Fix CRITICAL level issues from CVE scanner #12260

Ex4amp1e · 2024-08-21T09:29:53Z

https://github.com/networkservicemesh/deployments-k8s/security

Update go to v1.23 locally (code)
Update go to v1.23 locally (base image)
Update go to v1.23 (sdk) - minimal changes version Upgrade go to v1.23.1 sdk#1664 (.github update required, Example: Ex4amp1e/.github@255dc46)
Provide remaining - 2 weeks
Update go to v1.23 (code)
Update go to v1.23 (base image) - Fix critical CVEs for releases v1.14.0 v1.14.1 #12283
Update base to latest version ubuntu/alpine and etc. - Fix critical CVEs for releases v1.14.0 v1.14.1 #12283

The text was updated successfully, but these errors were encountered:

denis-tingaikin · 2024-09-09T10:35:30Z

We decided to split work related to updating linter on two parts:

Update linter config to v1.23 with minimal changes
Provide a list of Linters that can be enabled in the future.
Create issues for each linter.

Ex4amp1e · 2024-09-11T09:33:17Z

Current set of CVE issues:

https://github.com/networkservicemesh/deployments-k8s/security/code-scanning/25814 - alpine ghcr.io/networkservicemesh/ci/cmd-forwarder-ovs:9ba4d40 - reproduced, but already fixed in the latest alpine image, no fix required
https://github.com/networkservicemesh/deployments-k8s/security/code-scanning/25813 - alpine ghcr.io/networkservicemesh/ci/cmd-forwarder-ovs:9ba4d40 - reproduced, but already fixed in the latest alpine image, no fix required
https://github.com/networkservicemesh/deployments-k8s/security/code-scanning/25812 - alpine ghcr.io/networkservicemesh/ci/cmd-forwarder-ovs:9ba4d40 - reproduced, but already fixed in the latest alpine image, no fix required
https://github.com/networkservicemesh/deployments-k8s/security/code-scanning/25802 - alpine - part of cmd repos - need more investigation
https://github.com/networkservicemesh/deployments-k8s/security/code-scanning/25662 - spire agent - fix required, need to use spire version >= 1.10.2 (current latest 1.10.3 - we will use it)
ghcr.io/networkservicemesh/ci/cmd-nsc-simple-docker:393f898 + ghcr.io/networkservicemesh/ci/cmd-nse-simple-vl3-docker:97c8bdc
https://github.com/networkservicemesh/deployments-k8s/security/code-scanning/25349 - go upgrade - all cmd repos - fix provided Upgraded base go image to golang:1.23.1 cmd-template#136 + manual upgrades where it is required

Ex4amp1e self-assigned this Aug 21, 2024

denis-tingaikin changed the title ~~Fix high level issues from CVE scanner~~ Fix CRITICAL level issues from CVE scanner Aug 23, 2024

This was referenced Sep 5, 2024

Upgrade go to v1.23 and fix linter errors networkservicemesh/sdk#1662

Draft

Upgrade go to v1.23 and fix linter errors networkservicemesh/cmd-nsmgr#702

Open

Ex4amp1e mentioned this issue Sep 11, 2024

Upgraded base go image to golang:1.23.1 networkservicemesh/cmd-template#136

Open

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Fix CRITICAL level issues from CVE scanner #12260

Fix CRITICAL level issues from CVE scanner #12260

Ex4amp1e commented Aug 21, 2024 •

edited

Loading

denis-tingaikin commented Sep 9, 2024 •

edited

Loading

Ex4amp1e commented Sep 11, 2024 •

edited

Loading

Fix CRITICAL level issues from CVE scanner #12260

Fix CRITICAL level issues from CVE scanner #12260

Comments

Ex4amp1e commented Aug 21, 2024 • edited Loading

denis-tingaikin commented Sep 9, 2024 • edited Loading

Ex4amp1e commented Sep 11, 2024 • edited Loading

Ex4amp1e commented Aug 21, 2024 •

edited

Loading

denis-tingaikin commented Sep 9, 2024 •

edited

Loading

Ex4amp1e commented Sep 11, 2024 •

edited

Loading