Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-04-21 13:37:30 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 91

Add note around linux trivy (#39100)

Browse source
This commit is contained in:
Lucas Manuel Rodriguez 2026-02-04 06:56:32 -03:00 committed by GitHub
parent 8e07f166d8
commit 23e0b8054e
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
security/README.md
View file

@ -120,3 +120,7 @@ Following is the process to run when a `CRITICAL` CVE affects the released `flee
1. After `security/status.md` is updated, notify users/customers about the CVE in the `fleetdm/fleetctl` image and possible remediations.
2. Create a Github issue with a `P0`/`security` label to track the fix.
3. The fix will be released on the next release of the `fleetdm/fleetctl` docker image.
## Troubleshooting
- The `trivy` command/executable can have some differences in CVEs reported when executing `trivy image` on a macOS host vs a Linux host. Mostly the difference seems to be in vulnerabilities found by the `gobinary` tool on `fleet` or `fleetctl` executables within the docker images. Thus, when in doubt, run trivy on a Ubuntu host to match CI which runs on `ubuntu-*` Github runners.