Vulnerability update in atomist/skill (branch main)

Vulnerabilities

Following vulnerability changes detected in image atomist/skill from branch main:

New vulnerabilities

CVE	Severity	CVSS	Packages	Fix	Line
Base image `ubuntu:rolling`
CVE-2021-36222	high	`7.5`	`krb5-locales` _1.18.3-4 `libgssapi-krb5-2` _1.18.3-4 `libk5crypto3` _1.18.3-4 `libkrb5-3` _1.18.3-4 `libkrb5support0` _1.18.3-4		1
CVE-2019-20838	high	`7.5`	`libpcre3` _{2:8.39-13build3}		1
CVE-2019-9923	high	`7.5`	`tar` _{1.34+dfsg-1build1}		1
CVE-2018-5709	high	`7.5`	`krb5-locales` _1.18.3-4 `libgssapi-krb5-2` _1.18.3-4 `libk5crypto3` _1.18.3-4 `libkrb5-3` _1.18.3-4 `libkrb5support0` _1.18.3-4		1
CVE-2017-11164	high	`7.5`	`libpcre3` _{2:8.39-13build3}		1
Image `atomist/skill`
CVE-2021-41720	critical	`9.8`	`lodash` _4.17.21		34
CVE-2021-29940	critical	`9.8`	`through` _2.3.8		15
CVE-2021-42008	high	`7.8`	`linux-libc-dev` _{5.11.0-37.41 > 5.11.0-38.42}	`x`	15
CVE-2021-41864	high	`7.8`	`linux-libc-dev` _5.11.0-37.41		15
CVE-2021-41617	high	`7`	`openssh-client` _{1:8.4p1-5ubuntu1.1} `openssh-client` _{1:8.4p1-5ubuntu1.1}		15 6
CVE-2021-40490	high	`7`	`linux-libc-dev` _{5.11.0-37.41 > 5.11.0-38.42}	`x`	15
CVE-2021-38166	high	`7.8`	`linux-libc-dev` _{5.11.0-37.41 > 5.11.0-38.42}	`x`	15
CVE-2021-36222	high	`7.5`	`krb5-locales` _1.18.3-4 `libgssapi-krb5-2` _1.18.3-4 `libk5crypto3` _1.18.3-4 `libkrb5-3` _1.18.3-4 `libkrb5support0` _1.18.3-4		15
CVE-2021-32078	high	`7.1`	`linux-libc-dev` _5.11.0-37.41		15
CVE-2021-26934	high	`7.8`	`linux-libc-dev` _5.11.0-37.41		15
CVE-2021-3807	high	`7.5`	`ansi-regex` _{3.0.0 > 5.0.1} `ansi-regex` _{4.1.0 > 5.0.1}	`x`	15
CVE-2021-3530	high	`7.5`	`binutils` _{2.36.1-6ubuntu1} `binutils-common` _{2.36.1-6ubuntu1} `binutils-x86-64-linux-gnu` _{2.36.1-6ubuntu1} `libbinutils` _{2.36.1-6ubuntu1} `libctf-nobfd0` _{2.36.1-6ubuntu1} `libctf0` _{2.36.1-6ubuntu1}		15
CVE-2020-11725	high	`7.8`	`linux-libc-dev` _5.11.0-37.41		15
CVE-2020-9991	high	`7.5`	`libsqlite3-0` _3.34.1-3 `libsqlite3-0` _3.34.1-3		15 6
CVE-2020-9794	high	`8.1`	`libsqlite3-0` _3.34.1-3 `libsqlite3-0` _3.34.1-3		15 6
CVE-2020-8116	high	`7.3`	`dot-prop` _4.2.1		15
CVE-2019-20838	high	`7.5`	`libpcre3` _{2:8.39-13build3}		15
CVE-2019-19814	high	`7.8`	`linux-libc-dev` _5.11.0-37.41		15
CVE-2019-19378	high	`7.8`	`linux-libc-dev` _5.11.0-37.41		15
CVE-2019-14899	high	`7.4`	`linux-libc-dev` _5.11.0-37.41		15
CVE-2019-9923	high	`7.5`	`tar` _{1.34+dfsg-1build1}		15
CVE-2018-1000021	high	`8.8`	`git` _{1:2.30.2-1ubuntu1} `git` _{1:2.30.2-1ubuntu1} `git-man` _{1:2.30.2-1ubuntu1} `git-man` _{1:2.30.2-1ubuntu1}		15 6 15 6
CVE-2018-20657	high	`7.5`	`binutils` _{2.36.1-6ubuntu1} `binutils-common` _{2.36.1-6ubuntu1} `binutils-x86-64-linux-gnu` _{2.36.1-6ubuntu1} `libbinutils` _{2.36.1-6ubuntu1} `libctf-nobfd0` _{2.36.1-6ubuntu1} `libctf0` _{2.36.1-6ubuntu1}		15
CVE-2018-12931	high	`7.8`	`linux-libc-dev` _5.11.0-37.41		15
CVE-2018-12930	high	`7.8`	`linux-libc-dev` _5.11.0-37.41		15
CVE-2018-6952	high	`7.5`	`patch` _2.7.6-7 `patch` _2.7.6-7		15 6
CVE-2018-5709	high	`7.5`	`krb5-locales` _1.18.3-4 `libgssapi-krb5-2` _1.18.3-4 `libk5crypto3` _1.18.3-4 `libkrb5-3` _1.18.3-4 `libkrb5support0` _1.18.3-4		15
CVE-2017-13165	high	`7.8`	`linux-libc-dev` _5.11.0-37.41		15
CVE-2017-11164	high	`7.5`	`libpcre3` _{2:8.39-13build3}		15
CVE-2015-0903	high	`7.5`	`editor` _1.0.0		15
CVE-2014-1936	high	`7.5`	`rc` _1.2.8		34
CVE-2013-7445	high	`7.8`	`linux-libc-dev` _5.11.0-37.41		15

Details

_{Commit 105fe401f63634e6a749d55e716a097bd0f0e5ed

Image atomist/skill

Tag node14

Digest sha256:2c98a06ec9cc2504c1d93ea519cbe01f2aae30771c37e7fe8fa92e450b03db98

Scanned November 2, 2021, 12:02 AM UTC}

atomist-skills / skill-base

Vulnerability update in atomist/skill (branch main) #55

New vulnerabilities