-
Notifications
You must be signed in to change notification settings - Fork 6.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: Dockerfile to reduce vulnerabilities #1972
Conversation
The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-DEBIAN11-GNUTLS28-6159417 - https://snyk.io/vuln/SNYK-DEBIAN11-GNUTLS28-6159419 - https://snyk.io/vuln/SNYK-DEBIAN11-PERL-6085272 - https://snyk.io/vuln/SNYK-DEBIAN11-SHADOW-526940 - https://snyk.io/vuln/SNYK-DEBIAN11-ZLIB-6008961
…99c7cb9 [Snyk] Security upgrade python from 3.11-slim-bullseye to 3.13.0a2-slim
The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-DEBIAN12-GLIBC-6210088 - https://snyk.io/vuln/SNYK-DEBIAN12-GLIBC-6210098 - https://snyk.io/vuln/SNYK-DEBIAN12-GLIBC-6210098 - https://snyk.io/vuln/SNYK-DEBIAN12-GNUTLS28-6159410 - https://snyk.io/vuln/SNYK-DEBIAN12-GNUTLS28-6159418
…b5a683a [Snyk] Security upgrade python from 3.13.0a2-slim to 3.13.0a3-slim
The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-DEBIAN12-GLIBC-6617103 - https://snyk.io/vuln/SNYK-DEBIAN12-GLIBC-6673964 - https://snyk.io/vuln/SNYK-DEBIAN12-GLIBC-6673969 - https://snyk.io/vuln/SNYK-DEBIAN12-GLIBC-6673972 - https://snyk.io/vuln/SNYK-DEBIAN12-ZLIB-6008963
…ddb5503 [Snyk] Security upgrade python from 3.13.0a3-slim to 3.13.0b1-slim
Seems that this action was largely automated, but for the possible future reader... At first glance, it doesn't seem that any of these vulnerabilities are particularly relevant to Sherlock. Each of the patches seem to be for wholly untouched components of the container's OS (i.e. CVE-2023-45853, affecting zipOpenNewFileInZip4_64 of all things, included in things like pyminizip, something that Sherlock has never to my knowledge actually used). If there is some unknown risk, please advise either as a reply here or in another Issue with actual comments. Sensitive issues can utilize my publicly available PGP key. |
No description provided.