IBM / portieris

A Kubernetes Admission Controller for verifying image trust.
Apache License 2.0
332 stars 78 forks source link

Prep v0.13.20 #467

Closed paulaldridge closed 1 month ago

paulaldridge commented 1 month ago

Remediates CVE-2024-9355 in golang

A rebuild should fix this as we are using registry.access.redhat.com/ubi8/go-toolset:1.21.13 and that says it has golang-1.21.13-3.module+el8.10.0+22345+acdd8d0e.x86_64 which is what the vuln issue asked for: Corrective action: Upgrade golang to >= 0:1.21.13-3.module+el8.10.0+22345+acdd8d0e

Reference: https://catalog.redhat.com/software/containers/ubi8/go-toolset/5ce8713aac3db925c03774d1?container-tabs=packages

Locally tested as per the runbook and all was successfull.