Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Switch to Debian 11(bullseye) in order to remediate multiple vulnerabilities #2

Open
wants to merge 4 commits into
base: master
Choose a base branch
from
Open

Switch to Debian 11(bullseye) in order to remediate multiple vulnerabilities #2

wants to merge 4 commits into from

Conversation

mashayev
Copy link

Before:

$ grype --only-fixed mishasel/prometheus_amqp_proxy

NAME          INSTALLED  FIXED-IN    TYPE  VULNERABILITY   SEVERITY
busybox       1.24.2-r8  1.24.2-r13  apk   CVE-2017-16544  High
busybox       1.24.2-r8  1.24.2-r12  apk   CVE-2016-6301   High
busybox       1.24.2-r8  1.24.2-r13  apk   CVE-2017-15873  Medium
libcrypto1.0  1.0.2h-r0  1.0.2h-r3   apk   CVE-2016-6303   Critical
libcrypto1.0  1.0.2h-r0  1.0.2h-r3   apk   CVE-2016-2182   Critical
libcrypto1.0  1.0.2h-r0  1.0.2h-r1   apk   CVE-2016-2177   Critical
libcrypto1.0  1.0.2h-r0  1.0.2o-r1   apk   CVE-2018-0732   High
libcrypto1.0  1.0.2h-r0  1.0.2k-r0   apk   CVE-2017-3731   High
libcrypto1.0  1.0.2h-r0  1.0.2j-r0   apk   CVE-2016-7052   High
libcrypto1.0  1.0.2h-r0  1.0.2i-r0   apk   CVE-2016-6304   High
libcrypto1.0  1.0.2h-r0  1.0.2h-r3   apk   CVE-2016-6302   High
libcrypto1.0  1.0.2h-r0  1.0.2i-r0   apk   CVE-2016-2183   High
libcrypto1.0  1.0.2h-r0  1.0.2h-r4   apk   CVE-2016-2181   High
libcrypto1.0  1.0.2h-r0  1.0.2h-r2   apk   CVE-2016-2180   High
libcrypto1.0  1.0.2h-r0  1.0.2h-r3   apk   CVE-2016-2179   High
libcrypto1.0  1.0.2h-r0  1.0.2q-r0   apk   CVE-2018-5407   Medium
libcrypto1.0  1.0.2h-r0  1.0.2o-r0   apk   CVE-2018-0739   Medium
libcrypto1.0  1.0.2h-r0  1.0.2o-r2   apk   CVE-2018-0737   Medium
libcrypto1.0  1.0.2h-r0  1.0.2q-r0   apk   CVE-2018-0734   Medium
libcrypto1.0  1.0.2h-r0  1.0.2o-r0   apk   CVE-2018-0733   Medium
libcrypto1.0  1.0.2h-r0  1.0.2n-r0   apk   CVE-2017-3738   Medium
libcrypto1.0  1.0.2h-r0  1.0.2n-r0   apk   CVE-2017-3737   Medium
libcrypto1.0  1.0.2h-r0  1.0.2m-r0   apk   CVE-2017-3736   Medium
libcrypto1.0  1.0.2h-r0  1.0.2m-r0   apk   CVE-2017-3735   Medium
libcrypto1.0  1.0.2h-r0  1.0.2k-r0   apk   CVE-2017-3732   Medium
libcrypto1.0  1.0.2h-r0  1.0.2k-r0   apk   CVE-2016-7055   Medium
libcrypto1.0  1.0.2h-r0  1.0.2i-r0   apk   CVE-2016-6306   Medium
libcrypto1.0  1.0.2h-r0  1.0.2h-r1   apk   CVE-2016-2178   Medium
libssl1.0     1.0.2h-r0  1.0.2h-r3   apk   CVE-2016-6303   Critical
libssl1.0     1.0.2h-r0  1.0.2h-r3   apk   CVE-2016-2182   Critical
libssl1.0     1.0.2h-r0  1.0.2h-r1   apk   CVE-2016-2177   Critical
libssl1.0     1.0.2h-r0  1.0.2o-r1   apk   CVE-2018-0732   High
libssl1.0     1.0.2h-r0  1.0.2k-r0   apk   CVE-2017-3731   High
libssl1.0     1.0.2h-r0  1.0.2j-r0   apk   CVE-2016-7052   High
libssl1.0     1.0.2h-r0  1.0.2i-r0   apk   CVE-2016-6304   High
libssl1.0     1.0.2h-r0  1.0.2h-r3   apk   CVE-2016-6302   High
libssl1.0     1.0.2h-r0  1.0.2i-r0   apk   CVE-2016-2183   High
libssl1.0     1.0.2h-r0  1.0.2h-r4   apk   CVE-2016-2181   High
libssl1.0     1.0.2h-r0  1.0.2h-r2   apk   CVE-2016-2180   High
libssl1.0     1.0.2h-r0  1.0.2h-r3   apk   CVE-2016-2179   High
libssl1.0     1.0.2h-r0  1.0.2q-r0   apk   CVE-2018-5407   Medium
libssl1.0     1.0.2h-r0  1.0.2o-r0   apk   CVE-2018-0739   Medium
libssl1.0     1.0.2h-r0  1.0.2o-r2   apk   CVE-2018-0737   Medium
libssl1.0     1.0.2h-r0  1.0.2q-r0   apk   CVE-2018-0734   Medium
libssl1.0     1.0.2h-r0  1.0.2o-r0   apk   CVE-2018-0733   Medium
libssl1.0     1.0.2h-r0  1.0.2n-r0   apk   CVE-2017-3738   Medium
libssl1.0     1.0.2h-r0  1.0.2n-r0   apk   CVE-2017-3737   Medium
libssl1.0     1.0.2h-r0  1.0.2m-r0   apk   CVE-2017-3736   Medium
libssl1.0     1.0.2h-r0  1.0.2m-r0   apk   CVE-2017-3735   Medium
libssl1.0     1.0.2h-r0  1.0.2k-r0   apk   CVE-2017-3732   Medium
libssl1.0     1.0.2h-r0  1.0.2k-r0   apk   CVE-2016-7055   Medium
libssl1.0     1.0.2h-r0  1.0.2i-r0   apk   CVE-2016-6306   Medium
libssl1.0     1.0.2h-r0  1.0.2h-r1   apk   CVE-2016-2178   Medium
musl          1.1.14-r9  1.1.14-r13  apk   CVE-2016-8859   Critical
musl          1.1.14-r9  1.1.14-r16  apk   CVE-2017-15650  High
musl-utils    1.1.14-r9  1.1.14-r13  apk   CVE-2016-8859   Critical
musl-utils    1.1.14-r9  1.1.14-r16  apk   CVE-2017-15650  High
zlib          1.2.8-r2   1.2.11-r0   apk   CVE-2016-9843   Critical
zlib          1.2.8-r2   1.2.11-r0   apk   CVE-2016-9841   Critical
zlib          1.2.8-r2   1.2.11-r0   apk   CVE-2016-9842   High
zlib          1.2.8-r2   1.2.11-r0   apk   CVE-2016-9840   High

After:

$ grype --only-fixed my_prometheus_amqp_proxy

No vulnerabilities found

@mashayev mashayev requested review from moshe and jeff-armis May 16, 2024 14:44
@mashayev
Copy link
Author

It wasn't tested yet. This is just a POC... I will update once it was tested and working as it suppose to.
CC: @moshe / @jeff-armis

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@moshe moshe Awaiting requested review from moshe

@jeff-armis jeff-armis Awaiting requested review from jeff-armis

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@mashayev