search

sommerfeld-io / website

Website www.sommerfeld.io
https://www.sommerfeld.io
Other
0 stars 0 forks source link

Bump node from 22.6.0-alpine3.19 to 22.7.0-alpine3.19 #137

Closed dependabot[bot] closed 3 weeks ago

dependabot[bot] commented 3 weeks ago

Bumps node from 22.6.0-alpine3.19 to 22.7.0-alpine3.19.

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
github-actions[bot] commented 3 weeks ago

Overview

Image reference sommerfeldio/website:latest sommerfeldio/website:rc
- digest c639c00567e0 03d0920e47eb
- tag latest rc
- provenance https://github.com/sommerfeld-io/website/commit/d2e93bda89bc9c43028164f8174042ad2ff89ecd https://github.com/sommerfeld-io/website/commit/f10c3e4a2deee734a02b31399a3d0c172b6cb39c
- vulnerabilities critical: 1 high: 5 medium: 11 low: 2 unspecified: 5 critical: 1 high: 3 medium: 7 low: 2 unspecified: 3
- platform linux/amd64 linux/amd64
- size 42 MB 34 MB (-8.6 MB)
- packages 52 39 (-13)
Base Image httpd:2-alpine
also known as:
2.4-alpine
alpine		 httpd:2-alpine
also known as:
2.4-alpine
alpine
- vulnerabilities critical: 1 high: 5 medium: 11 low: 2 unspecified: 5 critical: 1 high: 3 medium: 7 low: 2 unspecified: 3
Environment Variables (2 changes) > * `±` 2 changed > * _3 unchanged_ ```diff HTTPD_PATCHES= HTTPD_PREFIX=/usr/local/apache2 -HTTPD_SHA256=fa16d72a078210a54c47dd5bef2f8b9b8a01d94909a51453956b3ec6442ea4c5 +HTTPD_SHA256=ec51501ec480284ff52f637258135d333230a7d229c3afa6f6c2f9040e321323 -HTTPD_VERSION=2.4.58 +HTTPD_VERSION=2.4.59 PATH=/usr/local/apache2/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin ```
Labels (4 changes) > * `±` 4 changed > * _5 unchanged_ ```diff maintainer=sebastian@sommerfeld.io -org.opencontainers.image.created=2023-12-28T14:46:03.798Z +org.opencontainers.image.created=2024-08-19T03:18:23.197Z org.opencontainers.image.description=Website www.sommerfeld.io -org.opencontainers.image.licenses= +org.opencontainers.image.licenses=NOASSERTION -org.opencontainers.image.revision=d2e93bda89bc9c43028164f8174042ad2ff89ecd +org.opencontainers.image.revision= org.opencontainers.image.source=https://github.com/sommerfeld-io/website org.opencontainers.image.title=website org.opencontainers.image.url=https://github.com/sommerfeld-io/website -org.opencontainers.image.version=main +org.opencontainers.image.version=nightly ```
Packages and Vulnerabilities (22 package changes and 8 vulnerability changes) > * :heavy_minus_sign: 13 packages removed > * :infinity: 9 packages changed > * 30 packages unchanged > * :heavy_check_mark: 8 vulnerabilities removed
Changes for packages of type apk (21 changes)
Package Version
sommerfeldio/website:latest		 Version
sommerfeldio/website:rc
:infinity: .httpd-so-deps 20231213.194916 20240405.175259
:heavy_minus_sign: brotli 1.1.0-r1
:heavy_minus_sign: bzip2 1.0.8-r6
:infinity: c-ares 1.22.1-r0 1.27.0-r0
critical: 0 high: 0 medium: 1 low: 0
Removed vulnerabilities (1):
  • medium : CVE--2024--25629
:infinity: ca-certificates 20230506-r0 20240226-r0
:heavy_minus_sign: curl 8.5.0-r0
critical: 0 high: 2 medium: 2 low: 2 unspecified: 1
Removed vulnerabilities (7):
  • high : CVE--2024--2398
  • high : CVE--2024--6197
  • medium : CVE--2024--2466
  • medium : CVE--2024--0853
  • low : CVE--2024--2004
  • low : CVE--2024--6874
  • unspecified : CVE--2024--2379
:heavy_minus_sign: cyrus-sasl 2.1.28-r5
:heavy_minus_sign: expat 2.5.0-r2
critical: 0 high: 1 medium: 1 low: 0 unspecified: 1
Removed vulnerabilities (3):
  • high : CVE--2023--52425
  • medium : CVE--2023--52426
  • unspecified : CVE--2024--28757
:heavy_minus_sign: libc-dev 0.7.2-r5
:infinity: libcrypto3 3.1.4-r2 3.1.4-r5
:infinity: libexpat 2.5.0-r2 2.6.2-r0
:infinity: libssl3 3.1.4-r2 3.1.4-r5
critical: 1 high: 0 medium: 1 low: 0 unspecified: 2
Added vulnerabilities (4):
  • critical : CVE--2024--5535
  • medium : CVE--2024--4603
  • unspecified : CVE--2024--4741
  • unspecified : CVE--2024--2511
:infinity: libxml2 2.11.6-r0 2.11.7-r0
critical: 0 high: 2 medium: 0 low: 0 critical: 0 high: 1 medium: 0 low: 0
Removed vulnerabilities (1):
  • high : CVE--2024--25062
:heavy_minus_sign: lua5.1 5.1.5-r13
:heavy_minus_sign: nghttp2 1.58.0-r0
:heavy_minus_sign: openldap 2.6.6-r1
:heavy_minus_sign: openssl 3.1.4-r2
critical: 1 high: 0 medium: 3 low: 0 unspecified: 3
Removed vulnerabilities (7):
  • critical : CVE--2024--5535
  • medium : CVE--2023--6129
  • medium : CVE--2024--0727
  • medium : CVE--2024--4603
  • unspecified : CVE--2024--4741
  • unspecified : CVE--2024--2511
  • unspecified : CVE--2023--6237
:heavy_minus_sign: pax-utils 1.3.7-r2
:heavy_minus_sign: util-linux 2.39.3-r0
:heavy_minus_sign: xz 5.4.5-r0
:infinity: zlib 1.3-r2 1.3.1-r0
Changes for packages of type generic (1 changes)
Package Version
sommerfeldio/website:latest		 Version
sommerfeldio/website:rc
:infinity: httpd 2.4.58 2.4.59
github-actions[bot] commented 3 weeks ago

:mag: Vulnerabilities of sommerfeldio/website:rc

:package: Image Reference sommerfeldio/website:rc
digestsha256:03d0920e47eba7a94e5f5bf77e988dccf27f8ebce0e7050c42cb8f0b7e12c8c0
vulnerabilitiescritical: 1 high: 3 medium: 7 low: 2 unspecified: 3
size34 MB
packages39
:package: Base Image httpd:2-alpine
also known as
  • 2-alpine3.19
  • 2.4-alpine
  • 2.4-alpine3.19
  • 2.4.59-alpine
  • 2.4.59-alpine3.19
  • alpine
  • alpine3.19
digestsha256:b48b48dcfff1407638908b8a1782480df0ad8bac7f5fc579496357864f97e60c
vulnerabilitiescritical: 1 high: 3 medium: 7 low: 2 unspecified: 3
critical: 1 high: 0 medium: 1 low: 0 unspecified: 2libssl3 3.1.4-r5 (apk) pkg:apk/alpine/libssl3@3.1.4-r5?arch=x86_64&upstream=openssl&distro=alpine-3.19.1
```dockerfile # Dockerfile (91:91) COPY --from=build-antora-site /tmp/antora/sommerfeld-io/public /usr/local/apache2/htdocs/docs ```
critical : CVE--2024--5535
Affected range<3.1.6-r0
Fixed version3.1.6-r0
EPSS Score0.04%
EPSS Percentile14th percentile
Description
medium : CVE--2024--4603
Affected range<3.1.5-r0
Fixed version3.1.5-r0
EPSS Score0.04%
EPSS Percentile11th percentile
Description
unspecified : CVE--2024--4741
Affected range<3.1.6-r0
Fixed version3.1.6-r0
Description
unspecified : CVE--2024--2511
Affected range<3.1.4-r6
Fixed version3.1.4-r6
EPSS Score0.04%
EPSS Percentile11th percentile
Description
critical: 0 high: 2 medium: 2 low: 2 unspecified: 1libcurl 8.5.0-r0 (apk) pkg:apk/alpine/libcurl@8.5.0-r0?arch=x86_64&upstream=curl&distro=alpine-3.19.1
```dockerfile # Dockerfile (91:91) COPY --from=build-antora-site /tmp/antora/sommerfeld-io/public /usr/local/apache2/htdocs/docs ```
high : CVE--2024--2398
Affected range<8.7.1-r0
Fixed version8.7.1-r0
EPSS Score0.05%
EPSS Percentile18th percentile
Description
high : CVE--2024--6197
Affected range<8.9.0-r0
Fixed version8.9.0-r0
EPSS Score0.04%
EPSS Percentile16th percentile
Description
medium : CVE--2024--2466
Affected range<8.7.1-r0
Fixed version8.7.1-r0
EPSS Score0.04%
EPSS Percentile14th percentile
Description
medium : CVE--2024--0853
Affected range<8.6.0-r0
Fixed versionNot Fixed
EPSS Score0.06%
EPSS Percentile25th percentile
Description
low : CVE--2024--2004
Affected range<8.7.1-r0
Fixed version8.7.1-r0
EPSS Score0.05%
EPSS Percentile18th percentile
Description
low : CVE--2024--6874
Affected range<8.9.0-r0
Fixed version8.9.0-r0
EPSS Score0.04%
EPSS Percentile16th percentile
Description
unspecified : CVE--2024--2379
Affected range<8.7.1-r0
Fixed version8.7.1-r0
EPSS Score0.04%
EPSS Percentile14th percentile
Description
critical: 0 high: 1 medium: 0 low: 0 libxml2 2.11.7-r0 (apk) pkg:apk/alpine/libxml2@2.11.7-r0?arch=x86_64&distro=alpine-3.19.1
```dockerfile # Dockerfile (91:91) COPY --from=build-antora-site /tmp/antora/sommerfeld-io/public /usr/local/apache2/htdocs/docs ```
high : CVE--2024--34459
Affected range<2.11.8-r0
Fixed version2.11.8-r0
EPSS Score0.04%
EPSS Percentile11th percentile
Description
critical: 0 high: 0 medium: 4 low: 0 ssl_client 1.36.1-r15 (apk) pkg:apk/alpine/ssl_client@1.36.1-r15?arch=x86_64&upstream=busybox&distro=alpine-3.19.1
```dockerfile # Dockerfile (91:91) COPY --from=build-antora-site /tmp/antora/sommerfeld-io/public /usr/local/apache2/htdocs/docs ```
medium : CVE--2023--42366
Affected range<1.36.1-r16
Fixed version1.36.1-r16
EPSS Score0.04%
EPSS Percentile13th percentile
Description
medium : CVE--2023--42365
Affected range<1.36.1-r19
Fixed version1.36.1-r19
EPSS Score0.04%
EPSS Percentile13th percentile
Description
medium : CVE--2023--42364
Affected range<1.36.1-r19
Fixed version1.36.1-r19
EPSS Score0.04%
EPSS Percentile13th percentile
Description
medium : CVE--2023--42363
Affected range<1.36.1-r17
Fixed version1.36.1-r17
EPSS Score0.04%
EPSS Percentile13th percentile
Description