search

gocd / docker-gocd-agent

GoCD Agent Docker image
https://hub.docker.com/r/gocd/
47 stars 37 forks source link

Upgrade git to 2.17.1 for CVE 2018-11234 and CVE 2018-11235 #62

Closed zhangyuan closed 5 years ago

zhangyuan commented 6 years ago

Currently the docker image is using an old version of git as follows:

root@localhost:~# docker run gocd/gocd-agent-centos-7:v18.5.0 git --version
$ exec git --version
git version 1.8.3.1

see https://www.edwardthomson.com/blog/upgrading_git_for_cve2018_11235.html

Please upgrade git. Thanks.

arvindsv commented 5 years ago

Checked on 18.10 and it's not vulnerable to this. So, closing:

$ docker run -it --rm=true gocd/gocd-agent-centos-7:v18.10.0 bash
$ exec bash
[root@09ba39fc3e94 /]# (git init test &&   cd test &&   git update-index --add --cacheinfo 120000 e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 .gitmodules)
Initialized empty Git repository in /test/.git/
error: Invalid path '.gitmodules'
fatal: git update-index: --cacheinfo cannot add .gitmodules

That check is from https://www.edwardthomson.com/blog/upgrading_git_for_cve2018_11235.html