fleet

mirror of https://github.com/fleetdm/fleet synced 2026-04-21 13:37:30 +00:00

History

Lucas Manuel Rodriguez ae00add76e Update alpine to patch vulnerability with severity "HIGH" (#26593 ) The vulnerability was posted by a prospect. Posting manual command until we get #25902 done. ```sh trivy image --ignore-unfixed --pkg-types os,library --severity CRITICAL,HIGH --show-suppressed fleetdm/fleet:v4.64.1 [...] fleetdm/fleet:v4.64.1 (alpine 3.21.0) Total: 2 (HIGH: 2, CRITICAL: 0) ┌────────────┬────────────────┬──────────┬────────┬───────────────────┬───────────────┬──────────────────────────────────────────────────────────┐ │ Library │ Vulnerability │ Severity │ Status │ Installed Version │ Fixed Version │ Title │ ├────────────┼────────────────┼──────────┼────────┼───────────────────┼───────────────┼──────────────────────────────────────────────────────────┤ │ libcrypto3 │ CVE-2024-12797 │ HIGH │ fixed │ 3.3.2-r4 │ 3.3.3-r0 │ openssl: RFC7250 handshakes with unauthenticated servers │ │ │ │ │ │ │ │ don't abort as expected │ │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2024-12797 │ ├────────────┤ │ │ │ │ │ │ │ libssl3 │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ └────────────┴────────────────┴──────────┴────────┴───────────────────┴───────────────┴──────────────────────────────────────────────────────────┘ ```		2025-02-25 18:33:24 -03:00
..
dogfood/terraform	Terraform cleanup (#26379 )	2025-02-24 17:35:50 -05:00
guardduty	Adding changes for Fleet v4.62.2 (#25564 )	2025-01-17 14:55:09 -06:00
infrastructure	Adding changes for Fleet v4.62.2 (#25564 )	2025-01-17 14:55:09 -06:00
loadtesting/terraform	Update alpine to patch vulnerability with severity "HIGH" (#26593 )	2025-02-25 18:33:24 -03:00
render	Fix sentence case (#21077 )	2024-08-06 00:16:33 -05:00