Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Moby CVEs trivyignore #10438

Merged
merged 15 commits into from
Dec 23, 2024
Merged

Moby CVEs trivyignore #10438

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
15 commits
Select commit Hold shift + click to select a range
33b7e1f
add to trivyignore
bewebi Dec 4, 2024
91f421b
changelog
bewebi Dec 4, 2024
b994504
Adding changelog file to new location
Dec 5, 2024
53ab5d4
Deleting changelog file from old location
Dec 5, 2024
b22eaa9
Adding changelog file to new location
Dec 11, 2024
616e29e
Deleting changelog file from old location
Dec 11, 2024
ca53f2f
update tirvyignore
davidjumani Dec 12, 2024
ef7159d
newline
davidjumani Dec 12, 2024
1c7f3aa
Merge branch 'main' into bewebi/moby-trivyignore
davidjumani Dec 12, 2024
19b795d
skip directives
davidjumani Dec 12, 2024
99a561e
Merge branch 'main' into bewebi/moby-trivyignore
davidjumani Dec 18, 2024
f9f8665
update trivyignore, changelog
bewebi Dec 20, 2024
4943faa
Merge branch 'main' into bewebi/moby-trivyignore
ashishb-solo Dec 20, 2024
40216f9
Merge branch 'main' into bewebi/moby-trivyignore
ashishb-solo Dec 22, 2024
4af1fd9
Merge branch 'main' into bewebi/moby-trivyignore
bewebi Dec 23, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 10 additions & 1 deletion .trivyignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -67,4 +67,13 @@ CVE-2024-27304
# This is resolved in versions of Gloo Gateway that rely on Go1.22 and above (1.17, 1.18)
# For earlier versions of Gloo Gateway, we confirmed that the vulnerability is not exploitable
# and captured our findings here: https://github.com/solo-io/solo-projects/issues/7157#issuecomment-2463252858
CVE-2022-30635
CVE-2022-30635

# https://github.com/advisories/GHSA-2mj3-vfvx-fc43
# https://github.com/advisories/GHSA-gh5c-3h97-2f3q
# These are not expected to impact us and are difficult to resolve due to breaking API changes that impact our code
# While this has been resolved on v1.17+, backporting it to lower versions is complicated and we opted to skip it
# We can remove these once moby/moby has been upgraded to v26+ on all LTS branches
# Ref: https://solo-io-corp.slack.com/archives/C03MFATU265/p1733926775760049?thread_ts=1733429266.473749&cid=C03MFATU265
CVE-2024-36621
CVE-2024-36623
14 changes: 14 additions & 0 deletions changelog/v1.19.0-beta3/moby-cves-trivyignore.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
changelog:
- type: NON_USER_FACING
description: Add CVE-2024-36621 and CVE-2024-36623 to trivyignore
issueLink: https://github.com/solo-io/solo-projects/issues/7357
- type: NON_USER_FACING
description: This also resolves the issue for 1.15
issueLink: https://github.com/solo-io/solo-projects/issues/7358
- type: NON_USER_FACING
issueLink: https://github.com/solo-io/solo-projects/issues/7359
description: >-
This also resolves the issue for 1.14
skipCI-kube-tests:true
skipCI-docs-build:true