jupyterhub / zero-to-jupyterhub-k8s

Helm Chart & Documentation for deploying JupyterHub on Kubernetes
https://zero-to-jupyterhub.readthedocs.io
Other
1.56k stars 799 forks source link

Vulnerability patch in singleuser-sample #3500

Closed jupyterhub-bot closed 2 months ago

jupyterhub-bot commented 2 months ago

A rebuild of quay.io/jupyterhub/k8s-singleuser-sample has been found to influence the detected vulnerabilities! This PR will trigger a rebuild because it has updated a comment in the Dockerfile.

About

This scan for known vulnerabilities has been made by aquasecurity/trivy. Trivy was configured to filter the vulnerabilities with the following settings:

Before

Before trying to rebuild the image, the following vulnerabilities was detected in quay.io/jupyterhub/k8s-singleuser-sample:4.0.0-0.dev.git.6718.h3cc472d7.

Target Vuln. ID Package Name Installed v. Fixed v.
debian CVE-2023-25652 git 1:2.39.2-1.1 1:2.39.5-0+deb12u1
debian CVE-2023-25652 git-man 1:2.39.2-1.1 1:2.39.5-0+deb12u1
debian CVE-2023-25815 git 1:2.39.2-1.1 1:2.39.5-0+deb12u1
debian CVE-2023-25815 git-man 1:2.39.2-1.1 1:2.39.5-0+deb12u1
debian CVE-2023-29007 git 1:2.39.2-1.1 1:2.39.5-0+deb12u1
debian CVE-2023-29007 git-man 1:2.39.2-1.1 1:2.39.5-0+deb12u1
debian CVE-2024-32002 git 1:2.39.2-1.1 1:2.39.5-0+deb12u1
debian CVE-2024-32002 git-man 1:2.39.2-1.1 1:2.39.5-0+deb12u1
debian CVE-2024-32004 git 1:2.39.2-1.1 1:2.39.5-0+deb12u1
debian CVE-2024-32004 git-man 1:2.39.2-1.1 1:2.39.5-0+deb12u1
debian CVE-2024-32020 git 1:2.39.2-1.1 1:2.39.5-0+deb12u1
debian CVE-2024-32020 git-man 1:2.39.2-1.1 1:2.39.5-0+deb12u1
debian CVE-2024-32021 git 1:2.39.2-1.1 1:2.39.5-0+deb12u1
debian CVE-2024-32021 git-man 1:2.39.2-1.1 1:2.39.5-0+deb12u1
debian CVE-2024-32465 git 1:2.39.2-1.1 1:2.39.5-0+deb12u1
debian CVE-2024-32465 git-man 1:2.39.2-1.1 1:2.39.5-0+deb12u1
node-pkg CVE-2024-38999 requirejs 2.3.6 2.3.7

After

Target Vuln. ID Package Name Installed v. Fixed v.
node-pkg CVE-2024-38999 requirejs 2.3.6 2.3.7