Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

GHSA-jq35-85cj-fj4p security issue is found for github.com/docker/docker v20.10.24 in twistlock scan #6621

Closed
lihongbj opened this issue Nov 3, 2023 · 5 comments
Closed

GHSA-jq35-85cj-fj4p security issue is found for github.com/docker/docker v20.10.24 in twistlock scan #6621

lihongbj opened this issue Nov 3, 2023 · 5 comments
Labels
lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed.
Milestone
Backlog

Comments

@lihongbj
Copy link

lihongbj commented Nov 3, 2023

Bug Report

What did you do?

When we use this git repo to build helm-operator binary, a medium security issue GHSA-jq35-85cj-fj4p is found for github.com/docker/docker v20.10.24 in latest master branch during security twistlock scan.

What did you expect to see?

We expect the GHSA-jq35-85cj-fj4p is fixed in future to upgrade github.com/docker/docker to v24.0.7 at least.
@varshaprasad96
Copy link
Member

This would also be handled when bumping k8s to 1.27

@varshaprasad96 varshaprasad96 added this to the Backlog milestone Nov 13, 2023
@openshift-bot
Copy link

Issues go stale after 90d of inactivity.

Mark the issue as fresh by commenting /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
Exclude this issue from closing by commenting /lifecycle frozen.

If this issue is safe to close now please do so with /close.

/lifecycle stale

@openshift-ci openshift-ci bot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Feb 12, 2024
@openshift-bot
Copy link

Stale issues rot after 30d of inactivity.

Mark the issue as fresh by commenting /remove-lifecycle rotten.
Rotten issues close after an additional 30d of inactivity.
Exclude this issue from closing by commenting /lifecycle frozen.

If this issue is safe to close now please do so with /close.

/lifecycle rotten
/remove-lifecycle stale

@openshift-ci openshift-ci bot added lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed. and removed lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. labels Mar 13, 2024
@openshift-bot
Copy link

Rotten issues close after 30d of inactivity.

Reopen the issue by commenting /reopen.
Mark the issue as fresh by commenting /remove-lifecycle rotten.
Exclude this issue from closing again by commenting /lifecycle frozen.

/close

@openshift-ci openshift-ci bot closed this as completed Apr 13, 2024
@openshift-ci OpenShift CI
Copy link

openshift-ci bot commented Apr 13, 2024

@openshift-bot: Closing this issue.

In response to this:

Rotten issues close after 30d of inactivity.

Reopen the issue by commenting /reopen.
Mark the issue as fresh by commenting /remove-lifecycle rotten.
Exclude this issue from closing again by commenting /lifecycle frozen.

/close

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed.
Projects
None yet
Milestone
Backlog
Development

No branches or pull requests
3 participants
@openshift-bot @varshaprasad96 @lihongbj