Closed kschoche closed 8 months ago
Resolves recent openssl CVEs:
## Packages and Vulnerabilities 0C 0H 1M 0L 2? openssl 3.1.4-r2 pkg:apk/alpine/openssl@3.1.4-r2?os_name=alpine&os_version=3.19 ✗ MEDIUM CVE-2023-6129 https://scout.docker.com/v/CVE-2023-6129?s=alpine&n=openssl&ns=alpine&t=apk&osn=alpine&osv=3.19&vr=%3C3.1.4-r3 Affected range : <3.1.4-r3 Fixed version : 3.1.4-r3 ✗ UNSPECIFIED CVE-2024-0727 https://scout.docker.com/v/CVE-2024-0727?s=alpine&n=openssl&ns=alpine&t=apk&osn=alpine&osv=3.19&vr=%3C3.1.4-r5 Affected range : <3.1.4-r5 Fixed version : 3.1.4-r5 ✗ UNSPECIFIED CVE-2023-6237 https://scout.docker.com/v/CVE-2023-6237?s=alpine&n=openssl&ns=alpine&t=apk&osn=alpine&osv=3.19&vr=%3C3.1.4-r4 Affected range : <3.1.4-r4 Fixed version : 3.1.4-r4 3 vulnerabilities found in 1 package UNSPECIFIED 2 LOW 0 MEDIUM 1 HIGH 0 CRITICAL 0
Looks like there's also a dependabot PR for this too: #586
Did not see that, I'll close it then, thanks!
Resolves recent openssl CVEs: