search

datarhei / core

datarhei Core is management for FFmpeg processes without development effort. Whether your streaming has one viewer or a million, we have the tools to help you develop, deploy and manage any video project at any stage. We've solved the challenging problems so you can focus on your application, not your infrastructure.
https://docs.datarhei.com/core
Apache License 2.0
180 stars 41 forks source link

[Snyk] Security upgrade ubuntu from trusty to trusty-20190515 #14

Closed jstabenow closed 4 months ago

jstabenow commented 1 year ago

This PR was automatically created by Snyk using the credentials of a real user.


Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image. #### Changes included in this PR - vendor/golang.org/x/net/http2/Dockerfile We recommend upgrading to `ubuntu:trusty-20190515`, as this image has only 292 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected. Some of the most important vulnerabilities in your base image include: | Severity | Priority Score / 1000 | Issue | Exploit Maturity | | :------: | :-------------------- | :---- | :--------------- | | ![high severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png "high severity") | **614** | NULL Pointer Dereference
[SNYK-UBUNTU1404-OPENSSL-1049144](https://snyk.io/vuln/SNYK-UBUNTU1404-OPENSSL-1049144) | No Known Exploit | | ![high severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png "high severity") | **614** | Access of Resource Using Incompatible Type ('Type Confusion')
[SNYK-UBUNTU1404-OPENSSL-3314800](https://snyk.io/vuln/SNYK-UBUNTU1404-OPENSSL-3314800) | No Known Exploit | | ![high severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png "high severity") | **829** | Off-by-one Error
[SNYK-UBUNTU1404-SUDO-1065770](https://snyk.io/vuln/SNYK-UBUNTU1404-SUDO-1065770) | Mature | | ![medium severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png "medium severity") | **686** | Improper Privilege Management
[SNYK-UBUNTU1404-SUDO-3234995](https://snyk.io/vuln/SNYK-UBUNTU1404-SUDO-3234995) | Mature | | ![medium severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png "medium severity") | **686** | Improper Handling of Exceptional Conditions
[SNYK-UBUNTU1404-SUDO-473059](https://snyk.io/vuln/SNYK-UBUNTU1404-SUDO-473059) | Mature | --- **Note:** _You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs._ For more information: 🧐 [View latest project report](https://app.snyk.io/org/j.stabenow/project/fb4e49be-acf1-48c9-871c-35bbfa6b63e9?utm_source=github&utm_medium=referral&page=fix-pr) 🛠 [Adjust project settings](https://app.snyk.io/org/j.stabenow/project/fb4e49be-acf1-48c9-871c-35bbfa6b63e9?utm_source=github&utm_medium=referral&page=fix-pr/settings) [//]: # 'snyk:metadata:{"prId":"45d2c36b-54b0-47f1-8b2c-4888d5b5fb1c","prPublicId":"45d2c36b-54b0-47f1-8b2c-4888d5b5fb1c","dependencies":[{"name":"ubuntu","from":"trusty","to":"trusty-20190515"}],"packageManager":"dockerfile","projectPublicId":"fb4e49be-acf1-48c9-871c-35bbfa6b63e9","projectUrl":"https://app.snyk.io/org/j.stabenow/project/fb4e49be-acf1-48c9-871c-35bbfa6b63e9?utm_source=github&utm_medium=referral&page=fix-pr","type":"auto","patch":[],"vulns":["SNYK-UBUNTU1404-SUDO-1065770","SNYK-UBUNTU1404-SUDO-3234995","SNYK-UBUNTU1404-SUDO-473059","SNYK-UBUNTU1404-OPENSSL-3314800","SNYK-UBUNTU1404-OPENSSL-1049144"],"upgrade":["SNYK-UBUNTU1404-OPENSSL-1049144","SNYK-UBUNTU1404-OPENSSL-3314800","SNYK-UBUNTU1404-SUDO-1065770","SNYK-UBUNTU1404-SUDO-3234995","SNYK-UBUNTU1404-SUDO-473059"],"isBreakingChange":false,"env":"prod","prType":"fix","templateVariants":["updated-fix-title","priorityScore"],"priorityScoreList":[829,686,686,614,614],"remediationStrategy":"vuln"}' --- **Learn how to fix vulnerabilities with free interactive lessons:** 🦉 [Improper Privilege Management](https://learn.snyk.io/lessons/insecure-design/javascript/?loc=fix-pr) 🦉 [NULL Pointer Dereference](https://learn.snyk.io/lessons/null-dereference/cpp/?loc=fix-pr)
codecov-commenter commented 1 year ago

Codecov Report

Patch coverage has no change and project coverage change: -0.05 :warning:

Comparison is base (6046bc3) 59.34% compared to head (9d309fd) 59.29%.

:exclamation: Your organization is not using the GitHub App Integration. As a result you may experience degraded service beginning May 15th. Please install the Github App Integration for your organization. Read more.

Additional details and impacted files ```diff @@ Coverage Diff @@ ## main #14 +/- ## ========================================== - Coverage 59.34% 59.29% -0.05% ========================================== Files 79 79 Lines 12007 12007 ========================================== - Hits 7126 7120 -6 - Misses 4487 4493 +6 Partials 394 394 ``` | Flag | Coverage Δ | | |---|---|---| | unit-linux | `59.29% <ø> (-0.05%)` | :arrow_down: | Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=datarhei#carryforward-flags-in-the-pull-request-comment) to find out more. [see 1 file with indirect coverage changes](https://app.codecov.io/gh/datarhei/core/pull/14/indirect-changes?src=pr&el=tree-more&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=datarhei)

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Do you have feedback about the report comment? Let us know in this issue.