
--- a/pcc_scan_results.sarif.json
+++ b/pcc_scan_results.sarif.json
@@ -1 +1 @@
-{"$schema":"https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json","version":"2.1.0","runs":[{"tool":{"driver":{"name":"Prisma Cloud (twistcli)","version":"33.02.134","rules":[]}},"results":[]}]}
\ No newline at end of file
+{"$schema":"https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json","version":"2.1.0","runs":[{"tool":{"driver":{"name":"Prisma Cloud (twistcli)","version":"33.03.138","rules":[]}},"results":[]}]}
\ No newline at end of file

@octo-sts octo-sts bot added automated pr This PR was opened by a bot cve patch labels Jan 10, 2025
@octo-sts octo-sts bot closed this Jan 10, 2025
@octo-sts octo-sts bot deleted the apply-cve-fix branch January 10, 2025 19:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
automated pr This PR was opened by a bot cve patch
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@johnfosborneiii