Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Upgrade tomcat and jdk #16

Open
wants to merge 4 commits into
base: master
Choose a base branch
from
Open

Conversation

weiliang-ms
Copy link

@weiliang-ms weiliang-ms commented Aug 22, 2023

  1. Fixes security vulnerabilities in older versions.
  • old version
$ trivy image kubesphere/java8-runtime:v3.2.0 --skip-db-update
2023-08-22T02:27:39.470-0400    INFO    Vulnerability scanning is enabled
2023-08-22T02:27:39.470-0400    INFO    Secret scanning is enabled
2023-08-22T02:27:39.470-0400    INFO    If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2023-08-22T02:27:39.470-0400    INFO    Please see also https://aquasecurity.github.io/trivy/v0.44/docs/scanner/secret/#recommendation for faster secret detection
2023-08-22T02:27:41.678-0400    INFO    Detected OS: alpine
2023-08-22T02:27:41.678-0400    INFO    Detecting Alpine vulnerabilities...
2023-08-22T02:27:41.711-0400    INFO    Number of language-specific files: 0
2023-08-22T02:27:41.772-0400    WARN    This OS version is no longer supported by the distribution: alpine 3.9.4
2023-08-22T02:27:41.773-0400    WARN    The vulnerability detection may be insufficient because security updates are not provided

kubesphere/java8-runtime:v3.2.0 (alpine 3.9.4)

Total: 274 (UNKNOWN: 0, LOW: 140, MEDIUM: 98, HIGH: 32, CRITICAL: 4)
  • new version
$ trivy image kubesphere/java8-runtime:v3.2.0-new --skip-db-update
2023-08-22T02:40:43.293-0400    INFO    Vulnerability scanning is enabled
2023-08-22T02:40:43.293-0400    INFO    Secret scanning is enabled
2023-08-22T02:40:43.293-0400    INFO    If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2023-08-22T02:40:43.293-0400    INFO    Please see also https://aquasecurity.github.io/trivy/v0.44/docs/scanner/secret/#recommendation for faster secret detection
2023-08-22T02:40:52.152-0400    INFO    JAR files found
2023-08-22T02:40:52.210-0400    INFO    Analyzing JAR files takes a while...
2023-08-22T02:40:52.416-0400    INFO    Detected OS: alpine
2023-08-22T02:40:52.416-0400    INFO    Detecting Alpine vulnerabilities...
2023-08-22T02:40:52.441-0400    INFO    Number of language-specific files: 0

kubesphere/java8-runtime:v3.2.0-new (alpine 3.18.3)

Total: 0 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 0)
  1. Bump tomcat from 8.5.32 to 8.5.92.

Fixes security vulnerabilities in older versions.
@weiliang-ms
Copy link
Author

/assign @LinuxSuRen

@ks-ci-bot
Copy link
Collaborator

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: weiliang-ms
To complete the pull request process, please ask for approval from linuxsuren after the PR has been reviewed.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@ks-ci-bot ks-ci-bot added size/S and removed size/XS labels Aug 22, 2023
@weiliang-ms weiliang-ms changed the title Bump jdk from 1.8.0_212 to 1.8.0_382 Upgrade tomcat and jdk Aug 22, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants