Guilherme Macedo
Guilherme Macedo
Update some Go dependencies.
This is a proposal for https://github.com/aquasecurity/trivy/issues/1201 and follow ideas from https://github.com/aquasecurity/trivy/pull/919. Please let me know if I should write a test for this template. Any feedback is appreciated.
[CVE-2022-3172][Kubernetes upstream] Aggregated API server can cause clients to be redirected (SSRF)
This issue is to track upstream [CVE-2022-3172](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3172) in Kubernetes affecting the API server Original upstream issue https://github.com/kubernetes/kubernetes/issues/112513. --- A security issue was discovered in kube-apiserver that allows an aggregated API...
This issue is to track upstream [CVE-2021-25749](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25749) in Kubernetes affecting **Windows workloads only**. Original upstream issue https://github.com/kubernetes/kubernetes/issues/112192. --- A security issue was discovered in Kubernetes that could allow Windows workloads...
This is a placeholder issue to track updates in Rancher's [CLI](https://github.com/rancher/cli) for when the code freeze period has ended. There are some outdated Go dependencies that will benefit with some...
## Issue: Bump `rancher/system-agent` to [v0.3.7-rc2](https://github.com/rancher/system-agent/releases/tag/v0.3.7-rc2) to fix some low hanging CVEs. ## Problem ## Solution ## Testing ## Engineering Testing ### Manual Testing ### Automated Testing * Test types...
## Issue: https://github.com/rancher/rancher/issues/46570 ## Problem This PR does: 1. Migrate the Agent image to BCI-Micro, which is a backport of https://github.com/rancher/rancher/pull/44044 and that was missed in https://github.com/rancher/rancher/pull/46205, where the main...
When vexctl merges documents that have the same CVE ID, even if the affected products/subcomponents are the same, the new document will contain one statement for each CVE ID merged....
This PR adds support to patching SUSE related images based on SLES (SUSE Linux Enterprise Server), BCI (container images) and openSUSE (LEAP and Tumbleweed). It uses Zypper as the package...
This PR adds FOSSA license scanning workflow.