Closed red-hat-konflux[bot] closed 1 month ago
All modified and coverable lines are covered by tests :white_check_mark:
Project coverage is 80.44%. Comparing base (
d29fed5
) to head (b4c778e
).
It's failing the ec check because there are three high severity CVEs considered fixed by Clair.
Vulnerabilities found: glibc-minimal-langpack-2.34-83.el9_3.12 (RHSA-2024:3339: glibc security update (Important)), glibc-2.34-83.el9_3.12 (RHSA-2024:3339: glibc security update (Important)), glibc-common-2.34-83.el9_3.12 (RHSA-2024:3339: glibc security update (Important))
I'm assuming they're coming from a base image.
Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.
You can manually request rebase by checking the rebase/retry box above.
⚠ Warning: custom changes will be lost.
With updated base images it's still failing.. :thinking:
This shows newer package than the one listed as vulnerable:
podman run --rm -it --entrypoint /bin/bash registry.access.redhat.com/ubi9/go-toolset:1.21@sha256:f001ad1001a22fe5f6fc7d876fc172b01c1b7dcd6c498f83a07b425e24275a79 -c "dnf repoquery glibc-common"
...
glibc-common-0:2.34-100.el9_4.2.x86_64
podman run --rm -it --entrypoint /bin/bash registry.access.redhat.com/ubi9/ubi-minimal:9.4@sha256:2636170dc55a0931d013014a72ae26c0c2521d4b61a28354b3e2e5369fa335a3 -c "microdnf repoquery glibc-common"
...
glibc-common-2.34-100.el9_4.2.x86_64
:shrug:
This PR contains the following updates:
7cd8020
->b8d5071
729ed7f
->ae1249a
686109b
->b23c7a9
To execute skipped test pipelines write comment
/ok-to-test