spilo icon indicating copy to clipboard operation
spilo copied to clipboard
verified publisher icon zalando

Security Vulnerabilities Found

Open jayantb-95 opened this issue 1 year ago • 3 comments

  • Which image of the operator/spilo are you using? registry.opensource.zalan.do/acid/postgres-operator:v1.10.1 ghcr.io/zalando/spilo-15:3.0-p1

  • Where do you run it ? Bare Metal Openshift

  • Are you running Postgres Operator in production? yes

  • Type of issue? Security Vulnerability

rdbms_vulnerabilities_github.xlsx

Hi Team Zalando, We've deployed the postgres-operator in our environment with slight modification of splitting this single repo into 3 different helm charts, mainly CRDs, Operator & the Cluster We're reported various security vulnerabilities as part of the security scan (excel sheet attached), with reference to the CVE-ID respectively.

jayantb-95 avatar Mar 12 '24 06:03 jayantb-95

the latest image is ghcr.io/zalando/spilo-15:3.2-p1

https://github.com/zalando/spilo/pkgs/container/spilo-15

hughcapet avatar Mar 12 '24 06:03 hughcapet

github actually lists 3.0-p1 as the latest release.

dpmillerau avatar Mar 14 '24 05:03 dpmillerau

we;ve stopped publishing releases. only building new images from time to time

hughcapet avatar Mar 14 '24 13:03 hughcapet